Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-12816 (GCVE-0-2025-12816)
Vulnerability from cvelistv5 – Published: 2025-11-25 19:15 – Updated: 2025-11-25 21:04
VLAI?
EPSS
Title
CVE-2025-12816
Summary
An interpretation-conflict (CWE-436) vulnerability in node-forge versions 1.3.1 and earlier enables unauthenticated attackers to craft ASN.1 structures to desynchronize schema validations, yielding a semantic divergence that may bypass downstream cryptographic verifications and security decisions.
Severity ?
No CVSS data available.
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Digital Bazaar | node-forge |
Affected:
0 , ≤ 1.3.1
(semver)
|
|||||||
|
|||||||||
Credits
This issue was reported by Hunter Wodzenski of Palo Alto Networks
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-12816",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-25T20:21:37.225634Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-436",
"description": "CWE-436 Interpretation Conflict",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-25T20:24:22.734Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-25T21:04:09.432Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://www.kb.cert.org/vuls/id/521113"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "node-forge",
"vendor": "Digital Bazaar",
"versions": [
{
"lessThanOrEqual": "1.3.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
},
{
"product": "forge",
"vendor": "Digital Bazaar",
"versions": [
{
"lessThanOrEqual": "1.3.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "This issue was reported by Hunter Wodzenski of Palo Alto Networks"
}
],
"descriptions": [
{
"lang": "en",
"value": "An interpretation-conflict (CWE-436) vulnerability in node-forge versions 1.3.1 and earlier enables unauthenticated attackers to craft ASN.1 structures to desynchronize schema validations, yielding a semantic divergence that may bypass downstream cryptographic verifications and security decisions."
}
],
"metrics": [
{
"other": {
"content": {
"schemaVersion": "2.0.0",
"selections": [
{
"definition": "The present state of exploitation of the vulnerability.",
"key": "E",
"name": "Exploitation",
"namespace": "ssvc",
"values": [
{
"key": "P",
"name": "Public PoC"
}
],
"version": "1.1.0"
},
{
"definition": "Can an attacker reliably automate creating exploitation events for this vulnerability?",
"key": "A",
"name": "Automatable",
"namespace": "ssvc",
"values": [
{
"key": "N",
"name": "No"
}
],
"version": "2.0.0"
},
{
"definition": "The technical impact of the vulnerability.",
"key": "TI",
"name": "Technical Impact",
"namespace": "ssvc",
"values": [
{
"key": "P",
"name": "Partial"
}
],
"version": "1.0.0"
}
],
"timestamp": "2025-11-07T15:47:01.238Z"
},
"type": "ssvcV2_0_0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-436 Interpretation Conflict",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-25T19:29:31.487Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"url": "https://www.npmjs.com/package/node-forge"
},
{
"url": "https://github.com/digitalbazaar/forge/pull/1124"
},
{
"url": "https://github.com/digitalbazaar/forge"
},
{
"name": "CERT/CC Vulnerability Notice",
"tags": [
"third-party-advisory"
],
"url": "https://kb.cert.org/vuls/id/521113"
},
{
"name": "Github Security Advisory",
"tags": [
"third-party-advisory"
],
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5gfm-wpxj-wjgq"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "CVE-2025-12816",
"x_generator": {
"engine": "VINCE 3.0.29",
"env": "prod",
"origin": "https://cveawg.mitre.org/api/cve/CVE-2025-12816"
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2025-12816",
"datePublished": "2025-11-25T19:15:50.243Z",
"dateReserved": "2025-11-06T17:11:38.255Z",
"dateUpdated": "2025-11-25T21:04:09.432Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2025-12816",
"date": "2026-05-07",
"epss": "0.00083",
"percentile": "0.23962"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2025-12816\",\"sourceIdentifier\":\"cret@cert.org\",\"published\":\"2025-11-25T20:15:58.870\",\"lastModified\":\"2026-01-02T19:02:08.980\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An interpretation-conflict (CWE-436) vulnerability in node-forge versions 1.3.1 and earlier enables unauthenticated attackers to craft ASN.1 structures to desynchronize schema validations, yielding a semantic divergence that may bypass downstream cryptographic verifications and security decisions.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N\",\"baseScore\":8.6,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":4.0}]},\"weaknesses\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-436\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:digitalbazaar:forge:*:*:*:*:*:node.js:*:*\",\"versionEndIncluding\":\"1.3.1\",\"matchCriteriaId\":\"F1BD404D-0F0B-495C-A5FF-F684D208E44D\"}]}]}],\"references\":[{\"url\":\"https://github.com/digitalbazaar/forge\",\"source\":\"cret@cert.org\",\"tags\":[\"Product\"]},{\"url\":\"https://github.com/digitalbazaar/forge/pull/1124\",\"source\":\"cret@cert.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/digitalbazaar/forge/security/advisories/GHSA-5gfm-wpxj-wjgq\",\"source\":\"cret@cert.org\",\"tags\":[\"Exploit\",\"Vendor Advisory\"]},{\"url\":\"https://kb.cert.org/vuls/id/521113\",\"source\":\"cret@cert.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.npmjs.com/package/node-forge\",\"source\":\"cret@cert.org\",\"tags\":[\"Product\"]},{\"url\":\"https://www.kb.cert.org/vuls/id/521113\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.kb.cert.org/vuls/id/521113\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2025-11-25T21:04:09.432Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 8.6, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-12816\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-11-25T20:21:37.225634Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-436\", \"description\": \"CWE-436 Interpretation Conflict\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-11-25T20:23:29.293Z\"}}], \"cna\": {\"title\": \"CVE-2025-12816\", \"source\": {\"discovery\": \"EXTERNAL\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"This issue was reported by Hunter Wodzenski of Palo Alto Networks\"}], \"metrics\": [{\"other\": {\"type\": \"ssvcV2_0_0\", \"content\": {\"timestamp\": \"2025-11-07T15:47:01.238Z\", \"selections\": [{\"key\": \"E\", \"name\": \"Exploitation\", \"values\": [{\"key\": \"P\", \"name\": \"Public PoC\"}], \"version\": \"1.1.0\", \"namespace\": \"ssvc\", \"definition\": \"The present state of exploitation of the vulnerability.\"}, {\"key\": \"A\", \"name\": \"Automatable\", \"values\": [{\"key\": \"N\", \"name\": \"No\"}], \"version\": \"2.0.0\", \"namespace\": \"ssvc\", \"definition\": \"Can an attacker reliably automate creating exploitation events for this vulnerability?\"}, {\"key\": \"TI\", \"name\": \"Technical Impact\", \"values\": [{\"key\": \"P\", \"name\": \"Partial\"}], \"version\": \"1.0.0\", \"namespace\": \"ssvc\", \"definition\": \"The technical impact of the vulnerability.\"}], \"schemaVersion\": \"2.0.0\"}}}], \"affected\": [{\"vendor\": \"Digital Bazaar\", \"product\": \"node-forge\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"1.3.1\"}]}, {\"vendor\": \"Digital Bazaar\", \"product\": \"forge\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"1.3.1\"}]}], \"references\": [{\"url\": \"https://www.npmjs.com/package/node-forge\"}, {\"url\": \"https://github.com/digitalbazaar/forge/pull/1124\"}, {\"url\": \"https://github.com/digitalbazaar/forge\"}, {\"url\": \"https://kb.cert.org/vuls/id/521113\", \"name\": \"CERT/CC Vulnerability Notice\", \"tags\": [\"third-party-advisory\"]}, {\"url\": \"https://github.com/digitalbazaar/forge/security/advisories/GHSA-5gfm-wpxj-wjgq\", \"name\": \"Github Security Advisory\", \"tags\": [\"third-party-advisory\"]}], \"x_generator\": {\"env\": \"prod\", \"engine\": \"VINCE 3.0.29\", \"origin\": \"https://cveawg.mitre.org/api/cve/CVE-2025-12816\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"An interpretation-conflict (CWE-436) vulnerability in node-forge versions 1.3.1 and earlier enables unauthenticated attackers to craft ASN.1 structures to desynchronize schema validations, yielding a semantic divergence that may bypass downstream cryptographic verifications and security decisions.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"CWE-436 Interpretation Conflict\"}]}], \"providerMetadata\": {\"orgId\": \"37e5125f-f79b-445b-8fad-9564f167944b\", \"shortName\": \"certcc\", \"dateUpdated\": \"2025-11-25T19:29:31.487Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-12816\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-11-25T21:04:09.432Z\", \"dateReserved\": \"2025-11-06T17:11:38.255Z\", \"assignerOrgId\": \"37e5125f-f79b-445b-8fad-9564f167944b\", \"datePublished\": \"2025-11-25T19:15:50.243Z\", \"assignerShortName\": \"certcc\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
SUSE-SU-2026:0628-1
Vulnerability from csaf_suse - Published: 2026-02-25 09:44 - Updated: 2026-02-25 09:44Summary
Security update 5.1.2 for Multi-Linux Manager Client Tools
Severity
Important
Notes
Title of the patch: Security update 5.1.2 for Multi-Linux Manager Client Tools
Description of the patch: This update fixes the following issues:
golang-github-QubitProducts-exporter_exporter:
- Non-customer-facing optimization around source building
golang-github-boynux-squid_exporter:
- Update to version 1.13.0 (jsc#PED-14971)
- Add support for squid-internal-mgr path for metrics.
- Update to version 1.12.0
- Add TLS and basic authentication support for the web interface.
- Update to version 1.11.0
- Allow adding custom labels to all metrics.
- Update to version 1.10.0
- Add ability to configure the exporter using environment variables.
- Add support for Squid 6
- Add `squid_up` metric
- Add `squid_scrape_duration_seconds` metric
- Add `squid_scrape_error` metric
- Update to version 1.9.0
- Add `process_open_fds` metric to monitor open file descriptors.
- Use `CAP_DAC_READ_SEARCH` capability to allow reading process information without running as root.
- Update to version 1.8.0
- Add various service time metrics to provide more detailed performance data.
- Update to version 1.7.0
- Add support for basic authentication against the Squid proxy.
- Fix `squid_client_http_requests_total` metric
- Upstream changes for v1.9.0:
- Use `CAP_DAC_READ_SEARCH` capability to allow
reading process information without running as root.
- Upstream changes for v1.8.0:
- Add various service time metrics to provide more detailed
performance data.
- Upstream changes for v1.7.0:
Squid proxy.Update to version 1.10.0
- Add ability to configure the exporter using environment
variables.
- Add `process_open_fds` metric to monitor open file descriptors.
- Use `CAP_DAC_READ_SEARCH` capability to allow reading process
information without running as root.
- Add various service time metrics to provide more detailed
performance data.
- Add support for basic authentication against the Squid proxy.
- Use current distro go default version. Use auto-versioning
on SUSE as well.
golang-github-lusitaniae-apache_exporter:
- Build without apparmor for openSUSE Leap 16, SLES 16 or newer
- Update to version 1.0.10
* Update github.com/prometheus/client_golang to 1.21.1
* Update github.com/prometheus/common to 0.63.0
* Update github.com/prometheus/exporter-toolkit to 0.14.0
- Update to version 1.0.9
* Update github.com/prometheus/client_golang to 1.20.4
* Update github.com/prometheus/common to 0.59.1
* Update github.com/prometheus/exporter-toolkit to 0.13.0
* Migrate logging to log/slog
* Fix signal handler logging
golang-github-prometheus-alertmanager:
- Require gcc11-c++ for building with SLE 12
golang-github-prometheus-node_exporter:
- Require gcc11-c++ for building with SLE 12
golang-github-prometheus-prometheus:
- Security issues fixed:
* CVE-2025-12816: Interpretation conflict vulnerability allowing bypassing cryptographic verifications (bsc#1255588)
- Update to 3.5.0 (jsc#PED-13824):
This is a Long-Term Support (LTS) release.
* [FEATURE] Remote-write: Add support for Azure Workload Identity as an authentication method for the receiver.
* [FEATURE] PromQL: Add first_over_time(...) and ts_of_first_over_time(...) behind feature flag.
* [FEATURE] Federation: Add support for native histograms with custom buckets (NHCB).
* [ENHANCEMENT] PromQL: Add warn-level annotations for counter reset conflicts in certain histogram operations.
* [ENHANCEMENT] UI: Add scrape interval and scrape timeout to targets page.
- Update to 3.4.0:
* [FEATURE] SD: Add unified AWS service discovery for ec2, lightsail and ecs services.
* [FEATURE] Native histograms are now a stable, but optional feature.
* [FEATURE] UI: Show detailed relabeling steps for each discovered target.
* [ENHANCEMENT] Alerting: Add 'unknown' state for alerting rules that haven't been evaluated yet.
* [BUGFIX] Scrape: Fix a bug where scrape cache would not be cleared on startup.
- Update to 3.3.0:
* [FEATURE] Spring Boot 3.3 includes support for the Prometheus Client 1.x.
* [ENHANCEMENT] Dependency management for Dropwizard Metrics has been removed.
- Update to 3.2.0:
* [FEATURE] OAuth2: support jwt-bearer grant-type (RFC7523 3.1).
* [ENHANCEMENT] PromQL: Reconcile mismatched NHCB bounds in Add
and Sub.
* [BUGFIX] TSDB: Native Histogram Custom Bounds with a NaN
threshold are now rejected.
- Update to 3.1.0:
* [FEATURE] Remote-write 2 (receiving): Update to 2.0-rc.4 spec.
'created timestamp' (CT) is now called 'start timestamp' (ST).
* [BUGFIX] Mixin: Add static UID to the remote-write dashboard.
- Update to 3.0.1:
* [BUGFIX] Promql: Make subqueries left open.
* [BUGFIX] Fix memory leak when query log is enabled.
* [BUGFIX] Support utf8 names on /v1/label/:name/values endpoint.
- Update to 3.0.0:
This release includes new features such as a brand new UI and
UTF-8 support enabled by default.
* [CHANGE] Deprecated feature flags removed.
* [FEATURE] New UI.
* [FEATURE] Remote Write 2.0.
* [FEATURE] OpenTelemetry Support.
* [FEATURE] UTF-8 support is now stable and enabled by default.
* [FEATURE] OTLP Ingestion.
* [FEATURE] Native Histograms.
* [BUGFIX] PromQL: Fix count_values for histograms.
* [BUGFIX] TSDB: Fix race on stale values in headAppender.
* [BUGFIX] UI: Fix selector / series formatting for empty metric
names.
- Update to 2.55.0:
* [FEATURE] PromQL: Add `last_over_time` function.
* [FEATURE] Agent: Add `prometheus_agent_build_info` metric.
* [ENHANCEMENT] PromQL: Optimise `group()` and `group by()`.
* [ENHANCEMENT] TSDB: Reduce memory usage when loading blocks.
* [BUGFIX] Scrape: Fix a bug where a target could be scraped
multiple times.
- Update to 2.54.0:
This release brings a release candidate of a major new version of
Remote Write: 2.0.
* [CHANGE] Remote-Write: highest_timestamp_in_seconds and queue_highest_sent_timestamp_seconds metrics now initialized
to 0.
* [CHANGE] API: Split warnings from info annotations in API response.
* [FEATURE] Remote-Write: Version 2.0 experimental, plus metadata
in WAL via feature flag.
* [FEATURE] PromQL: add limitk() and limit_ratio() aggregation
operators.
* [ENHANCEMENT] PromQL: Accept underscores in literal numbers.
* [ENHANCEMENT] PromQL: float literal numbers and durations are
now interchangeable (experimental).
* [ENHANCEMENT] PromQL (experimental native histograms): Optimize
histogram_count and histogram_sum functions.
* [BUGFIX] PromQL: Fix various issues with native histograms.
* [BUGFIX] OTLP receiver: Allow colons in non-standard units.
- Require gcc11-c++ for building with SLE 12
grafana:
- CVE-2025-68156: Fix potential DoS via unbounded recursion in builtin functions (bsc#1255340)
mgr-push:
- Version 5.1.5-0
* Non-customer-facing optimization and update
prometheus-blackbox_exporter:
- Non-customer-facing optimization and update
rhnlib:
- Version 5.1.4-0
* Non-customer-facing optimization and update
spacecmd:
- Version 5.1.12-0
* Fix spacecmd binary file upload (bsc#1253659)
* Fix typo in spacecmd help ca-cert flag (bsc#1253174)
* Convert cached IDs to int (bsc#1251995)
* Fix methods in api namespace in spacecmd (bsc#1249532)
* Make caching code Py 2.7 compatible
* Use JSON instead of pickle for spacecmd
cache (bsc#1227579)
* Python 2.7 cannot re-raise exceptions
spacewalk-client-tools:
- Version 5.1.8-0
* Non-customer-facing optimization and update
supportutils-plugin-susemanager-client:
- Version 5.1.5-0
* Non-customer-facing optimization and update
uyuni-common-libs:
- Version 5.1.5-0
* Non-customer-facing optimization and update
uyuni-tools:
- Version 5.1.24-0
* Actually use the --dbupgrade-tag parameter when computing the
image URL (bsc#1249400)
* Handle CA files with symlinks during migration (bsc#1251044)
* Adjust traefik exposed configuration for chart v27+ (bsc#1247721)
* Fix systemd object initialization in server rename. (bsc#1250981)
* Add SSL secrets to the db setup container during migration. (bsc#1250976)
* Fix images handling in mgrpxy support ptf (bsc#1250940)
* Fix helm upgrade parameters (bsc#1253966)
* Detect custom apache and squid config in the /etc/uyuni/proxy folder
* Add ssh tuning to configure sshd (bsc#1253738)
* Move the SSL checks at the beginning of the migration
* Remove cgroup mount for podman containers (bsc#1253347)
* Convert the traefik install time to local time (bsc#1251138)
* During migration, krb5.conf.d should be copied in /etc/rhn (bsc#1254478)
* Read env var from http conf file (bsc#1253282)
* Add --registry-host, --registry-user and --registry-password
to pull images from an authenticate registry
* Deprecate --registry
* Unify backup create and restore dryrun option case
* Fix calling of squid -z in mgrpxy cache clear (bsc#1247644)
* Always start database container even if enabled
* Remove extra ipv6 mapping and nftables workaround (bsc#1248848)
* Remove old PostgreSQL exporter environment file before migration
* Support config command parse correctly supportconfig output (bsc#1255781)
Patchnames: SUSE-2026-628,SUSE-MultiLinuxManagerTools-SLE-12-2026-628
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.6 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.5 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update 5.1.2 for Multi-Linux Manager Client Tools",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update fixes the following issues:\n\ngolang-github-QubitProducts-exporter_exporter:\n\n- Non-customer-facing optimization around source building\n\ngolang-github-boynux-squid_exporter:\n\n- Update to version 1.13.0 (jsc#PED-14971)\n - Add support for squid-internal-mgr path for metrics.\n- Update to version 1.12.0\n - Add TLS and basic authentication support for the web interface.\n- Update to version 1.11.0\n - Allow adding custom labels to all metrics.\n- Update to version 1.10.0\n - Add ability to configure the exporter using environment variables.\n - Add support for Squid 6\n - Add `squid_up` metric\n - Add `squid_scrape_duration_seconds` metric\n - Add `squid_scrape_error` metric\n- Update to version 1.9.0\n - Add `process_open_fds` metric to monitor open file descriptors.\n - Use `CAP_DAC_READ_SEARCH` capability to allow reading process information without running as root.\n- Update to version 1.8.0\n - Add various service time metrics to provide more detailed performance data.\n- Update to version 1.7.0\n - Add support for basic authentication against the Squid proxy.\n - Fix `squid_client_http_requests_total` metric\n- Upstream changes for v1.9.0:\n - Use `CAP_DAC_READ_SEARCH` capability to allow\n reading process information without running as root.\n- Upstream changes for v1.8.0:\n - Add various service time metrics to provide more detailed\n performance data.\n- Upstream changes for v1.7.0:\n Squid proxy.Update to version 1.10.0\n - Add ability to configure the exporter using environment\n variables.\n - Add `process_open_fds` metric to monitor open file descriptors.\n - Use `CAP_DAC_READ_SEARCH` capability to allow reading process\n information without running as root.\n - Add various service time metrics to provide more detailed\n performance data.\n - Add support for basic authentication against the Squid proxy.\n- Use current distro go default version. Use auto-versioning\n on SUSE as well.\n\ngolang-github-lusitaniae-apache_exporter:\n\n- Build without apparmor for openSUSE Leap 16, SLES 16 or newer\n- Update to version 1.0.10\n * Update github.com/prometheus/client_golang to 1.21.1\n * Update github.com/prometheus/common to 0.63.0\n * Update github.com/prometheus/exporter-toolkit to 0.14.0\n- Update to version 1.0.9\n * Update github.com/prometheus/client_golang to 1.20.4\n * Update github.com/prometheus/common to 0.59.1\n * Update github.com/prometheus/exporter-toolkit to 0.13.0\n * Migrate logging to log/slog\n * Fix signal handler logging\n\ngolang-github-prometheus-alertmanager:\n\n- Require gcc11-c++ for building with SLE 12\n\ngolang-github-prometheus-node_exporter:\n\n- Require gcc11-c++ for building with SLE 12\n\ngolang-github-prometheus-prometheus:\n\n- Security issues fixed:\n * CVE-2025-12816: Interpretation conflict vulnerability allowing bypassing cryptographic verifications (bsc#1255588)\n\n- Update to 3.5.0 (jsc#PED-13824):\n This is a Long-Term Support (LTS) release.\n * [FEATURE] Remote-write: Add support for Azure Workload Identity as an authentication method for the receiver.\n * [FEATURE] PromQL: Add first_over_time(...) and ts_of_first_over_time(...) behind feature flag.\n * [FEATURE] Federation: Add support for native histograms with custom buckets (NHCB).\n * [ENHANCEMENT] PromQL: Add warn-level annotations for counter reset conflicts in certain histogram operations.\n * [ENHANCEMENT] UI: Add scrape interval and scrape timeout to targets page.\n- Update to 3.4.0:\n * [FEATURE] SD: Add unified AWS service discovery for ec2, lightsail and ecs services.\n * [FEATURE] Native histograms are now a stable, but optional feature.\n * [FEATURE] UI: Show detailed relabeling steps for each discovered target.\n * [ENHANCEMENT] Alerting: Add \u0027unknown\u0027 state for alerting rules that haven\u0027t been evaluated yet.\n * [BUGFIX] Scrape: Fix a bug where scrape cache would not be cleared on startup.\n- Update to 3.3.0:\n * [FEATURE] Spring Boot 3.3 includes support for the Prometheus Client 1.x.\n * [ENHANCEMENT] Dependency management for Dropwizard Metrics has been removed.\n- Update to 3.2.0:\n * [FEATURE] OAuth2: support jwt-bearer grant-type (RFC7523 3.1).\n * [ENHANCEMENT] PromQL: Reconcile mismatched NHCB bounds in Add\n and Sub.\n * [BUGFIX] TSDB: Native Histogram Custom Bounds with a NaN\n threshold are now rejected.\n- Update to 3.1.0:\n * [FEATURE] Remote-write 2 (receiving): Update to 2.0-rc.4 spec.\n \u0027created timestamp\u0027 (CT) is now called \u0027start timestamp\u0027 (ST).\n * [BUGFIX] Mixin: Add static UID to the remote-write dashboard.\n- Update to 3.0.1:\n * [BUGFIX] Promql: Make subqueries left open.\n * [BUGFIX] Fix memory leak when query log is enabled.\n * [BUGFIX] Support utf8 names on /v1/label/:name/values endpoint.\n- Update to 3.0.0:\n This release includes new features such as a brand new UI and\n UTF-8 support enabled by default.\n * [CHANGE] Deprecated feature flags removed.\n * [FEATURE] New UI.\n * [FEATURE] Remote Write 2.0.\n * [FEATURE] OpenTelemetry Support.\n * [FEATURE] UTF-8 support is now stable and enabled by default.\n * [FEATURE] OTLP Ingestion.\n * [FEATURE] Native Histograms.\n * [BUGFIX] PromQL: Fix count_values for histograms.\n * [BUGFIX] TSDB: Fix race on stale values in headAppender.\n * [BUGFIX] UI: Fix selector / series formatting for empty metric\n names.\n- Update to 2.55.0:\n * [FEATURE] PromQL: Add `last_over_time` function.\n * [FEATURE] Agent: Add `prometheus_agent_build_info` metric.\n * [ENHANCEMENT] PromQL: Optimise `group()` and `group by()`.\n * [ENHANCEMENT] TSDB: Reduce memory usage when loading blocks.\n * [BUGFIX] Scrape: Fix a bug where a target could be scraped\n multiple times.\n- Update to 2.54.0:\n This release brings a release candidate of a major new version of\n Remote Write: 2.0.\n * [CHANGE] Remote-Write: highest_timestamp_in_seconds and queue_highest_sent_timestamp_seconds metrics now initialized\n to 0.\n * [CHANGE] API: Split warnings from info annotations in API response.\n * [FEATURE] Remote-Write: Version 2.0 experimental, plus metadata\n in WAL via feature flag.\n * [FEATURE] PromQL: add limitk() and limit_ratio() aggregation\n operators.\n * [ENHANCEMENT] PromQL: Accept underscores in literal numbers.\n * [ENHANCEMENT] PromQL: float literal numbers and durations are\n now interchangeable (experimental).\n * [ENHANCEMENT] PromQL (experimental native histograms): Optimize\n histogram_count and histogram_sum functions.\n * [BUGFIX] PromQL: Fix various issues with native histograms.\n * [BUGFIX] OTLP receiver: Allow colons in non-standard units.\n- Require gcc11-c++ for building with SLE 12\n\ngrafana:\n\n- CVE-2025-68156: Fix potential DoS via unbounded recursion in builtin functions (bsc#1255340)\n\nmgr-push:\n\n- Version 5.1.5-0\n * Non-customer-facing optimization and update\n\nprometheus-blackbox_exporter:\n\n- Non-customer-facing optimization and update\n\nrhnlib:\n\n- Version 5.1.4-0\n * Non-customer-facing optimization and update \n\nspacecmd:\n\n- Version 5.1.12-0\n * Fix spacecmd binary file upload (bsc#1253659)\n * Fix typo in spacecmd help ca-cert flag (bsc#1253174)\n * Convert cached IDs to int (bsc#1251995)\n * Fix methods in api namespace in spacecmd (bsc#1249532)\n * Make caching code Py 2.7 compatible\n * Use JSON instead of pickle for spacecmd\n cache (bsc#1227579)\n * Python 2.7 cannot re-raise exceptions\n\nspacewalk-client-tools:\n\n- Version 5.1.8-0\n * Non-customer-facing optimization and update\n\nsupportutils-plugin-susemanager-client:\n\n- Version 5.1.5-0\n * Non-customer-facing optimization and update\n\nuyuni-common-libs:\n\n- Version 5.1.5-0\n * Non-customer-facing optimization and update\n\nuyuni-tools:\n\n- Version 5.1.24-0\n * Actually use the --dbupgrade-tag parameter when computing the\n image URL (bsc#1249400)\n * Handle CA files with symlinks during migration (bsc#1251044)\n * Adjust traefik exposed configuration for chart v27+ (bsc#1247721)\n * Fix systemd object initialization in server rename. (bsc#1250981)\n * Add SSL secrets to the db setup container during migration. (bsc#1250976)\n * Fix images handling in mgrpxy support ptf (bsc#1250940)\n * Fix helm upgrade parameters (bsc#1253966)\n * Detect custom apache and squid config in the /etc/uyuni/proxy folder\n * Add ssh tuning to configure sshd (bsc#1253738)\n * Move the SSL checks at the beginning of the migration\n * Remove cgroup mount for podman containers (bsc#1253347)\n * Convert the traefik install time to local time (bsc#1251138)\n * During migration, krb5.conf.d should be copied in /etc/rhn (bsc#1254478)\n * Read env var from http conf file (bsc#1253282)\n * Add --registry-host, --registry-user and --registry-password\n to pull images from an authenticate registry\n * Deprecate --registry\n * Unify backup create and restore dryrun option case\n * Fix calling of squid -z in mgrpxy cache clear (bsc#1247644)\n * Always start database container even if enabled\n * Remove extra ipv6 mapping and nftables workaround (bsc#1248848)\n * Remove old PostgreSQL exporter environment file before migration\n * Support config command parse correctly supportconfig output (bsc#1255781)\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2026-628,SUSE-MultiLinuxManagerTools-SLE-12-2026-628",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_0628-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:0628-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20260628-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:0628-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024392.html"
},
{
"category": "self",
"summary": "SUSE Bug 1227579",
"url": "https://bugzilla.suse.com/1227579"
},
{
"category": "self",
"summary": "SUSE Bug 1247644",
"url": "https://bugzilla.suse.com/1247644"
},
{
"category": "self",
"summary": "SUSE Bug 1247721",
"url": "https://bugzilla.suse.com/1247721"
},
{
"category": "self",
"summary": "SUSE Bug 1248848",
"url": "https://bugzilla.suse.com/1248848"
},
{
"category": "self",
"summary": "SUSE Bug 1249400",
"url": "https://bugzilla.suse.com/1249400"
},
{
"category": "self",
"summary": "SUSE Bug 1249532",
"url": "https://bugzilla.suse.com/1249532"
},
{
"category": "self",
"summary": "SUSE Bug 1250940",
"url": "https://bugzilla.suse.com/1250940"
},
{
"category": "self",
"summary": "SUSE Bug 1250976",
"url": "https://bugzilla.suse.com/1250976"
},
{
"category": "self",
"summary": "SUSE Bug 1250981",
"url": "https://bugzilla.suse.com/1250981"
},
{
"category": "self",
"summary": "SUSE Bug 1251044",
"url": "https://bugzilla.suse.com/1251044"
},
{
"category": "self",
"summary": "SUSE Bug 1251138",
"url": "https://bugzilla.suse.com/1251138"
},
{
"category": "self",
"summary": "SUSE Bug 1251995",
"url": "https://bugzilla.suse.com/1251995"
},
{
"category": "self",
"summary": "SUSE Bug 1253174",
"url": "https://bugzilla.suse.com/1253174"
},
{
"category": "self",
"summary": "SUSE Bug 1253282",
"url": "https://bugzilla.suse.com/1253282"
},
{
"category": "self",
"summary": "SUSE Bug 1253347",
"url": "https://bugzilla.suse.com/1253347"
},
{
"category": "self",
"summary": "SUSE Bug 1253659",
"url": "https://bugzilla.suse.com/1253659"
},
{
"category": "self",
"summary": "SUSE Bug 1253738",
"url": "https://bugzilla.suse.com/1253738"
},
{
"category": "self",
"summary": "SUSE Bug 1253966",
"url": "https://bugzilla.suse.com/1253966"
},
{
"category": "self",
"summary": "SUSE Bug 1254478",
"url": "https://bugzilla.suse.com/1254478"
},
{
"category": "self",
"summary": "SUSE Bug 1255340",
"url": "https://bugzilla.suse.com/1255340"
},
{
"category": "self",
"summary": "SUSE Bug 1255588",
"url": "https://bugzilla.suse.com/1255588"
},
{
"category": "self",
"summary": "SUSE Bug 1255781",
"url": "https://bugzilla.suse.com/1255781"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-12816 page",
"url": "https://www.suse.com/security/cve/CVE-2025-12816/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68156 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68156/"
}
],
"title": "Security update 5.1.2 for Multi-Linux Manager Client Tools",
"tracking": {
"current_release_date": "2026-02-25T09:44:32Z",
"generator": {
"date": "2026-02-25T09:44:32Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:0628-1",
"initial_release_date": "2026-02-25T09:44:32Z",
"revision_history": [
{
"date": "2026-02-25T09:44:32Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.aarch64",
"product": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.aarch64",
"product_id": "golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.aarch64",
"product": {
"name": "golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.aarch64",
"product_id": "golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.aarch64",
"product": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.aarch64",
"product_id": "golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.aarch64",
"product": {
"name": "golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.aarch64",
"product_id": "golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.aarch64",
"product": {
"name": "golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.aarch64",
"product_id": "golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.aarch64",
"product": {
"name": "golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.aarch64",
"product_id": "golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-promu-0.17.0-120002.3.3.1.aarch64",
"product": {
"name": "golang-github-prometheus-promu-0.17.0-120002.3.3.1.aarch64",
"product_id": "golang-github-prometheus-promu-0.17.0-120002.3.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "grafana-11.5.10-120002.4.9.1.aarch64",
"product": {
"name": "grafana-11.5.10-120002.4.9.1.aarch64",
"product_id": "grafana-11.5.10-120002.4.9.1.aarch64"
}
},
{
"category": "product_version",
"name": "mgrctl-5.1.24-120002.3.9.1.aarch64",
"product": {
"name": "mgrctl-5.1.24-120002.3.9.1.aarch64",
"product_id": "mgrctl-5.1.24-120002.3.9.1.aarch64"
}
},
{
"category": "product_version",
"name": "prometheus-blackbox_exporter-0.26.0-120002.3.3.1.aarch64",
"product": {
"name": "prometheus-blackbox_exporter-0.26.0-120002.3.3.1.aarch64",
"product_id": "prometheus-blackbox_exporter-0.26.0-120002.3.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "python2-uyuni-common-libs-5.1.5-120002.3.3.1.aarch64",
"product": {
"name": "python2-uyuni-common-libs-5.1.5-120002.3.3.1.aarch64",
"product_id": "python2-uyuni-common-libs-5.1.5-120002.3.3.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "mgr-push-5.1.5-120002.3.6.1.noarch",
"product": {
"name": "mgr-push-5.1.5-120002.3.6.1.noarch",
"product_id": "mgr-push-5.1.5-120002.3.6.1.noarch"
}
},
{
"category": "product_version",
"name": "mgrctl-bash-completion-5.1.24-120002.3.9.1.noarch",
"product": {
"name": "mgrctl-bash-completion-5.1.24-120002.3.9.1.noarch",
"product_id": "mgrctl-bash-completion-5.1.24-120002.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "mgrctl-lang-5.1.24-120002.3.9.1.noarch",
"product": {
"name": "mgrctl-lang-5.1.24-120002.3.9.1.noarch",
"product_id": "mgrctl-lang-5.1.24-120002.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "mgrctl-zsh-completion-5.1.24-120002.3.9.1.noarch",
"product": {
"name": "mgrctl-zsh-completion-5.1.24-120002.3.9.1.noarch",
"product_id": "mgrctl-zsh-completion-5.1.24-120002.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "python2-mgr-push-5.1.5-120002.3.6.1.noarch",
"product": {
"name": "python2-mgr-push-5.1.5-120002.3.6.1.noarch",
"product_id": "python2-mgr-push-5.1.5-120002.3.6.1.noarch"
}
},
{
"category": "product_version",
"name": "python2-rhnlib-5.1.4-120002.3.6.1.noarch",
"product": {
"name": "python2-rhnlib-5.1.4-120002.3.6.1.noarch",
"product_id": "python2-rhnlib-5.1.4-120002.3.6.1.noarch"
}
},
{
"category": "product_version",
"name": "python2-spacewalk-client-tools-5.1.8-120002.3.6.1.noarch",
"product": {
"name": "python2-spacewalk-client-tools-5.1.8-120002.3.6.1.noarch",
"product_id": "python2-spacewalk-client-tools-5.1.8-120002.3.6.1.noarch"
}
},
{
"category": "product_version",
"name": "spacecmd-5.1.12-120002.3.6.1.noarch",
"product": {
"name": "spacecmd-5.1.12-120002.3.6.1.noarch",
"product_id": "spacecmd-5.1.12-120002.3.6.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-client-tools-5.1.8-120002.3.6.1.noarch",
"product": {
"name": "spacewalk-client-tools-5.1.8-120002.3.6.1.noarch",
"product_id": "spacewalk-client-tools-5.1.8-120002.3.6.1.noarch"
}
},
{
"category": "product_version",
"name": "supportutils-plugin-susemanager-client-5.1.5-120002.3.6.1.noarch",
"product": {
"name": "supportutils-plugin-susemanager-client-5.1.5-120002.3.6.1.noarch",
"product_id": "supportutils-plugin-susemanager-client-5.1.5-120002.3.6.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.ppc64le",
"product": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.ppc64le",
"product_id": "golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.ppc64le",
"product": {
"name": "golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.ppc64le",
"product_id": "golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.ppc64le",
"product": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.ppc64le",
"product_id": "golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.ppc64le",
"product": {
"name": "golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.ppc64le",
"product_id": "golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.ppc64le",
"product": {
"name": "golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.ppc64le",
"product_id": "golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.ppc64le",
"product": {
"name": "golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.ppc64le",
"product_id": "golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-promu-0.17.0-120002.3.3.1.ppc64le",
"product": {
"name": "golang-github-prometheus-promu-0.17.0-120002.3.3.1.ppc64le",
"product_id": "golang-github-prometheus-promu-0.17.0-120002.3.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "grafana-11.5.10-120002.4.9.1.ppc64le",
"product": {
"name": "grafana-11.5.10-120002.4.9.1.ppc64le",
"product_id": "grafana-11.5.10-120002.4.9.1.ppc64le"
}
},
{
"category": "product_version",
"name": "mgrctl-5.1.24-120002.3.9.1.ppc64le",
"product": {
"name": "mgrctl-5.1.24-120002.3.9.1.ppc64le",
"product_id": "mgrctl-5.1.24-120002.3.9.1.ppc64le"
}
},
{
"category": "product_version",
"name": "prometheus-blackbox_exporter-0.26.0-120002.3.3.1.ppc64le",
"product": {
"name": "prometheus-blackbox_exporter-0.26.0-120002.3.3.1.ppc64le",
"product_id": "prometheus-blackbox_exporter-0.26.0-120002.3.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python2-uyuni-common-libs-5.1.5-120002.3.3.1.ppc64le",
"product": {
"name": "python2-uyuni-common-libs-5.1.5-120002.3.3.1.ppc64le",
"product_id": "python2-uyuni-common-libs-5.1.5-120002.3.3.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.s390x",
"product": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.s390x",
"product_id": "golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.s390x",
"product": {
"name": "golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.s390x",
"product_id": "golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.s390x",
"product": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.s390x",
"product_id": "golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.s390x",
"product": {
"name": "golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.s390x",
"product_id": "golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.s390x",
"product": {
"name": "golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.s390x",
"product_id": "golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.s390x",
"product": {
"name": "golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.s390x",
"product_id": "golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-promu-0.17.0-120002.3.3.1.s390x",
"product": {
"name": "golang-github-prometheus-promu-0.17.0-120002.3.3.1.s390x",
"product_id": "golang-github-prometheus-promu-0.17.0-120002.3.3.1.s390x"
}
},
{
"category": "product_version",
"name": "grafana-11.5.10-120002.4.9.1.s390x",
"product": {
"name": "grafana-11.5.10-120002.4.9.1.s390x",
"product_id": "grafana-11.5.10-120002.4.9.1.s390x"
}
},
{
"category": "product_version",
"name": "mgrctl-5.1.24-120002.3.9.1.s390x",
"product": {
"name": "mgrctl-5.1.24-120002.3.9.1.s390x",
"product_id": "mgrctl-5.1.24-120002.3.9.1.s390x"
}
},
{
"category": "product_version",
"name": "prometheus-blackbox_exporter-0.26.0-120002.3.3.1.s390x",
"product": {
"name": "prometheus-blackbox_exporter-0.26.0-120002.3.3.1.s390x",
"product_id": "prometheus-blackbox_exporter-0.26.0-120002.3.3.1.s390x"
}
},
{
"category": "product_version",
"name": "python2-uyuni-common-libs-5.1.5-120002.3.3.1.s390x",
"product": {
"name": "python2-uyuni-common-libs-5.1.5-120002.3.3.1.s390x",
"product_id": "python2-uyuni-common-libs-5.1.5-120002.3.3.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.x86_64",
"product": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.x86_64",
"product_id": "golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.x86_64",
"product": {
"name": "golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.x86_64",
"product_id": "golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.x86_64",
"product": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.x86_64",
"product_id": "golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.x86_64",
"product": {
"name": "golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.x86_64",
"product_id": "golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.x86_64",
"product": {
"name": "golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.x86_64",
"product_id": "golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.x86_64",
"product": {
"name": "golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.x86_64",
"product_id": "golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-promu-0.17.0-120002.3.3.1.x86_64",
"product": {
"name": "golang-github-prometheus-promu-0.17.0-120002.3.3.1.x86_64",
"product_id": "golang-github-prometheus-promu-0.17.0-120002.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "grafana-11.5.10-120002.4.9.1.x86_64",
"product": {
"name": "grafana-11.5.10-120002.4.9.1.x86_64",
"product_id": "grafana-11.5.10-120002.4.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "mgrctl-5.1.24-120002.3.9.1.x86_64",
"product": {
"name": "mgrctl-5.1.24-120002.3.9.1.x86_64",
"product_id": "mgrctl-5.1.24-120002.3.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "prometheus-blackbox_exporter-0.26.0-120002.3.3.1.x86_64",
"product": {
"name": "prometheus-blackbox_exporter-0.26.0-120002.3.3.1.x86_64",
"product_id": "prometheus-blackbox_exporter-0.26.0-120002.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "python2-uyuni-common-libs-5.1.5-120002.3.3.1.x86_64",
"product": {
"name": "python2-uyuni-common-libs-5.1.5-120002.3.3.1.x86_64",
"product_id": "python2-uyuni-common-libs-5.1.5-120002.3.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Multi Linux Manager Tools SLE-12",
"product": {
"name": "SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12"
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.aarch64 as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.aarch64"
},
"product_reference": "golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.ppc64le as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.ppc64le"
},
"product_reference": "golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.s390x as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.s390x"
},
"product_reference": "golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.s390x",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.x86_64 as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.x86_64"
},
"product_reference": "golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.aarch64 as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.aarch64"
},
"product_reference": "golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.ppc64le as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.ppc64le"
},
"product_reference": "golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.s390x as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.s390x"
},
"product_reference": "golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.s390x",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.x86_64 as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.x86_64"
},
"product_reference": "golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.aarch64 as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.aarch64"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.ppc64le as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.ppc64le"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.s390x as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.s390x"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.s390x",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.x86_64 as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.x86_64"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.aarch64 as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.aarch64"
},
"product_reference": "golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.aarch64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.ppc64le as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.ppc64le"
},
"product_reference": "golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.ppc64le",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.s390x as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.s390x"
},
"product_reference": "golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.s390x",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.x86_64 as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.x86_64"
},
"product_reference": "golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.x86_64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.aarch64 as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.aarch64"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.ppc64le as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.ppc64le"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.s390x as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.s390x"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.s390x",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.x86_64 as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.x86_64"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.aarch64 as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.aarch64"
},
"product_reference": "golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.ppc64le as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.ppc64le"
},
"product_reference": "golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.s390x as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.s390x"
},
"product_reference": "golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.s390x",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.x86_64 as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.x86_64"
},
"product_reference": "golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.10-120002.4.9.1.aarch64 as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.9.1.aarch64"
},
"product_reference": "grafana-11.5.10-120002.4.9.1.aarch64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.10-120002.4.9.1.ppc64le as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.9.1.ppc64le"
},
"product_reference": "grafana-11.5.10-120002.4.9.1.ppc64le",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.10-120002.4.9.1.s390x as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.9.1.s390x"
},
"product_reference": "grafana-11.5.10-120002.4.9.1.s390x",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.10-120002.4.9.1.x86_64 as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.9.1.x86_64"
},
"product_reference": "grafana-11.5.10-120002.4.9.1.x86_64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgr-push-5.1.5-120002.3.6.1.noarch as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:mgr-push-5.1.5-120002.3.6.1.noarch"
},
"product_reference": "mgr-push-5.1.5-120002.3.6.1.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-5.1.24-120002.3.9.1.aarch64 as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.24-120002.3.9.1.aarch64"
},
"product_reference": "mgrctl-5.1.24-120002.3.9.1.aarch64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-5.1.24-120002.3.9.1.ppc64le as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.24-120002.3.9.1.ppc64le"
},
"product_reference": "mgrctl-5.1.24-120002.3.9.1.ppc64le",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-5.1.24-120002.3.9.1.s390x as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.24-120002.3.9.1.s390x"
},
"product_reference": "mgrctl-5.1.24-120002.3.9.1.s390x",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-5.1.24-120002.3.9.1.x86_64 as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.24-120002.3.9.1.x86_64"
},
"product_reference": "mgrctl-5.1.24-120002.3.9.1.x86_64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-bash-completion-5.1.24-120002.3.9.1.noarch as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:mgrctl-bash-completion-5.1.24-120002.3.9.1.noarch"
},
"product_reference": "mgrctl-bash-completion-5.1.24-120002.3.9.1.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-lang-5.1.24-120002.3.9.1.noarch as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:mgrctl-lang-5.1.24-120002.3.9.1.noarch"
},
"product_reference": "mgrctl-lang-5.1.24-120002.3.9.1.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-zsh-completion-5.1.24-120002.3.9.1.noarch as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:mgrctl-zsh-completion-5.1.24-120002.3.9.1.noarch"
},
"product_reference": "mgrctl-zsh-completion-5.1.24-120002.3.9.1.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-blackbox_exporter-0.26.0-120002.3.3.1.aarch64 as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:prometheus-blackbox_exporter-0.26.0-120002.3.3.1.aarch64"
},
"product_reference": "prometheus-blackbox_exporter-0.26.0-120002.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-blackbox_exporter-0.26.0-120002.3.3.1.ppc64le as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:prometheus-blackbox_exporter-0.26.0-120002.3.3.1.ppc64le"
},
"product_reference": "prometheus-blackbox_exporter-0.26.0-120002.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-blackbox_exporter-0.26.0-120002.3.3.1.s390x as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:prometheus-blackbox_exporter-0.26.0-120002.3.3.1.s390x"
},
"product_reference": "prometheus-blackbox_exporter-0.26.0-120002.3.3.1.s390x",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-blackbox_exporter-0.26.0-120002.3.3.1.x86_64 as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:prometheus-blackbox_exporter-0.26.0-120002.3.3.1.x86_64"
},
"product_reference": "prometheus-blackbox_exporter-0.26.0-120002.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-mgr-push-5.1.5-120002.3.6.1.noarch as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:python2-mgr-push-5.1.5-120002.3.6.1.noarch"
},
"product_reference": "python2-mgr-push-5.1.5-120002.3.6.1.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-rhnlib-5.1.4-120002.3.6.1.noarch as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:python2-rhnlib-5.1.4-120002.3.6.1.noarch"
},
"product_reference": "python2-rhnlib-5.1.4-120002.3.6.1.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-spacewalk-client-tools-5.1.8-120002.3.6.1.noarch as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:python2-spacewalk-client-tools-5.1.8-120002.3.6.1.noarch"
},
"product_reference": "python2-spacewalk-client-tools-5.1.8-120002.3.6.1.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-uyuni-common-libs-5.1.5-120002.3.3.1.aarch64 as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:python2-uyuni-common-libs-5.1.5-120002.3.3.1.aarch64"
},
"product_reference": "python2-uyuni-common-libs-5.1.5-120002.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-uyuni-common-libs-5.1.5-120002.3.3.1.ppc64le as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:python2-uyuni-common-libs-5.1.5-120002.3.3.1.ppc64le"
},
"product_reference": "python2-uyuni-common-libs-5.1.5-120002.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-uyuni-common-libs-5.1.5-120002.3.3.1.s390x as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:python2-uyuni-common-libs-5.1.5-120002.3.3.1.s390x"
},
"product_reference": "python2-uyuni-common-libs-5.1.5-120002.3.3.1.s390x",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python2-uyuni-common-libs-5.1.5-120002.3.3.1.x86_64 as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:python2-uyuni-common-libs-5.1.5-120002.3.3.1.x86_64"
},
"product_reference": "python2-uyuni-common-libs-5.1.5-120002.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacecmd-5.1.12-120002.3.6.1.noarch as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:spacecmd-5.1.12-120002.3.6.1.noarch"
},
"product_reference": "spacecmd-5.1.12-120002.3.6.1.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-client-tools-5.1.8-120002.3.6.1.noarch as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:spacewalk-client-tools-5.1.8-120002.3.6.1.noarch"
},
"product_reference": "spacewalk-client-tools-5.1.8-120002.3.6.1.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "supportutils-plugin-susemanager-client-5.1.5-120002.3.6.1.noarch as component of SUSE Multi Linux Manager Tools SLE-12",
"product_id": "SUSE Multi Linux Manager Tools SLE-12:supportutils-plugin-susemanager-client-5.1.5-120002.3.6.1.noarch"
},
"product_reference": "supportutils-plugin-susemanager-client-5.1.5-120002.3.6.1.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-12"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-12816",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-12816"
}
],
"notes": [
{
"category": "general",
"text": "An interpretation-conflict (CWE-436) vulnerability in node-forge versions 1.3.1 and earlier enables unauthenticated attackers to craft ASN.1 structures to desynchronize schema validations, yielding a semantic divergence that may bypass downstream cryptographic verifications and security decisions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Multi Linux Manager Tools SLE-12:golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.9.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.9.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.9.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.9.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgr-push-5.1.5-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.24-120002.3.9.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.24-120002.3.9.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.24-120002.3.9.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.24-120002.3.9.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-bash-completion-5.1.24-120002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-lang-5.1.24-120002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-zsh-completion-5.1.24-120002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:prometheus-blackbox_exporter-0.26.0-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:prometheus-blackbox_exporter-0.26.0-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:prometheus-blackbox_exporter-0.26.0-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:prometheus-blackbox_exporter-0.26.0-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:python2-mgr-push-5.1.5-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python2-rhnlib-5.1.4-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python2-spacewalk-client-tools-5.1.8-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python2-uyuni-common-libs-5.1.5-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:python2-uyuni-common-libs-5.1.5-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:python2-uyuni-common-libs-5.1.5-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:python2-uyuni-common-libs-5.1.5-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:spacecmd-5.1.12-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:spacewalk-client-tools-5.1.8-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:supportutils-plugin-susemanager-client-5.1.5-120002.3.6.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-12816",
"url": "https://www.suse.com/security/cve/CVE-2025-12816"
},
{
"category": "external",
"summary": "SUSE Bug 1255584 for CVE-2025-12816",
"url": "https://bugzilla.suse.com/1255584"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Multi Linux Manager Tools SLE-12:golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.9.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.9.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.9.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.9.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgr-push-5.1.5-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.24-120002.3.9.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.24-120002.3.9.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.24-120002.3.9.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.24-120002.3.9.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-bash-completion-5.1.24-120002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-lang-5.1.24-120002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-zsh-completion-5.1.24-120002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:prometheus-blackbox_exporter-0.26.0-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:prometheus-blackbox_exporter-0.26.0-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:prometheus-blackbox_exporter-0.26.0-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:prometheus-blackbox_exporter-0.26.0-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:python2-mgr-push-5.1.5-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python2-rhnlib-5.1.4-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python2-spacewalk-client-tools-5.1.8-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python2-uyuni-common-libs-5.1.5-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:python2-uyuni-common-libs-5.1.5-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:python2-uyuni-common-libs-5.1.5-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:python2-uyuni-common-libs-5.1.5-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:spacecmd-5.1.12-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:spacewalk-client-tools-5.1.8-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:supportutils-plugin-susemanager-client-5.1.5-120002.3.6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Multi Linux Manager Tools SLE-12:golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.9.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.9.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.9.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.9.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgr-push-5.1.5-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.24-120002.3.9.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.24-120002.3.9.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.24-120002.3.9.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.24-120002.3.9.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-bash-completion-5.1.24-120002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-lang-5.1.24-120002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-zsh-completion-5.1.24-120002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:prometheus-blackbox_exporter-0.26.0-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:prometheus-blackbox_exporter-0.26.0-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:prometheus-blackbox_exporter-0.26.0-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:prometheus-blackbox_exporter-0.26.0-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:python2-mgr-push-5.1.5-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python2-rhnlib-5.1.4-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python2-spacewalk-client-tools-5.1.8-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python2-uyuni-common-libs-5.1.5-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:python2-uyuni-common-libs-5.1.5-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:python2-uyuni-common-libs-5.1.5-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:python2-uyuni-common-libs-5.1.5-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:spacecmd-5.1.12-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:spacewalk-client-tools-5.1.8-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:supportutils-plugin-susemanager-client-5.1.5-120002.3.6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-25T09:44:32Z",
"details": "important"
}
],
"title": "CVE-2025-12816"
},
{
"cve": "CVE-2025-68156",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68156"
}
],
"notes": [
{
"category": "general",
"text": "Expr is an expression language and expression evaluation for Go. Prior to version 1.17.7, several builtin functions in Expr, including `flatten`, `min`, `max`, `mean`, and `median`, perform recursive traversal over user-provided data structures without enforcing a maximum recursion depth. If the evaluation environment contains deeply nested or cyclic data structures, these functions may recurse indefinitely until exceed the Go runtime stack limit. This results in a stack overflow panic, causing the host application to crash. While exploitability depends on whether an attacker can influence or inject cyclic or pathologically deep data into the\nevaluation environment, this behavior represents a denial-of-service (DoS) risk and affects overall library robustness. Instead of returning a recoverable evaluation error, the process may terminate unexpectedly. In affected versions, evaluation of expressions that invoke certain builtin functions on untrusted or insufficiently validated data structures can lead to a process-level crash due to stack exhaustion. This issue is most relevant in scenarios where Expr is used to evaluate expressions against externally supplied or dynamically constructed environments; cyclic references (directly or indirectly) can be introduced into arrays, maps, or structs; and there are no application-level safeguards preventing deeply nested input data. In typical use cases with controlled, acyclic data, the issue may not manifest. However, when present, the resulting panic can be used to reliably crash the application, constituting a denial of service. The issue has been fixed in the v1.17.7 versions of Expr. The patch introduces a maximum recursion depth limit for affected builtin functions. When this limit is exceeded, evaluation aborts gracefully and returns a descriptive error instead of panicking. Additionally, the maximum depth can be customized by users via `builtin.MaxDepth`, allowing applications with legitimate deep structures to raise the limit in a controlled manner. Users are strongly encouraged to upgrade to the patched release, which includes both the recursion guard and comprehensive test coverage to prevent regressions. For users who cannot immediately upgrade, some mitigations are recommended. Ensure that evaluation environments cannot contain cyclic references, validate or sanitize externally supplied data structures before passing them to Expr, and/or wrap expression evaluation with panic recovery to prevent a full process crash (as a last-resort defensive measure). These workarounds reduce risk but do not fully eliminate the issue without the patch.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Multi Linux Manager Tools SLE-12:golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.9.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.9.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.9.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.9.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgr-push-5.1.5-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.24-120002.3.9.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.24-120002.3.9.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.24-120002.3.9.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.24-120002.3.9.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-bash-completion-5.1.24-120002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-lang-5.1.24-120002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-zsh-completion-5.1.24-120002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:prometheus-blackbox_exporter-0.26.0-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:prometheus-blackbox_exporter-0.26.0-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:prometheus-blackbox_exporter-0.26.0-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:prometheus-blackbox_exporter-0.26.0-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:python2-mgr-push-5.1.5-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python2-rhnlib-5.1.4-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python2-spacewalk-client-tools-5.1.8-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python2-uyuni-common-libs-5.1.5-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:python2-uyuni-common-libs-5.1.5-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:python2-uyuni-common-libs-5.1.5-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:python2-uyuni-common-libs-5.1.5-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:spacecmd-5.1.12-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:spacewalk-client-tools-5.1.8-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:supportutils-plugin-susemanager-client-5.1.5-120002.3.6.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68156",
"url": "https://www.suse.com/security/cve/CVE-2025-68156"
},
{
"category": "external",
"summary": "SUSE Bug 1255330 for CVE-2025-68156",
"url": "https://bugzilla.suse.com/1255330"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Multi Linux Manager Tools SLE-12:golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.9.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.9.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.9.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.9.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgr-push-5.1.5-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.24-120002.3.9.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.24-120002.3.9.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.24-120002.3.9.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.24-120002.3.9.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-bash-completion-5.1.24-120002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-lang-5.1.24-120002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-zsh-completion-5.1.24-120002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:prometheus-blackbox_exporter-0.26.0-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:prometheus-blackbox_exporter-0.26.0-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:prometheus-blackbox_exporter-0.26.0-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:prometheus-blackbox_exporter-0.26.0-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:python2-mgr-push-5.1.5-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python2-rhnlib-5.1.4-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python2-spacewalk-client-tools-5.1.8-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python2-uyuni-common-libs-5.1.5-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:python2-uyuni-common-libs-5.1.5-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:python2-uyuni-common-libs-5.1.5-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:python2-uyuni-common-libs-5.1.5-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:spacecmd-5.1.12-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:spacewalk-client-tools-5.1.8-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:supportutils-plugin-susemanager-client-5.1.5-120002.3.6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Multi Linux Manager Tools SLE-12:golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-QubitProducts-exporter_exporter-0.4.0-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-boynux-squid_exporter-1.13.0-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-lusitaniae-apache_exporter-1.0.10-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-alertmanager-0.28.1-120002.4.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-node_exporter-1.9.1-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:golang-github-prometheus-prometheus-3.5.0-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.9.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.9.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.9.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:grafana-11.5.10-120002.4.9.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgr-push-5.1.5-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.24-120002.3.9.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.24-120002.3.9.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.24-120002.3.9.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-5.1.24-120002.3.9.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-bash-completion-5.1.24-120002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-lang-5.1.24-120002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:mgrctl-zsh-completion-5.1.24-120002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:prometheus-blackbox_exporter-0.26.0-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:prometheus-blackbox_exporter-0.26.0-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:prometheus-blackbox_exporter-0.26.0-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:prometheus-blackbox_exporter-0.26.0-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:python2-mgr-push-5.1.5-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python2-rhnlib-5.1.4-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python2-spacewalk-client-tools-5.1.8-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:python2-uyuni-common-libs-5.1.5-120002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-12:python2-uyuni-common-libs-5.1.5-120002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-12:python2-uyuni-common-libs-5.1.5-120002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-12:python2-uyuni-common-libs-5.1.5-120002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-12:spacecmd-5.1.12-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:spacewalk-client-tools-5.1.8-120002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-12:supportutils-plugin-susemanager-client-5.1.5-120002.3.6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-25T09:44:32Z",
"details": "important"
}
],
"title": "CVE-2025-68156"
}
]
}
SUSE-SU-2026:0630-1
Vulnerability from csaf_suse - Published: 2026-02-25 09:46 - Updated: 2026-02-25 09:46Summary
Security update 5.1.2 for Multi-Linux Manager Client Tools
Severity
Important
Notes
Title of the patch: Security update 5.1.2 for Multi-Linux Manager Client Tools
Description of the patch: This update fixes the following issues:
dracut-saltboot:
- Update to version 1.1.0
* Retry DHCP requests up to 3 times (bsc#1253004)
golang-github-QubitProducts-exporter_exporter:
- Non-customer-facing optimization around source building
golang-github-boynux-squid_exporter:
- Update to version 1.13.0 (jsc#PED-14971)
- Add support for squid-internal-mgr path for metrics.
- Update to version 1.12.0
- Add TLS and basic authentication support for the web interface.
- Update to version 1.11.0
- Allow adding custom labels to all metrics.
- Update to version 1.10.0
- Add ability to configure the exporter using environment variables.
- Add support for Squid 6
- Add `squid_up` metric
- Add `squid_scrape_duration_seconds` metric
- Add `squid_scrape_error` metric
- Update to version 1.9.0
- Add `process_open_fds` metric to monitor open file descriptors.
- Use `CAP_DAC_READ_SEARCH` capability to allow reading process information without running as root.
- Update to version 1.8.0
- Add various service time metrics to provide more detailed performance data.
- Update to version 1.7.0
- Add support for basic authentication against the Squid proxy.
- Fix `squid_client_http_requests_total` metric
- Upstream changes for v1.9.0:
- Use `CAP_DAC_READ_SEARCH` capability to allow
reading process information without running as root.
- Upstream changes for v1.8.0:
- Add various service time metrics to provide more detailed
performance data.
- Upstream changes for v1.7.0:
Squid proxy.Update to version 1.10.0
- Add ability to configure the exporter using environment
variables.
- Add `process_open_fds` metric to monitor open file descriptors.
- Use `CAP_DAC_READ_SEARCH` capability to allow reading process
information without running as root.
- Add various service time metrics to provide more detailed
performance data.
- Add support for basic authentication against the Squid proxy.
- Use current distro go default version. Use auto-versioning
on SUSE as well.
golang-github-lusitaniae-apache_exporter:
- Build without apparmor for openSUSE Leap 16, SLES 16 or newer
- Require Go 1.23 for building
- Update to version 1.0.10
* Update github.com/prometheus/client_golang to 1.21.1
* Update github.com/prometheus/common to 0.63.0
* Update github.com/prometheus/exporter-toolkit to 0.14.0
- Update to version 1.0.9
* Update github.com/prometheus/client_golang to 1.20.4
* Update github.com/prometheus/common to 0.59.1
* Update github.com/prometheus/exporter-toolkit to 0.13.0
* Migrate logging to log/slog
* Fix signal handler logging
golang-github-prometheus-alertmanager:
- Non-customer-facing optimization around source building
golang-github-prometheus-node_exporter:
- Non-customer-facing optimization around source building
golang-github-prometheus-prometheus:
- CVE-2025-12816: Interpretation conflict vulnerability allowing bypassing cryptographic verifications (bsc#1255588)
- Update to 3.5.0 (jsc#PED-13824):
This is a Long-Term Support (LTS) release.
* [FEATURE] Remote-write: Add support for Azure Workload Identity as an authentication method for the receiver.
* [FEATURE] PromQL: Add first_over_time(...) and ts_of_first_over_time(...) behind feature flag.
* [FEATURE] Federation: Add support for native histograms with custom buckets (NHCB).
* [ENHANCEMENT] PromQL: Add warn-level annotations for counter reset conflicts in certain histogram operations.
* [ENHANCEMENT] UI: Add scrape interval and scrape timeout to targets page.
- Update to 3.4.0:
* [FEATURE] SD: Add unified AWS service discovery for ec2, lightsail and ecs services.
* [FEATURE] Native histograms are now a stable, but optional feature.
* [FEATURE] UI: Show detailed relabeling steps for each discovered target.
* [ENHANCEMENT] Alerting: Add 'unknown' state for alerting rules that haven't been evaluated yet.
* [BUGFIX] Scrape: Fix a bug where scrape cache would not be cleared on startup.
- Update to 3.3.0:
* [FEATURE] Spring Boot 3.3 includes support for the Prometheus Client 1.x.
* [ENHANCEMENT] Dependency management for Dropwizard Metrics has been removed.
- Update to 3.2.0:
* [FEATURE] OAuth2: support jwt-bearer grant-type (RFC7523 3.1).
* [ENHANCEMENT] PromQL: Reconcile mismatched NHCB bounds in Add
and Sub.
* [BUGFIX] TSDB: Native Histogram Custom Bounds with a NaN
threshold are now rejected.
- Update to 3.1.0:
* [FEATURE] Remote-write 2 (receiving): Update to 2.0-rc.4 spec.
'created timestamp' (CT) is now called 'start timestamp' (ST).
* [BUGFIX] Mixin: Add static UID to the remote-write dashboard.
- Update to 3.0.1:
* [BUGFIX] Promql: Make subqueries left open.
* [BUGFIX] Fix memory leak when query log is enabled.
* [BUGFIX] Support utf8 names on /v1/label/:name/values endpoint.
- Update to 3.0.0:
This release includes new features such as a brand new UI and
UTF-8 support enabled by default.
* [CHANGE] Deprecated feature flags removed.
* [FEATURE] New UI.
* [FEATURE] Remote Write 2.0.
* [FEATURE] OpenTelemetry Support.
* [FEATURE] UTF-8 support is now stable and enabled by default.
* [FEATURE] OTLP Ingestion.
* [FEATURE] Native Histograms.
* [BUGFIX] PromQL: Fix count_values for histograms.
* [BUGFIX] TSDB: Fix race on stale values in headAppender.
* [BUGFIX] UI: Fix selector / series formatting for empty metric
names.
- Update to 2.55.0:
* [FEATURE] PromQL: Add `last_over_time` function.
* [FEATURE] Agent: Add `prometheus_agent_build_info` metric.
* [ENHANCEMENT] PromQL: Optimise `group()` and `group by()`.
* [ENHANCEMENT] TSDB: Reduce memory usage when loading blocks.
* [BUGFIX] Scrape: Fix a bug where a target could be scraped
multiple times.
- Update to 2.54.0:
This release brings a release candidate of a major new version of
Remote Write: 2.0.
* [CHANGE] Remote-Write: highest_timestamp_in_seconds and queue_highest_sent_timestamp_seconds metrics now initialized to 0.
* [CHANGE] API: Split warnings from info annotations in API response.
* [FEATURE] Remote-Write: Version 2.0 experimental, plus metadata
in WAL via feature flag.
* [FEATURE] PromQL: add limitk() and limit_ratio() aggregation
operators.
* [ENHANCEMENT] PromQL: Accept underscores in literal numbers.
* [ENHANCEMENT] PromQL: float literal numbers and durations are
now interchangeable (experimental).
* [ENHANCEMENT] PromQL (experimental native histograms): Optimize
histogram_count and histogram_sum functions.
* [BUGFIX] PromQL: Fix various issues with native histograms.
* [BUGFIX] OTLP receiver: Allow colons in non-standard units.
grafana:
- CVE-2025-68156: Fix potential DoS via unbounded recursion in builtin functions (bsc#1255340)
mgr-push:
- Version 5.1.5-0
* Non-customer-facing optimization and update
prometheus-blackbox_exporter:
* Non-customer-facing optimization and update
rhnlib:
- Version 5.1.4-0
* Non-customer-facing optimization and update
spacecmd:
- Version 5.1.12-0
* Fix spacecmd binary file upload (bsc#1253659)
* Fix typo in spacecmd help ca-cert flag (bsc#1253174)
* Convert cached IDs to int (bsc#1251995)
* Fix methods in api namespace in spacecmd (bsc#1249532)
* Make caching code Py 2.7 compatible
* Use JSON instead of pickle for spacecmd cache (bsc#1227579)
* Python 2.7 cannot re-raise exceptions
spacewalk-client-tools:
- Version 5.1.8-0
* Non-customer-facing optimization and update
supportutils-plugin-susemanager-client:
- Version 5.1.5-0
* Non-customer-facing optimization and update
uyuni-common-libs:
- Version 5.1.5-0
* Non-customer-facing optimization and update
uyuni-tools:
- Version 5.1.24-0
* Actually use the --dbupgrade-tag parameter when computing the
image URL (bsc#1249400)
* Handle CA files with symlinks during migration (bsc#1251044)
* Adjust traefik exposed configuration for chart v27+ (bsc#1247721)
* Fix systemd object initialization in server rename. (bsc#1250981)
* Add SSL secrets to the db setup container during migration. (bsc#1250976)
* Fix images handling in mgrpxy support ptf (bsc#1250940)
* Fix helm upgrade parameters (bsc#1253966)
* Detect custom apache and squid config in the /etc/uyuni/proxy folder
* Add ssh tuning to configure sshd (bsc#1253738)
* Move the SSL checks at the beginning of the migration
* Remove cgroup mount for podman containers (bsc#1253347)
* Convert the traefik install time to local time (bsc#1251138)
* During migration, krb5.conf.d should be copied in /etc/rhn (bsc#1254478)
* Read env var from http conf file (bsc#1253282)
* Add --registry-host, --registry-user and --registry-password
to pull images from an authenticate registry
* Deprecate --registry
* Unify backup create and restore dryrun option case
* Fix calling of squid -z in mgrpxy cache clear (bsc#1247644)
* Always start database container even if enabled
* Remove extra ipv6 mapping and nftables workaround (bsc#1248848)
* Remove old PostgreSQL exporter environment file before migration
* Support config command parse correctly supportconfig output (bsc#1255781)
Patchnames: SUSE-2026-630,SUSE-MultiLinuxManagerTools-SLE-15-2026-630,SUSE-MultiLinuxManagerTools-SLE-Micro-5-2026-630
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.6 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.5 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
| URL | Category | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update 5.1.2 for Multi-Linux Manager Client Tools",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update fixes the following issues:\n\ndracut-saltboot:\n\n- Update to version 1.1.0\n * Retry DHCP requests up to 3 times (bsc#1253004) \n\ngolang-github-QubitProducts-exporter_exporter:\n\n- Non-customer-facing optimization around source building\n\ngolang-github-boynux-squid_exporter:\n\n- Update to version 1.13.0 (jsc#PED-14971)\n - Add support for squid-internal-mgr path for metrics.\n- Update to version 1.12.0\n - Add TLS and basic authentication support for the web interface.\n- Update to version 1.11.0\n - Allow adding custom labels to all metrics.\n- Update to version 1.10.0\n - Add ability to configure the exporter using environment variables.\n - Add support for Squid 6\n - Add `squid_up` metric\n - Add `squid_scrape_duration_seconds` metric\n - Add `squid_scrape_error` metric\n- Update to version 1.9.0\n - Add `process_open_fds` metric to monitor open file descriptors.\n - Use `CAP_DAC_READ_SEARCH` capability to allow reading process information without running as root.\n- Update to version 1.8.0\n - Add various service time metrics to provide more detailed performance data.\n- Update to version 1.7.0\n - Add support for basic authentication against the Squid proxy.\n - Fix `squid_client_http_requests_total` metric\n- Upstream changes for v1.9.0:\n - Use `CAP_DAC_READ_SEARCH` capability to allow\n reading process information without running as root.\n- Upstream changes for v1.8.0:\n - Add various service time metrics to provide more detailed\n performance data.\n- Upstream changes for v1.7.0:\n Squid proxy.Update to version 1.10.0\n - Add ability to configure the exporter using environment\n variables.\n - Add `process_open_fds` metric to monitor open file descriptors.\n - Use `CAP_DAC_READ_SEARCH` capability to allow reading process\n information without running as root.\n - Add various service time metrics to provide more detailed\n performance data.\n - Add support for basic authentication against the Squid proxy.\n- Use current distro go default version. Use auto-versioning\n on SUSE as well.\n\ngolang-github-lusitaniae-apache_exporter:\n\n- Build without apparmor for openSUSE Leap 16, SLES 16 or newer\n- Require Go 1.23 for building\n- Update to version 1.0.10\n * Update github.com/prometheus/client_golang to 1.21.1\n * Update github.com/prometheus/common to 0.63.0\n * Update github.com/prometheus/exporter-toolkit to 0.14.0\n- Update to version 1.0.9\n * Update github.com/prometheus/client_golang to 1.20.4\n * Update github.com/prometheus/common to 0.59.1\n * Update github.com/prometheus/exporter-toolkit to 0.13.0\n * Migrate logging to log/slog\n * Fix signal handler logging\n\ngolang-github-prometheus-alertmanager:\n\n- Non-customer-facing optimization around source building\n\ngolang-github-prometheus-node_exporter:\n\n- Non-customer-facing optimization around source building\n\ngolang-github-prometheus-prometheus:\n\n- CVE-2025-12816: Interpretation conflict vulnerability allowing bypassing cryptographic verifications (bsc#1255588)\n- Update to 3.5.0 (jsc#PED-13824):\n This is a Long-Term Support (LTS) release.\n * [FEATURE] Remote-write: Add support for Azure Workload Identity as an authentication method for the receiver.\n * [FEATURE] PromQL: Add first_over_time(...) and ts_of_first_over_time(...) behind feature flag.\n * [FEATURE] Federation: Add support for native histograms with custom buckets (NHCB).\n * [ENHANCEMENT] PromQL: Add warn-level annotations for counter reset conflicts in certain histogram operations.\n * [ENHANCEMENT] UI: Add scrape interval and scrape timeout to targets page.\n- Update to 3.4.0:\n * [FEATURE] SD: Add unified AWS service discovery for ec2, lightsail and ecs services.\n * [FEATURE] Native histograms are now a stable, but optional feature.\n * [FEATURE] UI: Show detailed relabeling steps for each discovered target.\n * [ENHANCEMENT] Alerting: Add \u0027unknown\u0027 state for alerting rules that haven\u0027t been evaluated yet.\n * [BUGFIX] Scrape: Fix a bug where scrape cache would not be cleared on startup.\n- Update to 3.3.0:\n * [FEATURE] Spring Boot 3.3 includes support for the Prometheus Client 1.x.\n * [ENHANCEMENT] Dependency management for Dropwizard Metrics has been removed.\n- Update to 3.2.0:\n * [FEATURE] OAuth2: support jwt-bearer grant-type (RFC7523 3.1).\n * [ENHANCEMENT] PromQL: Reconcile mismatched NHCB bounds in Add\n and Sub.\n * [BUGFIX] TSDB: Native Histogram Custom Bounds with a NaN\n threshold are now rejected.\n- Update to 3.1.0:\n * [FEATURE] Remote-write 2 (receiving): Update to 2.0-rc.4 spec.\n \u0027created timestamp\u0027 (CT) is now called \u0027start timestamp\u0027 (ST).\n * [BUGFIX] Mixin: Add static UID to the remote-write dashboard.\n- Update to 3.0.1:\n * [BUGFIX] Promql: Make subqueries left open.\n * [BUGFIX] Fix memory leak when query log is enabled.\n * [BUGFIX] Support utf8 names on /v1/label/:name/values endpoint.\n- Update to 3.0.0:\n This release includes new features such as a brand new UI and\n UTF-8 support enabled by default.\n * [CHANGE] Deprecated feature flags removed.\n * [FEATURE] New UI.\n * [FEATURE] Remote Write 2.0.\n * [FEATURE] OpenTelemetry Support.\n * [FEATURE] UTF-8 support is now stable and enabled by default.\n * [FEATURE] OTLP Ingestion.\n * [FEATURE] Native Histograms.\n * [BUGFIX] PromQL: Fix count_values for histograms.\n * [BUGFIX] TSDB: Fix race on stale values in headAppender.\n * [BUGFIX] UI: Fix selector / series formatting for empty metric\n names.\n- Update to 2.55.0:\n * [FEATURE] PromQL: Add `last_over_time` function.\n * [FEATURE] Agent: Add `prometheus_agent_build_info` metric.\n * [ENHANCEMENT] PromQL: Optimise `group()` and `group by()`.\n * [ENHANCEMENT] TSDB: Reduce memory usage when loading blocks.\n * [BUGFIX] Scrape: Fix a bug where a target could be scraped\n multiple times.\n- Update to 2.54.0:\n This release brings a release candidate of a major new version of\n Remote Write: 2.0.\n * [CHANGE] Remote-Write: highest_timestamp_in_seconds and queue_highest_sent_timestamp_seconds metrics now initialized to 0.\n * [CHANGE] API: Split warnings from info annotations in API response.\n * [FEATURE] Remote-Write: Version 2.0 experimental, plus metadata\n in WAL via feature flag.\n * [FEATURE] PromQL: add limitk() and limit_ratio() aggregation\n operators.\n * [ENHANCEMENT] PromQL: Accept underscores in literal numbers.\n * [ENHANCEMENT] PromQL: float literal numbers and durations are\n now interchangeable (experimental).\n * [ENHANCEMENT] PromQL (experimental native histograms): Optimize\n histogram_count and histogram_sum functions.\n * [BUGFIX] PromQL: Fix various issues with native histograms.\n * [BUGFIX] OTLP receiver: Allow colons in non-standard units.\n\ngrafana:\n\n- CVE-2025-68156: Fix potential DoS via unbounded recursion in builtin functions (bsc#1255340)\n\nmgr-push:\n\n- Version 5.1.5-0\n * Non-customer-facing optimization and update\n\nprometheus-blackbox_exporter:\n\n* Non-customer-facing optimization and update\n\nrhnlib:\n\n- Version 5.1.4-0\n * Non-customer-facing optimization and update\n\nspacecmd:\n\n- Version 5.1.12-0\n * Fix spacecmd binary file upload (bsc#1253659)\n * Fix typo in spacecmd help ca-cert flag (bsc#1253174)\n * Convert cached IDs to int (bsc#1251995)\n * Fix methods in api namespace in spacecmd (bsc#1249532)\n * Make caching code Py 2.7 compatible\n * Use JSON instead of pickle for spacecmd cache (bsc#1227579)\n * Python 2.7 cannot re-raise exceptions\n\nspacewalk-client-tools:\n\n- Version 5.1.8-0\n * Non-customer-facing optimization and update\n\nsupportutils-plugin-susemanager-client:\n\n- Version 5.1.5-0\n * Non-customer-facing optimization and update\n\nuyuni-common-libs:\n\n- Version 5.1.5-0\n * Non-customer-facing optimization and update\n\nuyuni-tools:\n\n- Version 5.1.24-0\n * Actually use the --dbupgrade-tag parameter when computing the\n image URL (bsc#1249400)\n * Handle CA files with symlinks during migration (bsc#1251044)\n * Adjust traefik exposed configuration for chart v27+ (bsc#1247721)\n * Fix systemd object initialization in server rename. (bsc#1250981)\n * Add SSL secrets to the db setup container during migration. (bsc#1250976)\n * Fix images handling in mgrpxy support ptf (bsc#1250940)\n * Fix helm upgrade parameters (bsc#1253966)\n * Detect custom apache and squid config in the /etc/uyuni/proxy folder\n * Add ssh tuning to configure sshd (bsc#1253738)\n * Move the SSL checks at the beginning of the migration\n * Remove cgroup mount for podman containers (bsc#1253347)\n * Convert the traefik install time to local time (bsc#1251138)\n * During migration, krb5.conf.d should be copied in /etc/rhn (bsc#1254478)\n * Read env var from http conf file (bsc#1253282)\n * Add --registry-host, --registry-user and --registry-password\n to pull images from an authenticate registry\n * Deprecate --registry\n * Unify backup create and restore dryrun option case\n * Fix calling of squid -z in mgrpxy cache clear (bsc#1247644)\n * Always start database container even if enabled\n * Remove extra ipv6 mapping and nftables workaround (bsc#1248848)\n * Remove old PostgreSQL exporter environment file before migration\n * Support config command parse correctly supportconfig output (bsc#1255781)\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2026-630,SUSE-MultiLinuxManagerTools-SLE-15-2026-630,SUSE-MultiLinuxManagerTools-SLE-Micro-5-2026-630",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_0630-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:0630-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20260630-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:0630-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024390.html"
},
{
"category": "self",
"summary": "SUSE Bug 1227579",
"url": "https://bugzilla.suse.com/1227579"
},
{
"category": "self",
"summary": "SUSE Bug 1247644",
"url": "https://bugzilla.suse.com/1247644"
},
{
"category": "self",
"summary": "SUSE Bug 1247721",
"url": "https://bugzilla.suse.com/1247721"
},
{
"category": "self",
"summary": "SUSE Bug 1248848",
"url": "https://bugzilla.suse.com/1248848"
},
{
"category": "self",
"summary": "SUSE Bug 1249400",
"url": "https://bugzilla.suse.com/1249400"
},
{
"category": "self",
"summary": "SUSE Bug 1249532",
"url": "https://bugzilla.suse.com/1249532"
},
{
"category": "self",
"summary": "SUSE Bug 1250940",
"url": "https://bugzilla.suse.com/1250940"
},
{
"category": "self",
"summary": "SUSE Bug 1250976",
"url": "https://bugzilla.suse.com/1250976"
},
{
"category": "self",
"summary": "SUSE Bug 1250981",
"url": "https://bugzilla.suse.com/1250981"
},
{
"category": "self",
"summary": "SUSE Bug 1251044",
"url": "https://bugzilla.suse.com/1251044"
},
{
"category": "self",
"summary": "SUSE Bug 1251138",
"url": "https://bugzilla.suse.com/1251138"
},
{
"category": "self",
"summary": "SUSE Bug 1251995",
"url": "https://bugzilla.suse.com/1251995"
},
{
"category": "self",
"summary": "SUSE Bug 1253004",
"url": "https://bugzilla.suse.com/1253004"
},
{
"category": "self",
"summary": "SUSE Bug 1253174",
"url": "https://bugzilla.suse.com/1253174"
},
{
"category": "self",
"summary": "SUSE Bug 1253282",
"url": "https://bugzilla.suse.com/1253282"
},
{
"category": "self",
"summary": "SUSE Bug 1253347",
"url": "https://bugzilla.suse.com/1253347"
},
{
"category": "self",
"summary": "SUSE Bug 1253659",
"url": "https://bugzilla.suse.com/1253659"
},
{
"category": "self",
"summary": "SUSE Bug 1253738",
"url": "https://bugzilla.suse.com/1253738"
},
{
"category": "self",
"summary": "SUSE Bug 1253966",
"url": "https://bugzilla.suse.com/1253966"
},
{
"category": "self",
"summary": "SUSE Bug 1254478",
"url": "https://bugzilla.suse.com/1254478"
},
{
"category": "self",
"summary": "SUSE Bug 1255340",
"url": "https://bugzilla.suse.com/1255340"
},
{
"category": "self",
"summary": "SUSE Bug 1255588",
"url": "https://bugzilla.suse.com/1255588"
},
{
"category": "self",
"summary": "SUSE Bug 1255781",
"url": "https://bugzilla.suse.com/1255781"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-12816 page",
"url": "https://www.suse.com/security/cve/CVE-2025-12816/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68156 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68156/"
}
],
"title": "Security update 5.1.2 for Multi-Linux Manager Client Tools",
"tracking": {
"current_release_date": "2026-02-25T09:46:12Z",
"generator": {
"date": "2026-02-25T09:46:12Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:0630-1",
"initial_release_date": "2026-02-25T09:46:12Z",
"revision_history": [
{
"date": "2026-02-25T09:46:12Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "firewalld-prometheus-config-0.1-150002.3.3.1.aarch64",
"product": {
"name": "firewalld-prometheus-config-0.1-150002.3.3.1.aarch64",
"product_id": "firewalld-prometheus-config-0.1-150002.3.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.aarch64",
"product": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.aarch64",
"product_id": "golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.aarch64",
"product": {
"name": "golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.aarch64",
"product_id": "golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.aarch64",
"product": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.aarch64",
"product_id": "golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.aarch64",
"product": {
"name": "golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.aarch64",
"product_id": "golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.aarch64",
"product": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.aarch64",
"product_id": "golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.aarch64",
"product": {
"name": "golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.aarch64",
"product_id": "golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-promu-0.17.0-150002.3.4.1.aarch64",
"product": {
"name": "golang-github-prometheus-promu-0.17.0-150002.3.4.1.aarch64",
"product_id": "golang-github-prometheus-promu-0.17.0-150002.3.4.1.aarch64"
}
},
{
"category": "product_version",
"name": "grafana-11.5.10-150002.4.9.1.aarch64",
"product": {
"name": "grafana-11.5.10-150002.4.9.1.aarch64",
"product_id": "grafana-11.5.10-150002.4.9.1.aarch64"
}
},
{
"category": "product_version",
"name": "mgrctl-5.1.24-150002.3.9.1.aarch64",
"product": {
"name": "mgrctl-5.1.24-150002.3.9.1.aarch64",
"product_id": "mgrctl-5.1.24-150002.3.9.1.aarch64"
}
},
{
"category": "product_version",
"name": "prometheus-blackbox_exporter-0.26.0-150002.3.3.1.aarch64",
"product": {
"name": "prometheus-blackbox_exporter-0.26.0-150002.3.3.1.aarch64",
"product_id": "prometheus-blackbox_exporter-0.26.0-150002.3.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "python2-uyuni-common-libs-5.1.5-150002.3.3.1.aarch64",
"product": {
"name": "python2-uyuni-common-libs-5.1.5-150002.3.3.1.aarch64",
"product_id": "python2-uyuni-common-libs-5.1.5-150002.3.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "python3-uyuni-common-libs-5.1.5-150002.3.3.1.aarch64",
"product": {
"name": "python3-uyuni-common-libs-5.1.5-150002.3.3.1.aarch64",
"product_id": "python3-uyuni-common-libs-5.1.5-150002.3.3.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "dracut-saltboot-1.1.0-150002.3.6.1.noarch",
"product": {
"name": "dracut-saltboot-1.1.0-150002.3.6.1.noarch",
"product_id": "dracut-saltboot-1.1.0-150002.3.6.1.noarch"
}
},
{
"category": "product_version",
"name": "mgr-push-5.1.5-150002.3.6.2.noarch",
"product": {
"name": "mgr-push-5.1.5-150002.3.6.2.noarch",
"product_id": "mgr-push-5.1.5-150002.3.6.2.noarch"
}
},
{
"category": "product_version",
"name": "mgrctl-bash-completion-5.1.24-150002.3.9.1.noarch",
"product": {
"name": "mgrctl-bash-completion-5.1.24-150002.3.9.1.noarch",
"product_id": "mgrctl-bash-completion-5.1.24-150002.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "mgrctl-lang-5.1.24-150002.3.9.1.noarch",
"product": {
"name": "mgrctl-lang-5.1.24-150002.3.9.1.noarch",
"product_id": "mgrctl-lang-5.1.24-150002.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "mgrctl-zsh-completion-5.1.24-150002.3.9.1.noarch",
"product": {
"name": "mgrctl-zsh-completion-5.1.24-150002.3.9.1.noarch",
"product_id": "mgrctl-zsh-completion-5.1.24-150002.3.9.1.noarch"
}
},
{
"category": "product_version",
"name": "python3-mgr-push-5.1.5-150002.3.6.2.noarch",
"product": {
"name": "python3-mgr-push-5.1.5-150002.3.6.2.noarch",
"product_id": "python3-mgr-push-5.1.5-150002.3.6.2.noarch"
}
},
{
"category": "product_version",
"name": "python3-rhnlib-5.1.4-150002.3.6.1.noarch",
"product": {
"name": "python3-rhnlib-5.1.4-150002.3.6.1.noarch",
"product_id": "python3-rhnlib-5.1.4-150002.3.6.1.noarch"
}
},
{
"category": "product_version",
"name": "python3-spacewalk-client-tools-5.1.8-150002.3.6.1.noarch",
"product": {
"name": "python3-spacewalk-client-tools-5.1.8-150002.3.6.1.noarch",
"product_id": "python3-spacewalk-client-tools-5.1.8-150002.3.6.1.noarch"
}
},
{
"category": "product_version",
"name": "spacecmd-5.1.12-150002.3.6.1.noarch",
"product": {
"name": "spacecmd-5.1.12-150002.3.6.1.noarch",
"product_id": "spacecmd-5.1.12-150002.3.6.1.noarch"
}
},
{
"category": "product_version",
"name": "spacewalk-client-tools-5.1.8-150002.3.6.1.noarch",
"product": {
"name": "spacewalk-client-tools-5.1.8-150002.3.6.1.noarch",
"product_id": "spacewalk-client-tools-5.1.8-150002.3.6.1.noarch"
}
},
{
"category": "product_version",
"name": "supportutils-plugin-susemanager-client-5.1.5-150002.3.6.1.noarch",
"product": {
"name": "supportutils-plugin-susemanager-client-5.1.5-150002.3.6.1.noarch",
"product_id": "supportutils-plugin-susemanager-client-5.1.5-150002.3.6.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "firewalld-prometheus-config-0.1-150002.3.3.1.ppc64le",
"product": {
"name": "firewalld-prometheus-config-0.1-150002.3.3.1.ppc64le",
"product_id": "firewalld-prometheus-config-0.1-150002.3.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.ppc64le",
"product": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.ppc64le",
"product_id": "golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.ppc64le",
"product": {
"name": "golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.ppc64le",
"product_id": "golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.ppc64le",
"product": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.ppc64le",
"product_id": "golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.ppc64le",
"product": {
"name": "golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.ppc64le",
"product_id": "golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.ppc64le",
"product": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.ppc64le",
"product_id": "golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.ppc64le",
"product": {
"name": "golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.ppc64le",
"product_id": "golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-promu-0.17.0-150002.3.4.1.ppc64le",
"product": {
"name": "golang-github-prometheus-promu-0.17.0-150002.3.4.1.ppc64le",
"product_id": "golang-github-prometheus-promu-0.17.0-150002.3.4.1.ppc64le"
}
},
{
"category": "product_version",
"name": "grafana-11.5.10-150002.4.9.1.ppc64le",
"product": {
"name": "grafana-11.5.10-150002.4.9.1.ppc64le",
"product_id": "grafana-11.5.10-150002.4.9.1.ppc64le"
}
},
{
"category": "product_version",
"name": "mgrctl-5.1.24-150002.3.9.1.ppc64le",
"product": {
"name": "mgrctl-5.1.24-150002.3.9.1.ppc64le",
"product_id": "mgrctl-5.1.24-150002.3.9.1.ppc64le"
}
},
{
"category": "product_version",
"name": "prometheus-blackbox_exporter-0.26.0-150002.3.3.1.ppc64le",
"product": {
"name": "prometheus-blackbox_exporter-0.26.0-150002.3.3.1.ppc64le",
"product_id": "prometheus-blackbox_exporter-0.26.0-150002.3.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python2-uyuni-common-libs-5.1.5-150002.3.3.1.ppc64le",
"product": {
"name": "python2-uyuni-common-libs-5.1.5-150002.3.3.1.ppc64le",
"product_id": "python2-uyuni-common-libs-5.1.5-150002.3.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "python3-uyuni-common-libs-5.1.5-150002.3.3.1.ppc64le",
"product": {
"name": "python3-uyuni-common-libs-5.1.5-150002.3.3.1.ppc64le",
"product_id": "python3-uyuni-common-libs-5.1.5-150002.3.3.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "firewalld-prometheus-config-0.1-150002.3.3.1.s390x",
"product": {
"name": "firewalld-prometheus-config-0.1-150002.3.3.1.s390x",
"product_id": "firewalld-prometheus-config-0.1-150002.3.3.1.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.s390x",
"product": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.s390x",
"product_id": "golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.s390x",
"product": {
"name": "golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.s390x",
"product_id": "golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.s390x",
"product": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.s390x",
"product_id": "golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.s390x",
"product": {
"name": "golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.s390x",
"product_id": "golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.s390x",
"product": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.s390x",
"product_id": "golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.s390x",
"product": {
"name": "golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.s390x",
"product_id": "golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-promu-0.17.0-150002.3.4.1.s390x",
"product": {
"name": "golang-github-prometheus-promu-0.17.0-150002.3.4.1.s390x",
"product_id": "golang-github-prometheus-promu-0.17.0-150002.3.4.1.s390x"
}
},
{
"category": "product_version",
"name": "grafana-11.5.10-150002.4.9.1.s390x",
"product": {
"name": "grafana-11.5.10-150002.4.9.1.s390x",
"product_id": "grafana-11.5.10-150002.4.9.1.s390x"
}
},
{
"category": "product_version",
"name": "mgrctl-5.1.24-150002.3.9.1.s390x",
"product": {
"name": "mgrctl-5.1.24-150002.3.9.1.s390x",
"product_id": "mgrctl-5.1.24-150002.3.9.1.s390x"
}
},
{
"category": "product_version",
"name": "prometheus-blackbox_exporter-0.26.0-150002.3.3.1.s390x",
"product": {
"name": "prometheus-blackbox_exporter-0.26.0-150002.3.3.1.s390x",
"product_id": "prometheus-blackbox_exporter-0.26.0-150002.3.3.1.s390x"
}
},
{
"category": "product_version",
"name": "python2-uyuni-common-libs-5.1.5-150002.3.3.1.s390x",
"product": {
"name": "python2-uyuni-common-libs-5.1.5-150002.3.3.1.s390x",
"product_id": "python2-uyuni-common-libs-5.1.5-150002.3.3.1.s390x"
}
},
{
"category": "product_version",
"name": "python3-uyuni-common-libs-5.1.5-150002.3.3.1.s390x",
"product": {
"name": "python3-uyuni-common-libs-5.1.5-150002.3.3.1.s390x",
"product_id": "python3-uyuni-common-libs-5.1.5-150002.3.3.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "firewalld-prometheus-config-0.1-150002.3.3.1.x86_64",
"product": {
"name": "firewalld-prometheus-config-0.1-150002.3.3.1.x86_64",
"product_id": "firewalld-prometheus-config-0.1-150002.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.x86_64",
"product": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.x86_64",
"product_id": "golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.x86_64",
"product": {
"name": "golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.x86_64",
"product_id": "golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.x86_64",
"product": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.x86_64",
"product_id": "golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.x86_64",
"product": {
"name": "golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.x86_64",
"product_id": "golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.x86_64",
"product": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.x86_64",
"product_id": "golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.x86_64",
"product": {
"name": "golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.x86_64",
"product_id": "golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-promu-0.17.0-150002.3.4.1.x86_64",
"product": {
"name": "golang-github-prometheus-promu-0.17.0-150002.3.4.1.x86_64",
"product_id": "golang-github-prometheus-promu-0.17.0-150002.3.4.1.x86_64"
}
},
{
"category": "product_version",
"name": "grafana-11.5.10-150002.4.9.1.x86_64",
"product": {
"name": "grafana-11.5.10-150002.4.9.1.x86_64",
"product_id": "grafana-11.5.10-150002.4.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "mgrctl-5.1.24-150002.3.9.1.x86_64",
"product": {
"name": "mgrctl-5.1.24-150002.3.9.1.x86_64",
"product_id": "mgrctl-5.1.24-150002.3.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "prometheus-blackbox_exporter-0.26.0-150002.3.3.1.x86_64",
"product": {
"name": "prometheus-blackbox_exporter-0.26.0-150002.3.3.1.x86_64",
"product_id": "prometheus-blackbox_exporter-0.26.0-150002.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "python2-uyuni-common-libs-5.1.5-150002.3.3.1.x86_64",
"product": {
"name": "python2-uyuni-common-libs-5.1.5-150002.3.3.1.x86_64",
"product_id": "python2-uyuni-common-libs-5.1.5-150002.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "python3-uyuni-common-libs-5.1.5-150002.3.3.1.x86_64",
"product": {
"name": "python3-uyuni-common-libs-5.1.5-150002.3.3.1.x86_64",
"product_id": "python3-uyuni-common-libs-5.1.5-150002.3.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Multi Linux Manager Tools SLE-15",
"product": {
"name": "SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15"
}
},
{
"category": "product_name",
"name": "SUSE Multi Linux Manager Tools SLE-Micro-5",
"product": {
"name": "SUSE Multi Linux Manager Tools SLE-Micro-5",
"product_id": "SUSE Multi Linux Manager Tools SLE-Micro-5"
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "dracut-saltboot-1.1.0-150002.3.6.1.noarch as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:dracut-saltboot-1.1.0-150002.3.6.1.noarch"
},
"product_reference": "dracut-saltboot-1.1.0-150002.3.6.1.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firewalld-prometheus-config-0.1-150002.3.3.1.aarch64 as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:firewalld-prometheus-config-0.1-150002.3.3.1.aarch64"
},
"product_reference": "firewalld-prometheus-config-0.1-150002.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firewalld-prometheus-config-0.1-150002.3.3.1.ppc64le as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:firewalld-prometheus-config-0.1-150002.3.3.1.ppc64le"
},
"product_reference": "firewalld-prometheus-config-0.1-150002.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firewalld-prometheus-config-0.1-150002.3.3.1.s390x as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:firewalld-prometheus-config-0.1-150002.3.3.1.s390x"
},
"product_reference": "firewalld-prometheus-config-0.1-150002.3.3.1.s390x",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firewalld-prometheus-config-0.1-150002.3.3.1.x86_64 as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:firewalld-prometheus-config-0.1-150002.3.3.1.x86_64"
},
"product_reference": "firewalld-prometheus-config-0.1-150002.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.aarch64 as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.aarch64"
},
"product_reference": "golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.ppc64le as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.ppc64le"
},
"product_reference": "golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.s390x as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.s390x"
},
"product_reference": "golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.s390x",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.x86_64 as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.x86_64"
},
"product_reference": "golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.aarch64 as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.aarch64"
},
"product_reference": "golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.ppc64le as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.ppc64le"
},
"product_reference": "golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.s390x as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.s390x"
},
"product_reference": "golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.s390x",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.x86_64 as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.x86_64"
},
"product_reference": "golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.aarch64 as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.aarch64"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.ppc64le as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.ppc64le"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.s390x as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.s390x"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.s390x",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.x86_64 as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.x86_64"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.aarch64 as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.aarch64"
},
"product_reference": "golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.aarch64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.ppc64le as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.ppc64le"
},
"product_reference": "golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.ppc64le",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.s390x as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.s390x"
},
"product_reference": "golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.s390x",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.x86_64 as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.x86_64"
},
"product_reference": "golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.x86_64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.aarch64 as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.aarch64"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.ppc64le as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.ppc64le"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.s390x as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.s390x"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.s390x",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.x86_64 as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.x86_64"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.aarch64 as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.aarch64"
},
"product_reference": "golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.ppc64le as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.ppc64le"
},
"product_reference": "golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.s390x as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.s390x"
},
"product_reference": "golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.s390x",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.x86_64 as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.x86_64"
},
"product_reference": "golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.10-150002.4.9.1.aarch64 as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.9.1.aarch64"
},
"product_reference": "grafana-11.5.10-150002.4.9.1.aarch64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.10-150002.4.9.1.ppc64le as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.9.1.ppc64le"
},
"product_reference": "grafana-11.5.10-150002.4.9.1.ppc64le",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.10-150002.4.9.1.s390x as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.9.1.s390x"
},
"product_reference": "grafana-11.5.10-150002.4.9.1.s390x",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.5.10-150002.4.9.1.x86_64 as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.9.1.x86_64"
},
"product_reference": "grafana-11.5.10-150002.4.9.1.x86_64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgr-push-5.1.5-150002.3.6.2.noarch as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:mgr-push-5.1.5-150002.3.6.2.noarch"
},
"product_reference": "mgr-push-5.1.5-150002.3.6.2.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-5.1.24-150002.3.9.1.aarch64 as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.24-150002.3.9.1.aarch64"
},
"product_reference": "mgrctl-5.1.24-150002.3.9.1.aarch64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-5.1.24-150002.3.9.1.ppc64le as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.24-150002.3.9.1.ppc64le"
},
"product_reference": "mgrctl-5.1.24-150002.3.9.1.ppc64le",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-5.1.24-150002.3.9.1.s390x as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.24-150002.3.9.1.s390x"
},
"product_reference": "mgrctl-5.1.24-150002.3.9.1.s390x",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-5.1.24-150002.3.9.1.x86_64 as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.24-150002.3.9.1.x86_64"
},
"product_reference": "mgrctl-5.1.24-150002.3.9.1.x86_64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-bash-completion-5.1.24-150002.3.9.1.noarch as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:mgrctl-bash-completion-5.1.24-150002.3.9.1.noarch"
},
"product_reference": "mgrctl-bash-completion-5.1.24-150002.3.9.1.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-lang-5.1.24-150002.3.9.1.noarch as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:mgrctl-lang-5.1.24-150002.3.9.1.noarch"
},
"product_reference": "mgrctl-lang-5.1.24-150002.3.9.1.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-zsh-completion-5.1.24-150002.3.9.1.noarch as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:mgrctl-zsh-completion-5.1.24-150002.3.9.1.noarch"
},
"product_reference": "mgrctl-zsh-completion-5.1.24-150002.3.9.1.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-blackbox_exporter-0.26.0-150002.3.3.1.aarch64 as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.aarch64"
},
"product_reference": "prometheus-blackbox_exporter-0.26.0-150002.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-blackbox_exporter-0.26.0-150002.3.3.1.ppc64le as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.ppc64le"
},
"product_reference": "prometheus-blackbox_exporter-0.26.0-150002.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-blackbox_exporter-0.26.0-150002.3.3.1.s390x as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.s390x"
},
"product_reference": "prometheus-blackbox_exporter-0.26.0-150002.3.3.1.s390x",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-blackbox_exporter-0.26.0-150002.3.3.1.x86_64 as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.x86_64"
},
"product_reference": "prometheus-blackbox_exporter-0.26.0-150002.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-mgr-push-5.1.5-150002.3.6.2.noarch as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:python3-mgr-push-5.1.5-150002.3.6.2.noarch"
},
"product_reference": "python3-mgr-push-5.1.5-150002.3.6.2.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-rhnlib-5.1.4-150002.3.6.1.noarch as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:python3-rhnlib-5.1.4-150002.3.6.1.noarch"
},
"product_reference": "python3-rhnlib-5.1.4-150002.3.6.1.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-spacewalk-client-tools-5.1.8-150002.3.6.1.noarch as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:python3-spacewalk-client-tools-5.1.8-150002.3.6.1.noarch"
},
"product_reference": "python3-spacewalk-client-tools-5.1.8-150002.3.6.1.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-uyuni-common-libs-5.1.5-150002.3.3.1.aarch64 as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:python3-uyuni-common-libs-5.1.5-150002.3.3.1.aarch64"
},
"product_reference": "python3-uyuni-common-libs-5.1.5-150002.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-uyuni-common-libs-5.1.5-150002.3.3.1.ppc64le as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:python3-uyuni-common-libs-5.1.5-150002.3.3.1.ppc64le"
},
"product_reference": "python3-uyuni-common-libs-5.1.5-150002.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-uyuni-common-libs-5.1.5-150002.3.3.1.s390x as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:python3-uyuni-common-libs-5.1.5-150002.3.3.1.s390x"
},
"product_reference": "python3-uyuni-common-libs-5.1.5-150002.3.3.1.s390x",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-uyuni-common-libs-5.1.5-150002.3.3.1.x86_64 as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:python3-uyuni-common-libs-5.1.5-150002.3.3.1.x86_64"
},
"product_reference": "python3-uyuni-common-libs-5.1.5-150002.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacecmd-5.1.12-150002.3.6.1.noarch as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:spacecmd-5.1.12-150002.3.6.1.noarch"
},
"product_reference": "spacecmd-5.1.12-150002.3.6.1.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacewalk-client-tools-5.1.8-150002.3.6.1.noarch as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:spacewalk-client-tools-5.1.8-150002.3.6.1.noarch"
},
"product_reference": "spacewalk-client-tools-5.1.8-150002.3.6.1.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "supportutils-plugin-susemanager-client-5.1.5-150002.3.6.1.noarch as component of SUSE Multi Linux Manager Tools SLE-15",
"product_id": "SUSE Multi Linux Manager Tools SLE-15:supportutils-plugin-susemanager-client-5.1.5-150002.3.6.1.noarch"
},
"product_reference": "supportutils-plugin-susemanager-client-5.1.5-150002.3.6.1.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dracut-saltboot-1.1.0-150002.3.6.1.noarch as component of SUSE Multi Linux Manager Tools SLE-Micro-5",
"product_id": "SUSE Multi Linux Manager Tools SLE-Micro-5:dracut-saltboot-1.1.0-150002.3.6.1.noarch"
},
"product_reference": "dracut-saltboot-1.1.0-150002.3.6.1.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-Micro-5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.aarch64 as component of SUSE Multi Linux Manager Tools SLE-Micro-5",
"product_id": "SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.aarch64"
},
"product_reference": "golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-Micro-5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.ppc64le as component of SUSE Multi Linux Manager Tools SLE-Micro-5",
"product_id": "SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.ppc64le"
},
"product_reference": "golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-Micro-5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.s390x as component of SUSE Multi Linux Manager Tools SLE-Micro-5",
"product_id": "SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.s390x"
},
"product_reference": "golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.s390x",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-Micro-5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.x86_64 as component of SUSE Multi Linux Manager Tools SLE-Micro-5",
"product_id": "SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.x86_64"
},
"product_reference": "golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-Micro-5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.aarch64 as component of SUSE Multi Linux Manager Tools SLE-Micro-5",
"product_id": "SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.aarch64"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-Micro-5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.ppc64le as component of SUSE Multi Linux Manager Tools SLE-Micro-5",
"product_id": "SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.ppc64le"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-Micro-5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.s390x as component of SUSE Multi Linux Manager Tools SLE-Micro-5",
"product_id": "SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.s390x"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.s390x",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-Micro-5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.x86_64 as component of SUSE Multi Linux Manager Tools SLE-Micro-5",
"product_id": "SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.x86_64"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-Micro-5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-5.1.24-150002.3.9.1.aarch64 as component of SUSE Multi Linux Manager Tools SLE-Micro-5",
"product_id": "SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.24-150002.3.9.1.aarch64"
},
"product_reference": "mgrctl-5.1.24-150002.3.9.1.aarch64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-Micro-5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-5.1.24-150002.3.9.1.ppc64le as component of SUSE Multi Linux Manager Tools SLE-Micro-5",
"product_id": "SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.24-150002.3.9.1.ppc64le"
},
"product_reference": "mgrctl-5.1.24-150002.3.9.1.ppc64le",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-Micro-5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-5.1.24-150002.3.9.1.s390x as component of SUSE Multi Linux Manager Tools SLE-Micro-5",
"product_id": "SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.24-150002.3.9.1.s390x"
},
"product_reference": "mgrctl-5.1.24-150002.3.9.1.s390x",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-Micro-5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-5.1.24-150002.3.9.1.x86_64 as component of SUSE Multi Linux Manager Tools SLE-Micro-5",
"product_id": "SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.24-150002.3.9.1.x86_64"
},
"product_reference": "mgrctl-5.1.24-150002.3.9.1.x86_64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-Micro-5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-bash-completion-5.1.24-150002.3.9.1.noarch as component of SUSE Multi Linux Manager Tools SLE-Micro-5",
"product_id": "SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-bash-completion-5.1.24-150002.3.9.1.noarch"
},
"product_reference": "mgrctl-bash-completion-5.1.24-150002.3.9.1.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-Micro-5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-lang-5.1.24-150002.3.9.1.noarch as component of SUSE Multi Linux Manager Tools SLE-Micro-5",
"product_id": "SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-lang-5.1.24-150002.3.9.1.noarch"
},
"product_reference": "mgrctl-lang-5.1.24-150002.3.9.1.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-Micro-5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-zsh-completion-5.1.24-150002.3.9.1.noarch as component of SUSE Multi Linux Manager Tools SLE-Micro-5",
"product_id": "SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-zsh-completion-5.1.24-150002.3.9.1.noarch"
},
"product_reference": "mgrctl-zsh-completion-5.1.24-150002.3.9.1.noarch",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-Micro-5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-blackbox_exporter-0.26.0-150002.3.3.1.aarch64 as component of SUSE Multi Linux Manager Tools SLE-Micro-5",
"product_id": "SUSE Multi Linux Manager Tools SLE-Micro-5:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.aarch64"
},
"product_reference": "prometheus-blackbox_exporter-0.26.0-150002.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-Micro-5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-blackbox_exporter-0.26.0-150002.3.3.1.ppc64le as component of SUSE Multi Linux Manager Tools SLE-Micro-5",
"product_id": "SUSE Multi Linux Manager Tools SLE-Micro-5:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.ppc64le"
},
"product_reference": "prometheus-blackbox_exporter-0.26.0-150002.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-Micro-5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-blackbox_exporter-0.26.0-150002.3.3.1.s390x as component of SUSE Multi Linux Manager Tools SLE-Micro-5",
"product_id": "SUSE Multi Linux Manager Tools SLE-Micro-5:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.s390x"
},
"product_reference": "prometheus-blackbox_exporter-0.26.0-150002.3.3.1.s390x",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-Micro-5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-blackbox_exporter-0.26.0-150002.3.3.1.x86_64 as component of SUSE Multi Linux Manager Tools SLE-Micro-5",
"product_id": "SUSE Multi Linux Manager Tools SLE-Micro-5:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.x86_64"
},
"product_reference": "prometheus-blackbox_exporter-0.26.0-150002.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Multi Linux Manager Tools SLE-Micro-5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-12816",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-12816"
}
],
"notes": [
{
"category": "general",
"text": "An interpretation-conflict (CWE-436) vulnerability in node-forge versions 1.3.1 and earlier enables unauthenticated attackers to craft ASN.1 structures to desynchronize schema validations, yielding a semantic divergence that may bypass downstream cryptographic verifications and security decisions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Multi Linux Manager Tools SLE-15:dracut-saltboot-1.1.0-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:firewalld-prometheus-config-0.1-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:firewalld-prometheus-config-0.1-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:firewalld-prometheus-config-0.1-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:firewalld-prometheus-config-0.1-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.9.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.9.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.9.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.9.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgr-push-5.1.5-150002.3.6.2.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.24-150002.3.9.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.24-150002.3.9.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.24-150002.3.9.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.24-150002.3.9.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-bash-completion-5.1.24-150002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-lang-5.1.24-150002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-zsh-completion-5.1.24-150002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:python3-mgr-push-5.1.5-150002.3.6.2.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-rhnlib-5.1.4-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-spacewalk-client-tools-5.1.8-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-uyuni-common-libs-5.1.5-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:python3-uyuni-common-libs-5.1.5-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:python3-uyuni-common-libs-5.1.5-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:python3-uyuni-common-libs-5.1.5-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:spacecmd-5.1.12-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:spacewalk-client-tools-5.1.8-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:supportutils-plugin-susemanager-client-5.1.5-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:dracut-saltboot-1.1.0-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.24-150002.3.9.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.24-150002.3.9.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.24-150002.3.9.1.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.24-150002.3.9.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-bash-completion-5.1.24-150002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-lang-5.1.24-150002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-zsh-completion-5.1.24-150002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-12816",
"url": "https://www.suse.com/security/cve/CVE-2025-12816"
},
{
"category": "external",
"summary": "SUSE Bug 1255584 for CVE-2025-12816",
"url": "https://bugzilla.suse.com/1255584"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Multi Linux Manager Tools SLE-15:dracut-saltboot-1.1.0-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:firewalld-prometheus-config-0.1-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:firewalld-prometheus-config-0.1-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:firewalld-prometheus-config-0.1-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:firewalld-prometheus-config-0.1-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.9.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.9.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.9.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.9.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgr-push-5.1.5-150002.3.6.2.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.24-150002.3.9.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.24-150002.3.9.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.24-150002.3.9.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.24-150002.3.9.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-bash-completion-5.1.24-150002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-lang-5.1.24-150002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-zsh-completion-5.1.24-150002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:python3-mgr-push-5.1.5-150002.3.6.2.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-rhnlib-5.1.4-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-spacewalk-client-tools-5.1.8-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-uyuni-common-libs-5.1.5-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:python3-uyuni-common-libs-5.1.5-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:python3-uyuni-common-libs-5.1.5-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:python3-uyuni-common-libs-5.1.5-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:spacecmd-5.1.12-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:spacewalk-client-tools-5.1.8-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:supportutils-plugin-susemanager-client-5.1.5-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:dracut-saltboot-1.1.0-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.24-150002.3.9.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.24-150002.3.9.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.24-150002.3.9.1.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.24-150002.3.9.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-bash-completion-5.1.24-150002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-lang-5.1.24-150002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-zsh-completion-5.1.24-150002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Multi Linux Manager Tools SLE-15:dracut-saltboot-1.1.0-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:firewalld-prometheus-config-0.1-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:firewalld-prometheus-config-0.1-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:firewalld-prometheus-config-0.1-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:firewalld-prometheus-config-0.1-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.9.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.9.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.9.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.9.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgr-push-5.1.5-150002.3.6.2.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.24-150002.3.9.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.24-150002.3.9.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.24-150002.3.9.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.24-150002.3.9.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-bash-completion-5.1.24-150002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-lang-5.1.24-150002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-zsh-completion-5.1.24-150002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:python3-mgr-push-5.1.5-150002.3.6.2.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-rhnlib-5.1.4-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-spacewalk-client-tools-5.1.8-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-uyuni-common-libs-5.1.5-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:python3-uyuni-common-libs-5.1.5-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:python3-uyuni-common-libs-5.1.5-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:python3-uyuni-common-libs-5.1.5-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:spacecmd-5.1.12-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:spacewalk-client-tools-5.1.8-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:supportutils-plugin-susemanager-client-5.1.5-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:dracut-saltboot-1.1.0-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.24-150002.3.9.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.24-150002.3.9.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.24-150002.3.9.1.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.24-150002.3.9.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-bash-completion-5.1.24-150002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-lang-5.1.24-150002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-zsh-completion-5.1.24-150002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-25T09:46:12Z",
"details": "important"
}
],
"title": "CVE-2025-12816"
},
{
"cve": "CVE-2025-68156",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68156"
}
],
"notes": [
{
"category": "general",
"text": "Expr is an expression language and expression evaluation for Go. Prior to version 1.17.7, several builtin functions in Expr, including `flatten`, `min`, `max`, `mean`, and `median`, perform recursive traversal over user-provided data structures without enforcing a maximum recursion depth. If the evaluation environment contains deeply nested or cyclic data structures, these functions may recurse indefinitely until exceed the Go runtime stack limit. This results in a stack overflow panic, causing the host application to crash. While exploitability depends on whether an attacker can influence or inject cyclic or pathologically deep data into the\nevaluation environment, this behavior represents a denial-of-service (DoS) risk and affects overall library robustness. Instead of returning a recoverable evaluation error, the process may terminate unexpectedly. In affected versions, evaluation of expressions that invoke certain builtin functions on untrusted or insufficiently validated data structures can lead to a process-level crash due to stack exhaustion. This issue is most relevant in scenarios where Expr is used to evaluate expressions against externally supplied or dynamically constructed environments; cyclic references (directly or indirectly) can be introduced into arrays, maps, or structs; and there are no application-level safeguards preventing deeply nested input data. In typical use cases with controlled, acyclic data, the issue may not manifest. However, when present, the resulting panic can be used to reliably crash the application, constituting a denial of service. The issue has been fixed in the v1.17.7 versions of Expr. The patch introduces a maximum recursion depth limit for affected builtin functions. When this limit is exceeded, evaluation aborts gracefully and returns a descriptive error instead of panicking. Additionally, the maximum depth can be customized by users via `builtin.MaxDepth`, allowing applications with legitimate deep structures to raise the limit in a controlled manner. Users are strongly encouraged to upgrade to the patched release, which includes both the recursion guard and comprehensive test coverage to prevent regressions. For users who cannot immediately upgrade, some mitigations are recommended. Ensure that evaluation environments cannot contain cyclic references, validate or sanitize externally supplied data structures before passing them to Expr, and/or wrap expression evaluation with panic recovery to prevent a full process crash (as a last-resort defensive measure). These workarounds reduce risk but do not fully eliminate the issue without the patch.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Multi Linux Manager Tools SLE-15:dracut-saltboot-1.1.0-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:firewalld-prometheus-config-0.1-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:firewalld-prometheus-config-0.1-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:firewalld-prometheus-config-0.1-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:firewalld-prometheus-config-0.1-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.9.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.9.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.9.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.9.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgr-push-5.1.5-150002.3.6.2.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.24-150002.3.9.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.24-150002.3.9.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.24-150002.3.9.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.24-150002.3.9.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-bash-completion-5.1.24-150002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-lang-5.1.24-150002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-zsh-completion-5.1.24-150002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:python3-mgr-push-5.1.5-150002.3.6.2.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-rhnlib-5.1.4-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-spacewalk-client-tools-5.1.8-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-uyuni-common-libs-5.1.5-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:python3-uyuni-common-libs-5.1.5-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:python3-uyuni-common-libs-5.1.5-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:python3-uyuni-common-libs-5.1.5-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:spacecmd-5.1.12-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:spacewalk-client-tools-5.1.8-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:supportutils-plugin-susemanager-client-5.1.5-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:dracut-saltboot-1.1.0-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.24-150002.3.9.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.24-150002.3.9.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.24-150002.3.9.1.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.24-150002.3.9.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-bash-completion-5.1.24-150002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-lang-5.1.24-150002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-zsh-completion-5.1.24-150002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68156",
"url": "https://www.suse.com/security/cve/CVE-2025-68156"
},
{
"category": "external",
"summary": "SUSE Bug 1255330 for CVE-2025-68156",
"url": "https://bugzilla.suse.com/1255330"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Multi Linux Manager Tools SLE-15:dracut-saltboot-1.1.0-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:firewalld-prometheus-config-0.1-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:firewalld-prometheus-config-0.1-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:firewalld-prometheus-config-0.1-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:firewalld-prometheus-config-0.1-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.9.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.9.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.9.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.9.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgr-push-5.1.5-150002.3.6.2.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.24-150002.3.9.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.24-150002.3.9.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.24-150002.3.9.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.24-150002.3.9.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-bash-completion-5.1.24-150002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-lang-5.1.24-150002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-zsh-completion-5.1.24-150002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:python3-mgr-push-5.1.5-150002.3.6.2.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-rhnlib-5.1.4-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-spacewalk-client-tools-5.1.8-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-uyuni-common-libs-5.1.5-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:python3-uyuni-common-libs-5.1.5-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:python3-uyuni-common-libs-5.1.5-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:python3-uyuni-common-libs-5.1.5-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:spacecmd-5.1.12-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:spacewalk-client-tools-5.1.8-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:supportutils-plugin-susemanager-client-5.1.5-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:dracut-saltboot-1.1.0-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.24-150002.3.9.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.24-150002.3.9.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.24-150002.3.9.1.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.24-150002.3.9.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-bash-completion-5.1.24-150002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-lang-5.1.24-150002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-zsh-completion-5.1.24-150002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Multi Linux Manager Tools SLE-15:dracut-saltboot-1.1.0-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:firewalld-prometheus-config-0.1-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:firewalld-prometheus-config-0.1-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:firewalld-prometheus-config-0.1-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:firewalld-prometheus-config-0.1-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-boynux-squid_exporter-1.13.0-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-lusitaniae-apache_exporter-1.0.10-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-alertmanager-0.28.1-150002.4.6.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:golang-github-prometheus-prometheus-3.5.0-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.9.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.9.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.9.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:grafana-11.5.10-150002.4.9.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgr-push-5.1.5-150002.3.6.2.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.24-150002.3.9.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.24-150002.3.9.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.24-150002.3.9.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-5.1.24-150002.3.9.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-bash-completion-5.1.24-150002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-lang-5.1.24-150002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:mgrctl-zsh-completion-5.1.24-150002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:python3-mgr-push-5.1.5-150002.3.6.2.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-rhnlib-5.1.4-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-spacewalk-client-tools-5.1.8-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:python3-uyuni-common-libs-5.1.5-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-15:python3-uyuni-common-libs-5.1.5-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-15:python3-uyuni-common-libs-5.1.5-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-15:python3-uyuni-common-libs-5.1.5-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-15:spacecmd-5.1.12-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:spacewalk-client-tools-5.1.8-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-15:supportutils-plugin-susemanager-client-5.1.5-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:dracut-saltboot-1.1.0-150002.3.6.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-QubitProducts-exporter_exporter-0.4.0-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:golang-github-prometheus-node_exporter-1.9.1-150002.3.3.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.24-150002.3.9.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.24-150002.3.9.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.24-150002.3.9.1.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-5.1.24-150002.3.9.1.x86_64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-bash-completion-5.1.24-150002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-lang-5.1.24-150002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:mgrctl-zsh-completion-5.1.24-150002.3.9.1.noarch",
"SUSE Multi Linux Manager Tools SLE-Micro-5:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.aarch64",
"SUSE Multi Linux Manager Tools SLE-Micro-5:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.ppc64le",
"SUSE Multi Linux Manager Tools SLE-Micro-5:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.s390x",
"SUSE Multi Linux Manager Tools SLE-Micro-5:prometheus-blackbox_exporter-0.26.0-150002.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-25T09:46:12Z",
"details": "important"
}
],
"title": "CVE-2025-68156"
}
]
}
SUSE-SU-2026:1013-1
Vulnerability from csaf_suse - Published: 2026-03-25 10:11 - Updated: 2026-03-25 10:11Summary
Security update 5.0.7 for Multi-Linux Manager Client Tools
Severity
Important
Notes
Title of the patch: Security update 5.0.7 for Multi-Linux Manager Client Tools
Description of the patch: This update fixes the following issues:
dracut-saltboot:
- Version update to 1.1.0:
* Retry DHCP requests up to 3 times (bsc#1253004)
golang-github-QubitProducts-exporter_exporter:
- Non-customer-facing optimization and update
golang-github-boynux-squid_exporter:
- Version update from 1.6.0 to 1.13.0 with the following highlighted changes and fixes (jsc#PED-14971):
* Added compatibility for Squid 6 and support for the squid-internal-mgr metrics path
* Added TLS and Basic Authentication to the exporter’s web interface
* Added support for the exporter to authenticate against the Squid proxy itself
* Allow the gathering of process information without requiring root privileges
* The exporter can now be configured using environment variables
* Added support for custom labels to all exported metrics for better data filtering
* New metrics to track if Squid is running (squid_up), how long a scrape takes, and if any errors occurred
* Added 'service time' metrics to analyze proxy speed and performance.
* Added a metric for open file descriptors (process_open_fds) to help prevent connection bottlenecks
* Corrected the squid_client_http_requests_total metric to ensure accurate reporting
golang-github-lusitaniae-apache_exporter:
- Version update from 1.0.8 to 1.0.10:
* Updated github.com/prometheus/client_golang to 1.21.1
* Updated github.com/prometheus/common to 0.63.0
* Updated github.com/prometheus/exporter-toolkit to 0.14.0
* Fixed signal handler logging
golang-github-prometheus-prometheus:
- Security issues fixed:
* CVE-2026-27606: Fixed arbitrary file write via path traversal in rollup (bsc#1258893)
* CVE-2026-25547: Fixed unbounded brace range expansion leading to excessive CPU and memory consumption (bsc#1257841)
* CVE-2026-1615, CVE-2025-61140 The old web UI is no longer built due to security issues (bsc#1257897, bsc#1257442)
* CVE-2025-13465: Bump lodash package to version 4.17.23 to fix prototype pollution vulnerability (bsc#1257329)
* CVE-2025-12816: Interpretation conflict vulnerability allowing bypassing cryptographic verifications (bsc#1255588)
- Version update from 2.53.4 to 3.5.0 with the following highlighted changes (jsc#PED-13824):
* Modernized Interface: Introduced a brand-new UI
* Enhanced Cloud and Auth: Added unified AWS service discovery (EC2, ECS, Lightsail) and Azure Workload Identity support
for more secure, native cloudauthentication.
* Performance Standards: Fully integrated OpenTelemetry (OTLP) ingestion and moved Native Histograms from experimental
to a stable feature.
* Advanced Data Export: Rolled out Remote Write 2.0, offering better performance and metadata handling when sending
data to external systems.
* Query Power: Added new PromQL functions (like first_over_time and last_over_time) and optimization for grouping
operations
* Better Visibility: The UI now displays detailed relabeling steps, scrape intervals, and timeouts, making it easier
to troubleshoot why targets aren't reporting correctly.
* Critical Fixes: Resolved significant memory leaks related to query logging and fixed bugs where targets were
accidentally being scraped multiple times
grafana:
- Security issues fixed:
* CVE-2026-21722: Public dashboards annotations: use dashboard timerange if time selection disabled (bsc#1258136)
* CVE-2026-21721: Fixed access control by the dashboard permissions API (bsc#1257337)
* CVE-2026-21720: Fixed unauthenticated DoS (bsc#1257349)
* CVE-2025-68156: Fixed potential DoS via unbounded recursion in builtin functions (bsc#1255340)
* CVE-2025-3415: Fixedexposure of DingDing alerting integration URL to Viewer level users (bsc#1245302)
- Version update from 11.5.10 to 11.6.11 with the following highlighted changes and fixes:
* Performance Boost: Introduced WebGL-powered geomaps for smoother map visualizations and
removed blurred backgrounds from UI overlays to speed up the interface
* One-Click Actions: Visualizations now support faster navigation via one-click links and actions
* Alerting History: Added version history for alert rules, allowing you to track changes over time
* Service Accounts: Automated the migration of old API keys to more secure Service Accounts upon startup
* Cron Support: Annotations now support Cron syntax for more flexible scheduling
* Identity and Auth: Hardened the Avatar feature (now requires sign-in) and fixed several login redirection issues
when Grafana is hosted on a subpath
* Data Source Support: Added support for Cloud Partner Prometheus data sources and improved Azure legend formatting
* Alerting Limits: Added size limits for expanded notification templates to prevent system strain
* RBAC: Integrated Role-Based Access Control (RBAC) into the Alertmanager via the reqAction field
* Data Consistency: Fixed several issues with Graphite and InfluxDB regarding how variables are handled in repeated
rows or nested queries
* Dashboard Reliability: Resolved bugs involving row repeats and 'self-referencing' data links
* Alerting Fixes: Patched a critical 'panic' (crash) caused by a race condition in alert rules and fixed issues where
contact points weren't working correctly
* URL Handling: Fixed a bug where 'true' values in URL parameters weren't being read correctly
prometheus-blackbox_exporter:
- Non-customer-facing optimization and update
spacecmd:
- Version update to 5.0.15:
* Fixed typo in spacecmd help ca-cert flag (bsc#1253174)
* Convert cached IDs to integer values (bsc#1251995)
* Fixed spacecmd binary file upload (bsc#1253659)
uyuni-tools:
- Version update to 0.1.38:
* Fixed cobbler configuration when migrating to standalone files (bsc#1256803)
* Detect custom apache and squid config in the /etc/uyuni/proxy folder
* Add ssh tuning to configure sshd (bsc#1253738)
* Ignore supportconfig errors (bsc#1255781)
* Bumped the default image tag to 5.0.7
* Removed cgroup mount for podman containers (bsc#1253347)
* Registry flag can be a string (bsc#1254589)
* Use static supportconfig name to avoid dynamic search (bsc#1257941)
Patchnames: SUSE-2026-1013,SUSE-SLE-Manager-Tools-15-2026-1013,SUSE-SLE-Manager-Tools-For-Micro-5-2026-1013,SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-1013,openSUSE-SLE-15.6-2026-1013
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.6 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
8.2 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
4.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
8.1 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.5 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
9.8 (Critical)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.5 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
8.1 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.5 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
8.8 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
| URL | Category | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update 5.0.7 for Multi-Linux Manager Client Tools",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update fixes the following issues:\n\ndracut-saltboot:\n\n- Version update to 1.1.0:\n\n * Retry DHCP requests up to 3 times (bsc#1253004)\n\ngolang-github-QubitProducts-exporter_exporter:\n\n- Non-customer-facing optimization and update\n\ngolang-github-boynux-squid_exporter:\n\n- Version update from 1.6.0 to 1.13.0 with the following highlighted changes and fixes (jsc#PED-14971):\n\n * Added compatibility for Squid 6 and support for the squid-internal-mgr metrics path\n * Added TLS and Basic Authentication to the exporter\u2019s web interface\n * Added support for the exporter to authenticate against the Squid proxy itself\n * Allow the gathering of process information without requiring root privileges\n * The exporter can now be configured using environment variables\n * Added support for custom labels to all exported metrics for better data filtering\n * New metrics to track if Squid is running (squid_up), how long a scrape takes, and if any errors occurred\n * Added \u0027service time\u0027 metrics to analyze proxy speed and performance.\n * Added a metric for open file descriptors (process_open_fds) to help prevent connection bottlenecks\n * Corrected the squid_client_http_requests_total metric to ensure accurate reporting\n\n\ngolang-github-lusitaniae-apache_exporter:\n\n- Version update from 1.0.8 to 1.0.10:\n\n * Updated github.com/prometheus/client_golang to 1.21.1\n * Updated github.com/prometheus/common to 0.63.0\n * Updated github.com/prometheus/exporter-toolkit to 0.14.0\n * Fixed signal handler logging\n\ngolang-github-prometheus-prometheus:\n\n- Security issues fixed:\n\n * CVE-2026-27606: Fixed arbitrary file write via path traversal in rollup (bsc#1258893)\n * CVE-2026-25547: Fixed unbounded brace range expansion leading to excessive CPU and memory consumption (bsc#1257841)\n * CVE-2026-1615, CVE-2025-61140 The old web UI is no longer built due to security issues (bsc#1257897, bsc#1257442)\n * CVE-2025-13465: Bump lodash package to version 4.17.23 to fix prototype pollution vulnerability (bsc#1257329)\n * CVE-2025-12816: Interpretation conflict vulnerability allowing bypassing cryptographic verifications (bsc#1255588)\n\n- Version update from 2.53.4 to 3.5.0 with the following highlighted changes (jsc#PED-13824):\n\n * Modernized Interface: Introduced a brand-new UI\n * Enhanced Cloud and Auth: Added unified AWS service discovery (EC2, ECS, Lightsail) and Azure Workload Identity support\n for more secure, native cloudauthentication.\n * Performance Standards: Fully integrated OpenTelemetry (OTLP) ingestion and moved Native Histograms from experimental\n to a stable feature.\n * Advanced Data Export: Rolled out Remote Write 2.0, offering better performance and metadata handling when sending\n data to external systems.\n * Query Power: Added new PromQL functions (like first_over_time and last_over_time) and optimization for grouping\n operations\n * Better Visibility: The UI now displays detailed relabeling steps, scrape intervals, and timeouts, making it easier\n to troubleshoot why targets aren\u0027t reporting correctly.\n * Critical Fixes: Resolved significant memory leaks related to query logging and fixed bugs where targets were\n accidentally being scraped multiple times\n\ngrafana:\n\n- Security issues fixed:\n\n * CVE-2026-21722: Public dashboards annotations: use dashboard timerange if time selection disabled (bsc#1258136)\n * CVE-2026-21721: Fixed access control by the dashboard permissions API (bsc#1257337)\n * CVE-2026-21720: Fixed unauthenticated DoS (bsc#1257349)\n * CVE-2025-68156: Fixed potential DoS via unbounded recursion in builtin functions (bsc#1255340)\n * CVE-2025-3415: Fixedexposure of DingDing alerting integration URL to Viewer level users (bsc#1245302)\n\n- Version update from 11.5.10 to 11.6.11 with the following highlighted changes and fixes:\n \n * Performance Boost: Introduced WebGL-powered geomaps for smoother map visualizations and\n removed blurred backgrounds from UI overlays to speed up the interface\n * One-Click Actions: Visualizations now support faster navigation via one-click links and actions\n * Alerting History: Added version history for alert rules, allowing you to track changes over time\n * Service Accounts: Automated the migration of old API keys to more secure Service Accounts upon startup\n * Cron Support: Annotations now support Cron syntax for more flexible scheduling\n * Identity and Auth: Hardened the Avatar feature (now requires sign-in) and fixed several login redirection issues\n when Grafana is hosted on a subpath\n * Data Source Support: Added support for Cloud Partner Prometheus data sources and improved Azure legend formatting\n * Alerting Limits: Added size limits for expanded notification templates to prevent system strain\n * RBAC: Integrated Role-Based Access Control (RBAC) into the Alertmanager via the reqAction field\n * Data Consistency: Fixed several issues with Graphite and InfluxDB regarding how variables are handled in repeated\n rows or nested queries\n * Dashboard Reliability: Resolved bugs involving row repeats and \u0027self-referencing\u0027 data links\n * Alerting Fixes: Patched a critical \u0027panic\u0027 (crash) caused by a race condition in alert rules and fixed issues where\n contact points weren\u0027t working correctly\n * URL Handling: Fixed a bug where \u0027true\u0027 values in URL parameters weren\u0027t being read correctly\n\nprometheus-blackbox_exporter:\n\n- Non-customer-facing optimization and update\n\nspacecmd:\n\n- Version update to 5.0.15:\n\n * Fixed typo in spacecmd help ca-cert flag (bsc#1253174)\n * Convert cached IDs to integer values (bsc#1251995)\n * Fixed spacecmd binary file upload (bsc#1253659)\n\nuyuni-tools:\n\n- Version update to 0.1.38:\n\n * Fixed cobbler configuration when migrating to standalone files (bsc#1256803)\n * Detect custom apache and squid config in the /etc/uyuni/proxy folder\n * Add ssh tuning to configure sshd (bsc#1253738)\n * Ignore supportconfig errors (bsc#1255781)\n * Bumped the default image tag to 5.0.7\n * Removed cgroup mount for podman containers (bsc#1253347)\n * Registry flag can be a string (bsc#1254589)\n * Use static supportconfig name to avoid dynamic search (bsc#1257941)\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2026-1013,SUSE-SLE-Manager-Tools-15-2026-1013,SUSE-SLE-Manager-Tools-For-Micro-5-2026-1013,SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-1013,openSUSE-SLE-15.6-2026-1013",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_1013-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:1013-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20261013-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:1013-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024917.html"
},
{
"category": "self",
"summary": "SUSE Bug 1245302",
"url": "https://bugzilla.suse.com/1245302"
},
{
"category": "self",
"summary": "SUSE Bug 1251995",
"url": "https://bugzilla.suse.com/1251995"
},
{
"category": "self",
"summary": "SUSE Bug 1253004",
"url": "https://bugzilla.suse.com/1253004"
},
{
"category": "self",
"summary": "SUSE Bug 1253174",
"url": "https://bugzilla.suse.com/1253174"
},
{
"category": "self",
"summary": "SUSE Bug 1253347",
"url": "https://bugzilla.suse.com/1253347"
},
{
"category": "self",
"summary": "SUSE Bug 1253659",
"url": "https://bugzilla.suse.com/1253659"
},
{
"category": "self",
"summary": "SUSE Bug 1253738",
"url": "https://bugzilla.suse.com/1253738"
},
{
"category": "self",
"summary": "SUSE Bug 1254589",
"url": "https://bugzilla.suse.com/1254589"
},
{
"category": "self",
"summary": "SUSE Bug 1255340",
"url": "https://bugzilla.suse.com/1255340"
},
{
"category": "self",
"summary": "SUSE Bug 1255588",
"url": "https://bugzilla.suse.com/1255588"
},
{
"category": "self",
"summary": "SUSE Bug 1255781",
"url": "https://bugzilla.suse.com/1255781"
},
{
"category": "self",
"summary": "SUSE Bug 1256803",
"url": "https://bugzilla.suse.com/1256803"
},
{
"category": "self",
"summary": "SUSE Bug 1257329",
"url": "https://bugzilla.suse.com/1257329"
},
{
"category": "self",
"summary": "SUSE Bug 1257337",
"url": "https://bugzilla.suse.com/1257337"
},
{
"category": "self",
"summary": "SUSE Bug 1257349",
"url": "https://bugzilla.suse.com/1257349"
},
{
"category": "self",
"summary": "SUSE Bug 1257442",
"url": "https://bugzilla.suse.com/1257442"
},
{
"category": "self",
"summary": "SUSE Bug 1257841",
"url": "https://bugzilla.suse.com/1257841"
},
{
"category": "self",
"summary": "SUSE Bug 1257897",
"url": "https://bugzilla.suse.com/1257897"
},
{
"category": "self",
"summary": "SUSE Bug 1257941",
"url": "https://bugzilla.suse.com/1257941"
},
{
"category": "self",
"summary": "SUSE Bug 1258136",
"url": "https://bugzilla.suse.com/1258136"
},
{
"category": "self",
"summary": "SUSE Bug 1258893",
"url": "https://bugzilla.suse.com/1258893"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-12816 page",
"url": "https://www.suse.com/security/cve/CVE-2025-12816/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-13465 page",
"url": "https://www.suse.com/security/cve/CVE-2025-13465/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-3415 page",
"url": "https://www.suse.com/security/cve/CVE-2025-3415/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-61140 page",
"url": "https://www.suse.com/security/cve/CVE-2025-61140/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68156 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68156/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-1615 page",
"url": "https://www.suse.com/security/cve/CVE-2026-1615/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-21720 page",
"url": "https://www.suse.com/security/cve/CVE-2026-21720/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-21721 page",
"url": "https://www.suse.com/security/cve/CVE-2026-21721/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-21722 page",
"url": "https://www.suse.com/security/cve/CVE-2026-21722/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-25547 page",
"url": "https://www.suse.com/security/cve/CVE-2026-25547/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-27606 page",
"url": "https://www.suse.com/security/cve/CVE-2026-27606/"
}
],
"title": "Security update 5.0.7 for Multi-Linux Manager Client Tools",
"tracking": {
"current_release_date": "2026-03-25T10:11:52Z",
"generator": {
"date": "2026-03-25T10:11:52Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:1013-1",
"initial_release_date": "2026-03-25T10:11:52Z",
"revision_history": [
{
"date": "2026-03-25T10:11:52Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "firewalld-prometheus-config-0.1-150000.3.67.1.aarch64",
"product": {
"name": "firewalld-prometheus-config-0.1-150000.3.67.1.aarch64",
"product_id": "firewalld-prometheus-config-0.1-150000.3.67.1.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"product": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"product_id": "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"product": {
"name": "golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"product_id": "golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"product": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"product_id": "golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-node_exporter-1.9.1-150000.3.30.1.aarch64",
"product": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150000.3.30.1.aarch64",
"product_id": "golang-github-prometheus-node_exporter-1.9.1-150000.3.30.1.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64",
"product": {
"name": "golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64",
"product_id": "golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"product": {
"name": "golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"product_id": "golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64"
}
},
{
"category": "product_version",
"name": "grafana-11.6.11-150000.1.90.1.aarch64",
"product": {
"name": "grafana-11.6.11-150000.1.90.1.aarch64",
"product_id": "grafana-11.6.11-150000.1.90.1.aarch64"
}
},
{
"category": "product_version",
"name": "mgrctl-0.1.38-150000.1.30.1.aarch64",
"product": {
"name": "mgrctl-0.1.38-150000.1.30.1.aarch64",
"product_id": "mgrctl-0.1.38-150000.1.30.1.aarch64"
}
},
{
"category": "product_version",
"name": "prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"product": {
"name": "prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"product_id": "prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "firewalld-prometheus-config-0.1-150000.3.67.1.i586",
"product": {
"name": "firewalld-prometheus-config-0.1-150000.3.67.1.i586",
"product_id": "firewalld-prometheus-config-0.1-150000.3.67.1.i586"
}
},
{
"category": "product_version",
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.i586",
"product": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.i586",
"product_id": "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.i586"
}
},
{
"category": "product_version",
"name": "golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.i586",
"product": {
"name": "golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.i586",
"product_id": "golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.i586"
}
},
{
"category": "product_version",
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.i586",
"product": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.i586",
"product_id": "golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.i586"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-node_exporter-1.9.1-150000.3.30.1.i586",
"product": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150000.3.30.1.i586",
"product_id": "golang-github-prometheus-node_exporter-1.9.1-150000.3.30.1.i586"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.i586",
"product": {
"name": "golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.i586",
"product_id": "golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.i586"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-promu-0.17.0-150000.3.30.1.i586",
"product": {
"name": "golang-github-prometheus-promu-0.17.0-150000.3.30.1.i586",
"product_id": "golang-github-prometheus-promu-0.17.0-150000.3.30.1.i586"
}
},
{
"category": "product_version",
"name": "mgrctl-0.1.38-150000.1.30.1.i586",
"product": {
"name": "mgrctl-0.1.38-150000.1.30.1.i586",
"product_id": "mgrctl-0.1.38-150000.1.30.1.i586"
}
},
{
"category": "product_version",
"name": "prometheus-blackbox_exporter-0.26.0-150000.1.30.2.i586",
"product": {
"name": "prometheus-blackbox_exporter-0.26.0-150000.1.30.2.i586",
"product_id": "prometheus-blackbox_exporter-0.26.0-150000.1.30.2.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"product": {
"name": "dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"product_id": "dracut-saltboot-1.1.0-150000.1.65.1.noarch"
}
},
{
"category": "product_version",
"name": "mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"product": {
"name": "mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"product_id": "mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch"
}
},
{
"category": "product_version",
"name": "mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"product": {
"name": "mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"product_id": "mgrctl-lang-0.1.38-150000.1.30.1.noarch"
}
},
{
"category": "product_version",
"name": "mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"product": {
"name": "mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"product_id": "mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch"
}
},
{
"category": "product_version",
"name": "spacecmd-5.0.15-150000.3.142.1.noarch",
"product": {
"name": "spacecmd-5.0.15-150000.3.142.1.noarch",
"product_id": "spacecmd-5.0.15-150000.3.142.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le",
"product": {
"name": "firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le",
"product_id": "firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"product": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"product_id": "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"product": {
"name": "golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"product_id": "golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"product": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"product_id": "golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-node_exporter-1.9.1-150000.3.30.1.ppc64le",
"product": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150000.3.30.1.ppc64le",
"product_id": "golang-github-prometheus-node_exporter-1.9.1-150000.3.30.1.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le",
"product": {
"name": "golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le",
"product_id": "golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"product": {
"name": "golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"product_id": "golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le"
}
},
{
"category": "product_version",
"name": "grafana-11.6.11-150000.1.90.1.ppc64le",
"product": {
"name": "grafana-11.6.11-150000.1.90.1.ppc64le",
"product_id": "grafana-11.6.11-150000.1.90.1.ppc64le"
}
},
{
"category": "product_version",
"name": "mgrctl-0.1.38-150000.1.30.1.ppc64le",
"product": {
"name": "mgrctl-0.1.38-150000.1.30.1.ppc64le",
"product_id": "mgrctl-0.1.38-150000.1.30.1.ppc64le"
}
},
{
"category": "product_version",
"name": "prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"product": {
"name": "prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"product_id": "prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "firewalld-prometheus-config-0.1-150000.3.67.1.s390x",
"product": {
"name": "firewalld-prometheus-config-0.1-150000.3.67.1.s390x",
"product_id": "firewalld-prometheus-config-0.1-150000.3.67.1.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"product": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"product_id": "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"product": {
"name": "golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"product_id": "golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"product": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"product_id": "golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-node_exporter-1.9.1-150000.3.30.1.s390x",
"product": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150000.3.30.1.s390x",
"product_id": "golang-github-prometheus-node_exporter-1.9.1-150000.3.30.1.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x",
"product": {
"name": "golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x",
"product_id": "golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"product": {
"name": "golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"product_id": "golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x"
}
},
{
"category": "product_version",
"name": "grafana-11.6.11-150000.1.90.1.s390x",
"product": {
"name": "grafana-11.6.11-150000.1.90.1.s390x",
"product_id": "grafana-11.6.11-150000.1.90.1.s390x"
}
},
{
"category": "product_version",
"name": "mgrctl-0.1.38-150000.1.30.1.s390x",
"product": {
"name": "mgrctl-0.1.38-150000.1.30.1.s390x",
"product_id": "mgrctl-0.1.38-150000.1.30.1.s390x"
}
},
{
"category": "product_version",
"name": "prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"product": {
"name": "prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"product_id": "prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "firewalld-prometheus-config-0.1-150000.3.67.1.x86_64",
"product": {
"name": "firewalld-prometheus-config-0.1-150000.3.67.1.x86_64",
"product_id": "firewalld-prometheus-config-0.1-150000.3.67.1.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"product": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"product_id": "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"product": {
"name": "golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"product_id": "golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"product": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"product_id": "golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-node_exporter-1.9.1-150000.3.30.1.x86_64",
"product": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150000.3.30.1.x86_64",
"product_id": "golang-github-prometheus-node_exporter-1.9.1-150000.3.30.1.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64",
"product": {
"name": "golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64",
"product_id": "golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"product": {
"name": "golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"product_id": "golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64"
}
},
{
"category": "product_version",
"name": "grafana-11.6.11-150000.1.90.1.x86_64",
"product": {
"name": "grafana-11.6.11-150000.1.90.1.x86_64",
"product_id": "grafana-11.6.11-150000.1.90.1.x86_64"
}
},
{
"category": "product_version",
"name": "mgrctl-0.1.38-150000.1.30.1.x86_64",
"product": {
"name": "mgrctl-0.1.38-150000.1.30.1.x86_64",
"product_id": "mgrctl-0.1.38-150000.1.30.1.x86_64"
}
},
{
"category": "product_version",
"name": "prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"product": {
"name": "prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"product_id": "prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Manager Client Tools 15",
"product": {
"name": "SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15"
}
},
{
"category": "product_name",
"name": "SUSE Manager Client Tools for SLE Micro 5",
"product": {
"name": "SUSE Manager Client Tools for SLE Micro 5",
"product_id": "SUSE Manager Client Tools for SLE Micro 5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-manager-tools-micro:5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:packagehub:15:sp7"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "dracut-saltboot-1.1.0-150000.1.65.1.noarch as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:dracut-saltboot-1.1.0-150000.1.65.1.noarch"
},
"product_reference": "dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firewalld-prometheus-config-0.1-150000.3.67.1.aarch64 as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.aarch64"
},
"product_reference": "firewalld-prometheus-config-0.1-150000.3.67.1.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le"
},
"product_reference": "firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firewalld-prometheus-config-0.1-150000.3.67.1.s390x as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.s390x"
},
"product_reference": "firewalld-prometheus-config-0.1-150000.3.67.1.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firewalld-prometheus-config-0.1-150000.3.67.1.x86_64 as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.x86_64"
},
"product_reference": "firewalld-prometheus-config-0.1-150000.3.67.1.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64 as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64"
},
"product_reference": "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le"
},
"product_reference": "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x"
},
"product_reference": "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64 as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64"
},
"product_reference": "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64 as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64"
},
"product_reference": "golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le"
},
"product_reference": "golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x"
},
"product_reference": "golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64 as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64"
},
"product_reference": "golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64 as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64 as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64 as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64"
},
"product_reference": "golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le"
},
"product_reference": "golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x"
},
"product_reference": "golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64 as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64"
},
"product_reference": "golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.6.11-150000.1.90.1.aarch64 as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.aarch64"
},
"product_reference": "grafana-11.6.11-150000.1.90.1.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.6.11-150000.1.90.1.ppc64le as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.ppc64le"
},
"product_reference": "grafana-11.6.11-150000.1.90.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.6.11-150000.1.90.1.s390x as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.s390x"
},
"product_reference": "grafana-11.6.11-150000.1.90.1.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-11.6.11-150000.1.90.1.x86_64 as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.x86_64"
},
"product_reference": "grafana-11.6.11-150000.1.90.1.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-0.1.38-150000.1.30.1.aarch64 as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.aarch64"
},
"product_reference": "mgrctl-0.1.38-150000.1.30.1.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-0.1.38-150000.1.30.1.ppc64le as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.ppc64le"
},
"product_reference": "mgrctl-0.1.38-150000.1.30.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-0.1.38-150000.1.30.1.s390x as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.s390x"
},
"product_reference": "mgrctl-0.1.38-150000.1.30.1.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-0.1.38-150000.1.30.1.x86_64 as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.x86_64"
},
"product_reference": "mgrctl-0.1.38-150000.1.30.1.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch"
},
"product_reference": "mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-lang-0.1.38-150000.1.30.1.noarch as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:mgrctl-lang-0.1.38-150000.1.30.1.noarch"
},
"product_reference": "mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch"
},
"product_reference": "mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64 as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64"
},
"product_reference": "prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le"
},
"product_reference": "prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x"
},
"product_reference": "prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64 as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64"
},
"product_reference": "prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacecmd-5.0.15-150000.3.142.1.noarch as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:spacecmd-5.0.15-150000.3.142.1.noarch"
},
"product_reference": "spacecmd-5.0.15-150000.3.142.1.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dracut-saltboot-1.1.0-150000.1.65.1.noarch as component of SUSE Manager Client Tools for SLE Micro 5",
"product_id": "SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-1.1.0-150000.1.65.1.noarch"
},
"product_reference": "dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64 as component of SUSE Manager Client Tools for SLE Micro 5",
"product_id": "SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64"
},
"product_reference": "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x as component of SUSE Manager Client Tools for SLE Micro 5",
"product_id": "SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x"
},
"product_reference": "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64 as component of SUSE Manager Client Tools for SLE Micro 5",
"product_id": "SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64"
},
"product_reference": "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-0.1.38-150000.1.30.1.aarch64 as component of SUSE Manager Client Tools for SLE Micro 5",
"product_id": "SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.aarch64"
},
"product_reference": "mgrctl-0.1.38-150000.1.30.1.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-0.1.38-150000.1.30.1.s390x as component of SUSE Manager Client Tools for SLE Micro 5",
"product_id": "SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.s390x"
},
"product_reference": "mgrctl-0.1.38-150000.1.30.1.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-0.1.38-150000.1.30.1.x86_64 as component of SUSE Manager Client Tools for SLE Micro 5",
"product_id": "SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.x86_64"
},
"product_reference": "mgrctl-0.1.38-150000.1.30.1.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch as component of SUSE Manager Client Tools for SLE Micro 5",
"product_id": "SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch"
},
"product_reference": "mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-lang-0.1.38-150000.1.30.1.noarch as component of SUSE Manager Client Tools for SLE Micro 5",
"product_id": "SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.38-150000.1.30.1.noarch"
},
"product_reference": "mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch as component of SUSE Manager Client Tools for SLE Micro 5",
"product_id": "SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch"
},
"product_reference": "mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"relates_to_product_reference": "SUSE Manager Client Tools for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64 as component of SUSE Manager Client Tools for SLE Micro 5",
"product_id": "SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64"
},
"product_reference": "prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x as component of SUSE Manager Client Tools for SLE Micro 5",
"product_id": "SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x"
},
"product_reference": "prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64 as component of SUSE Manager Client Tools for SLE Micro 5",
"product_id": "SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64"
},
"product_reference": "prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64"
},
"product_reference": "golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le"
},
"product_reference": "golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x"
},
"product_reference": "golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64"
},
"product_reference": "golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dracut-saltboot-1.1.0-150000.1.65.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dracut-saltboot-1.1.0-150000.1.65.1.noarch"
},
"product_reference": "dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64"
},
"product_reference": "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le"
},
"product_reference": "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x"
},
"product_reference": "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64"
},
"product_reference": "golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64"
},
"product_reference": "golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le"
},
"product_reference": "golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x"
},
"product_reference": "golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64"
},
"product_reference": "golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64"
},
"product_reference": "golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64"
},
"product_reference": "golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le"
},
"product_reference": "golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x"
},
"product_reference": "golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64"
},
"product_reference": "golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64"
},
"product_reference": "prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le"
},
"product_reference": "prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x"
},
"product_reference": "prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64"
},
"product_reference": "prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "spacecmd-5.0.15-150000.3.142.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:spacecmd-5.0.15-150000.3.142.1.noarch"
},
"product_reference": "spacecmd-5.0.15-150000.3.142.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-12816",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-12816"
}
],
"notes": [
{
"category": "general",
"text": "An interpretation-conflict (CWE-436) vulnerability in node-forge versions 1.3.1 and earlier enables unauthenticated attackers to craft ASN.1 structures to desynchronize schema validations, yielding a semantic divergence that may bypass downstream cryptographic verifications and security decisions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"SUSE Manager Client Tools 15:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.ppc64le",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"SUSE Manager Client Tools 15:spacecmd-5.0.15-150000.3.142.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:spacecmd-5.0.15-150000.3.142.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-12816",
"url": "https://www.suse.com/security/cve/CVE-2025-12816"
},
{
"category": "external",
"summary": "SUSE Bug 1255584 for CVE-2025-12816",
"url": "https://bugzilla.suse.com/1255584"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"SUSE Manager Client Tools 15:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.ppc64le",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"SUSE Manager Client Tools 15:spacecmd-5.0.15-150000.3.142.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:spacecmd-5.0.15-150000.3.142.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"SUSE Manager Client Tools 15:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.ppc64le",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"SUSE Manager Client Tools 15:spacecmd-5.0.15-150000.3.142.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:spacecmd-5.0.15-150000.3.142.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-25T10:11:52Z",
"details": "important"
}
],
"title": "CVE-2025-12816"
},
{
"cve": "CVE-2025-13465",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-13465"
}
],
"notes": [
{
"category": "general",
"text": "Lodash versions 4.0.0 through 4.17.22 are vulnerable to prototype pollution in the _.unset and _.omit functions. An attacker can pass crafted paths which cause Lodash to delete methods from global prototypes.\n\nThe issue permits deletion of properties but does not allow overwriting their original behavior.\n\nThis issue is patched on 4.17.23",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"SUSE Manager Client Tools 15:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.ppc64le",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"SUSE Manager Client Tools 15:spacecmd-5.0.15-150000.3.142.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:spacecmd-5.0.15-150000.3.142.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-13465",
"url": "https://www.suse.com/security/cve/CVE-2025-13465"
},
{
"category": "external",
"summary": "SUSE Bug 1257321 for CVE-2025-13465",
"url": "https://bugzilla.suse.com/1257321"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"SUSE Manager Client Tools 15:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.ppc64le",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"SUSE Manager Client Tools 15:spacecmd-5.0.15-150000.3.142.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:spacecmd-5.0.15-150000.3.142.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"SUSE Manager Client Tools 15:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.ppc64le",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"SUSE Manager Client Tools 15:spacecmd-5.0.15-150000.3.142.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:spacecmd-5.0.15-150000.3.142.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-25T10:11:52Z",
"details": "important"
}
],
"title": "CVE-2025-13465"
},
{
"cve": "CVE-2025-3415",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-3415"
}
],
"notes": [
{
"category": "general",
"text": "Grafana is an open-source platform for monitoring and observability. The Grafana Alerting DingDing integration was not properly protected and could be exposed to users with Viewer permission. \nFixed in versions 10.4.19+security-01, 11.2.10+security-01, 11.3.7+security-01, 11.4.5+security-01, 11.5.5+security-01, 11.6.2+security-01 and 12.0.1+security-01",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"SUSE Manager Client Tools 15:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.ppc64le",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"SUSE Manager Client Tools 15:spacecmd-5.0.15-150000.3.142.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:spacecmd-5.0.15-150000.3.142.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-3415",
"url": "https://www.suse.com/security/cve/CVE-2025-3415"
},
{
"category": "external",
"summary": "SUSE Bug 1245302 for CVE-2025-3415",
"url": "https://bugzilla.suse.com/1245302"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"SUSE Manager Client Tools 15:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.ppc64le",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"SUSE Manager Client Tools 15:spacecmd-5.0.15-150000.3.142.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:spacecmd-5.0.15-150000.3.142.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"SUSE Manager Client Tools 15:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.ppc64le",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"SUSE Manager Client Tools 15:spacecmd-5.0.15-150000.3.142.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:spacecmd-5.0.15-150000.3.142.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-25T10:11:52Z",
"details": "moderate"
}
],
"title": "CVE-2025-3415"
},
{
"cve": "CVE-2025-61140",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-61140"
}
],
"notes": [
{
"category": "general",
"text": "The value function in jsonpath 1.1.1 lib/index.js is vulnerable to Prototype Pollution.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"SUSE Manager Client Tools 15:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.ppc64le",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"SUSE Manager Client Tools 15:spacecmd-5.0.15-150000.3.142.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:spacecmd-5.0.15-150000.3.142.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-61140",
"url": "https://www.suse.com/security/cve/CVE-2025-61140"
},
{
"category": "external",
"summary": "SUSE Bug 1257442 for CVE-2025-61140",
"url": "https://bugzilla.suse.com/1257442"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"SUSE Manager Client Tools 15:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.ppc64le",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"SUSE Manager Client Tools 15:spacecmd-5.0.15-150000.3.142.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:spacecmd-5.0.15-150000.3.142.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"SUSE Manager Client Tools 15:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.ppc64le",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"SUSE Manager Client Tools 15:spacecmd-5.0.15-150000.3.142.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:spacecmd-5.0.15-150000.3.142.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-25T10:11:52Z",
"details": "important"
}
],
"title": "CVE-2025-61140"
},
{
"cve": "CVE-2025-68156",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68156"
}
],
"notes": [
{
"category": "general",
"text": "Expr is an expression language and expression evaluation for Go. Prior to version 1.17.7, several builtin functions in Expr, including `flatten`, `min`, `max`, `mean`, and `median`, perform recursive traversal over user-provided data structures without enforcing a maximum recursion depth. If the evaluation environment contains deeply nested or cyclic data structures, these functions may recurse indefinitely until exceed the Go runtime stack limit. This results in a stack overflow panic, causing the host application to crash. While exploitability depends on whether an attacker can influence or inject cyclic or pathologically deep data into the\nevaluation environment, this behavior represents a denial-of-service (DoS) risk and affects overall library robustness. Instead of returning a recoverable evaluation error, the process may terminate unexpectedly. In affected versions, evaluation of expressions that invoke certain builtin functions on untrusted or insufficiently validated data structures can lead to a process-level crash due to stack exhaustion. This issue is most relevant in scenarios where Expr is used to evaluate expressions against externally supplied or dynamically constructed environments; cyclic references (directly or indirectly) can be introduced into arrays, maps, or structs; and there are no application-level safeguards preventing deeply nested input data. In typical use cases with controlled, acyclic data, the issue may not manifest. However, when present, the resulting panic can be used to reliably crash the application, constituting a denial of service. The issue has been fixed in the v1.17.7 versions of Expr. The patch introduces a maximum recursion depth limit for affected builtin functions. When this limit is exceeded, evaluation aborts gracefully and returns a descriptive error instead of panicking. Additionally, the maximum depth can be customized by users via `builtin.MaxDepth`, allowing applications with legitimate deep structures to raise the limit in a controlled manner. Users are strongly encouraged to upgrade to the patched release, which includes both the recursion guard and comprehensive test coverage to prevent regressions. For users who cannot immediately upgrade, some mitigations are recommended. Ensure that evaluation environments cannot contain cyclic references, validate or sanitize externally supplied data structures before passing them to Expr, and/or wrap expression evaluation with panic recovery to prevent a full process crash (as a last-resort defensive measure). These workarounds reduce risk but do not fully eliminate the issue without the patch.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"SUSE Manager Client Tools 15:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.ppc64le",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"SUSE Manager Client Tools 15:spacecmd-5.0.15-150000.3.142.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:spacecmd-5.0.15-150000.3.142.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68156",
"url": "https://www.suse.com/security/cve/CVE-2025-68156"
},
{
"category": "external",
"summary": "SUSE Bug 1255330 for CVE-2025-68156",
"url": "https://bugzilla.suse.com/1255330"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"SUSE Manager Client Tools 15:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.ppc64le",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"SUSE Manager Client Tools 15:spacecmd-5.0.15-150000.3.142.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:spacecmd-5.0.15-150000.3.142.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"SUSE Manager Client Tools 15:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.ppc64le",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"SUSE Manager Client Tools 15:spacecmd-5.0.15-150000.3.142.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:spacecmd-5.0.15-150000.3.142.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-25T10:11:52Z",
"details": "important"
}
],
"title": "CVE-2025-68156"
},
{
"cve": "CVE-2026-1615",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-1615"
}
],
"notes": [
{
"category": "general",
"text": "Versions of the package jsonpath before 1.2.0 are vulnerable to Arbitrary Code Injection via unsafe evaluation of user-supplied JSON Path expressions. The library relies on the static-eval module to process JSON Path input, which is not designed to handle untrusted data safely. An attacker can exploit this vulnerability by supplying a malicious JSON Path expression that, when evaluated, executes arbitrary JavaScript code, leading to Remote Code Execution in Node.js environments or Cross-site Scripting (XSS) in browser contexts. This affects all methods that evaluate JSON Paths against objects, including .query, .nodes, .paths, .value, .parent, and .apply.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"SUSE Manager Client Tools 15:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.ppc64le",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"SUSE Manager Client Tools 15:spacecmd-5.0.15-150000.3.142.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:spacecmd-5.0.15-150000.3.142.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-1615",
"url": "https://www.suse.com/security/cve/CVE-2026-1615"
},
{
"category": "external",
"summary": "SUSE Bug 1257897 for CVE-2026-1615",
"url": "https://bugzilla.suse.com/1257897"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"SUSE Manager Client Tools 15:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.ppc64le",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"SUSE Manager Client Tools 15:spacecmd-5.0.15-150000.3.142.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:spacecmd-5.0.15-150000.3.142.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"SUSE Manager Client Tools 15:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.ppc64le",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"SUSE Manager Client Tools 15:spacecmd-5.0.15-150000.3.142.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:spacecmd-5.0.15-150000.3.142.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-25T10:11:52Z",
"details": "critical"
}
],
"title": "CVE-2026-1615"
},
{
"cve": "CVE-2026-21720",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-21720"
}
],
"notes": [
{
"category": "general",
"text": "Every uncached /avatar/:hash request spawns a goroutine that refreshes the Gravatar image. If the refresh sits in the 10-slot worker queue longer than three seconds, the handler times out and stops listening for the result, so that goroutine blocks forever trying to send on an unbuffered channel. Sustained traffic with random hashes keeps tripping this timeout, so goroutine count grows linearly, eventually exhausting memory and causing Grafana to crash on some systems.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"SUSE Manager Client Tools 15:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.ppc64le",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"SUSE Manager Client Tools 15:spacecmd-5.0.15-150000.3.142.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:spacecmd-5.0.15-150000.3.142.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-21720",
"url": "https://www.suse.com/security/cve/CVE-2026-21720"
},
{
"category": "external",
"summary": "SUSE Bug 1257349 for CVE-2026-21720",
"url": "https://bugzilla.suse.com/1257349"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"SUSE Manager Client Tools 15:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.ppc64le",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"SUSE Manager Client Tools 15:spacecmd-5.0.15-150000.3.142.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:spacecmd-5.0.15-150000.3.142.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"SUSE Manager Client Tools 15:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.ppc64le",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"SUSE Manager Client Tools 15:spacecmd-5.0.15-150000.3.142.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:spacecmd-5.0.15-150000.3.142.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-25T10:11:52Z",
"details": "important"
}
],
"title": "CVE-2026-21720"
},
{
"cve": "CVE-2026-21721",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-21721"
}
],
"notes": [
{
"category": "general",
"text": "The dashboard permissions API does not verify the target dashboard scope and only checks the dashboards.permissions:* action. As a result, a user who has permission management rights on one dashboard can read and modify permissions on other dashboards. This is an organization-internal privilege escalation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"SUSE Manager Client Tools 15:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.ppc64le",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"SUSE Manager Client Tools 15:spacecmd-5.0.15-150000.3.142.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:spacecmd-5.0.15-150000.3.142.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-21721",
"url": "https://www.suse.com/security/cve/CVE-2026-21721"
},
{
"category": "external",
"summary": "SUSE Bug 1257337 for CVE-2026-21721",
"url": "https://bugzilla.suse.com/1257337"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"SUSE Manager Client Tools 15:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.ppc64le",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"SUSE Manager Client Tools 15:spacecmd-5.0.15-150000.3.142.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:spacecmd-5.0.15-150000.3.142.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"SUSE Manager Client Tools 15:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.ppc64le",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"SUSE Manager Client Tools 15:spacecmd-5.0.15-150000.3.142.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:spacecmd-5.0.15-150000.3.142.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-25T10:11:52Z",
"details": "important"
}
],
"title": "CVE-2026-21721"
},
{
"cve": "CVE-2026-21722",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-21722"
}
],
"notes": [
{
"category": "general",
"text": "Public dashboards with annotations enabled did not limit their annotation timerange to the locked timerange of the public dashboard. This means one could read the entire history of annotations visible on the specific dashboard, even those outside the locked timerange.\n\nThis did not leak any annotations that would not otherwise be visible on the public dashboard.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"SUSE Manager Client Tools 15:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.ppc64le",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"SUSE Manager Client Tools 15:spacecmd-5.0.15-150000.3.142.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:spacecmd-5.0.15-150000.3.142.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-21722",
"url": "https://www.suse.com/security/cve/CVE-2026-21722"
},
{
"category": "external",
"summary": "SUSE Bug 1258136 for CVE-2026-21722",
"url": "https://bugzilla.suse.com/1258136"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"SUSE Manager Client Tools 15:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.ppc64le",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"SUSE Manager Client Tools 15:spacecmd-5.0.15-150000.3.142.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:spacecmd-5.0.15-150000.3.142.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"SUSE Manager Client Tools 15:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.ppc64le",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"SUSE Manager Client Tools 15:spacecmd-5.0.15-150000.3.142.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:spacecmd-5.0.15-150000.3.142.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-25T10:11:52Z",
"details": "moderate"
}
],
"title": "CVE-2026-21722"
},
{
"cve": "CVE-2026-25547",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-25547"
}
],
"notes": [
{
"category": "general",
"text": "@isaacs/brace-expansion is a hybrid CJS/ESM TypeScript fork of brace-expansion. Prior to version 5.0.1, @isaacs/brace-expansion is vulnerable to a denial of service (DoS) issue caused by unbounded brace range expansion. When an attacker provides a pattern containing repeated numeric brace ranges, the library attempts to eagerly generate every possible combination synchronously. Because the expansion grows exponentially, even a small input can consume excessive CPU and memory and may crash the Node.js process. This issue has been patched in version 5.0.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"SUSE Manager Client Tools 15:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.ppc64le",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"SUSE Manager Client Tools 15:spacecmd-5.0.15-150000.3.142.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:spacecmd-5.0.15-150000.3.142.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-25547",
"url": "https://www.suse.com/security/cve/CVE-2026-25547"
},
{
"category": "external",
"summary": "SUSE Bug 1257834 for CVE-2026-25547",
"url": "https://bugzilla.suse.com/1257834"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"SUSE Manager Client Tools 15:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.ppc64le",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"SUSE Manager Client Tools 15:spacecmd-5.0.15-150000.3.142.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:spacecmd-5.0.15-150000.3.142.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"SUSE Manager Client Tools 15:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.ppc64le",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"SUSE Manager Client Tools 15:spacecmd-5.0.15-150000.3.142.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:spacecmd-5.0.15-150000.3.142.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-25T10:11:52Z",
"details": "important"
}
],
"title": "CVE-2026-25547"
},
{
"cve": "CVE-2026-27606",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-27606"
}
],
"notes": [
{
"category": "general",
"text": "Rollup is a module bundler for JavaScript. Versions prior to 2.80.0, 3.30.0, and 4.59.0 of the Rollup module bundler (specifically v4.x and present in current source) is vulnerable to an Arbitrary File Write via Path Traversal. Insecure file name sanitization in the core engine allows an attacker to control output filenames (e.g., via CLI named inputs, manual chunk aliases, or malicious plugins) and use traversal sequences (`../`) to overwrite files anywhere on the host filesystem that the build process has permissions for. This can lead to persistent Remote Code Execution (RCE) by overwriting critical system or user configuration files. Versions 2.80.0, 3.30.0, and 4.59.0 contain a patch for the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"SUSE Manager Client Tools 15:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.ppc64le",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"SUSE Manager Client Tools 15:spacecmd-5.0.15-150000.3.142.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:spacecmd-5.0.15-150000.3.142.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-27606",
"url": "https://www.suse.com/security/cve/CVE-2026-27606"
},
{
"category": "external",
"summary": "SUSE Bug 1258846 for CVE-2026-27606",
"url": "https://bugzilla.suse.com/1258846"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"SUSE Manager Client Tools 15:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.ppc64le",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"SUSE Manager Client Tools 15:spacecmd-5.0.15-150000.3.142.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:spacecmd-5.0.15-150000.3.142.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"SUSE Manager Client Tools 15:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:firewalld-prometheus-config-0.1-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools 15:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"SUSE Manager Client Tools 15:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"SUSE Manager Client Tools 15:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-prometheus-3.5.0-150000.3.67.1.x86_64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.aarch64",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.ppc64le",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.s390x",
"SUSE Manager Client Tools 15:grafana-11.6.11-150000.1.90.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.ppc64le",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools 15:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools 15:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools 15:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"SUSE Manager Client Tools 15:spacecmd-5.0.15-150000.3.142.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-0.1.38-150000.1.30.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-bash-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-lang-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:mgrctl-zsh-completion-0.1.38-150000.1.30.1.noarch",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"SUSE Manager Client Tools for SLE Micro 5:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:dracut-saltboot-1.1.0-150000.1.65.1.noarch",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.aarch64",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.ppc64le",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.s390x",
"openSUSE Leap 15.6:golang-github-QubitProducts-exporter_exporter-0.4.0-150000.1.21.1.x86_64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.aarch64",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.ppc64le",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.s390x",
"openSUSE Leap 15.6:golang-github-boynux-squid_exporter-1.13.0-150000.1.12.1.x86_64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.aarch64",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.ppc64le",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.s390x",
"openSUSE Leap 15.6:golang-github-lusitaniae-apache_exporter-1.0.10-150000.1.26.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-promu-0.17.0-150000.3.30.1.x86_64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.aarch64",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.ppc64le",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.s390x",
"openSUSE Leap 15.6:prometheus-blackbox_exporter-0.26.0-150000.1.30.2.x86_64",
"openSUSE Leap 15.6:spacecmd-5.0.15-150000.3.142.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-25T10:11:52Z",
"details": "important"
}
],
"title": "CVE-2026-27606"
}
]
}
SUSE-SU-2026:20232-1
Vulnerability from csaf_suse - Published: 2026-02-05 10:43 - Updated: 2026-02-05 10:43Summary
Security update for golang-github-prometheus-prometheus
Severity
Important
Notes
Title of the patch: Security update for golang-github-prometheus-prometheus
Description of the patch: This update for golang-github-prometheus-prometheus fixes the following issues:
Update to version 3.5.0:
Security issues fixed:
- CVE-2025-13465: prototype pollution in the _.unset and _.omit functions can lead to deletion of methods from global (bsc#1257329).
- CVE-2025-12816: interpretation conflict vulnerability allowing bypassing cryptographic verifications (bsc#1255588).
Other updates and bugfixes:
- Update to 3.5.0 (jsc#PED-13824):
* [FEATURE] Remote-write: Add support for Azure Workload Identity
as an authentication method for the receiver.
* [FEATURE] PromQL: Add first_over_time(...) and
ts_of_first_over_time(...) behind feature flag.
* [FEATURE] Federation: Add support for native histograms with
custom buckets (NHCB).
* [ENHANCEMENT] PromQL: Add warn-level annotations for counter
reset conflicts in certain histogram operations.
* [ENHANCEMENT] UI: Add scrape interval and scrape timeout to
targets page.
- Update to 3.4.0:
* Add unified AWS service discovery for ec2, lightsail and ecs services.
* [FEATURE] Native histograms are now a stable, but optional
feature.
* [FEATURE] UI: Show detailed relabeling steps for each
discovered target.
* [ENHANCEMENT] Alerting: Add "unknown" state for alerting rules
that haven't been evaluated yet.
* [BUGFIX] Scrape: Fix a bug where scrape cache would not be
cleared on startup.
- Update to 3.3.0:
* [FEATURE] Spring Boot 3.3 includes support for the Prometheus
Client 1.x.
* [ENHANCEMENT] Dependency management for Dropwizard Metrics has
been removed.
- Update to 3.2.0:
* [FEATURE] OAuth2: support jwt-bearer grant-type (RFC7523 3.1).
* [ENHANCEMENT] PromQL: Reconcile mismatched NHCB bounds in Add
and Sub.
* [BUGFIX] TSDB: Native Histogram Custom Bounds with a NaN
threshold are now rejected.
- Update to 3.1.0:
* [FEATURE] Remote-write 2 (receiving): Update to 2.0-rc.4 spec.
"created timestamp" (CT) is now called "start timestamp" (ST).
* [BUGFIX] Mixin: Add static UID to the remote-write dashboard.
- Update to 3.0.1:
* [BUGFIX] Promql: Make subqueries left open.
* [BUGFIX] Fix memory leak when query log is enabled.
* [BUGFIX] Support utf8 names on /v1/label/:name/values endpoint.
- Update to 3.0.0:
* [CHANGE] Deprecated feature flags removed.
* [FEATURE] New UI.
* [FEATURE] Remote Write 2.0.
* [FEATURE] OpenTelemetry Support.
* [FEATURE] UTF-8 support is now stable and enabled by default.
* [FEATURE] OTLP Ingestion.
* [FEATURE] Native Histograms.
* [BUGFIX] PromQL: Fix count_values for histograms.
* [BUGFIX] TSDB: Fix race on stale values in headAppender.
* [BUGFIX] UI: Fix selector / series formatting for empty metric
names.
- Update to 2.55.0:
* [FEATURE] PromQL: Add `last_over_time` function.
* [FEATURE] Agent: Add `prometheus_agent_build_info` metric.
* [ENHANCEMENT] PromQL: Optimise `group()` and `group by()`.
* [ENHANCEMENT] TSDB: Reduce memory usage when loading blocks.
* [BUGFIX] Scrape: Fix a bug where a target could be scraped
multiple times.
- Update to 2.54.0:
* [CHANGE] Remote-Write: highest_timestamp_in_seconds and
queue_highest_sent_timestamp_seconds metrics now initialized to
0.
* [CHANGE] API: Split warnings from info annotations in API
response.
* [FEATURE] Remote-Write: Version 2.0 experimental, plus metadata
in WAL via feature flag.
* [FEATURE] PromQL: add limitk() and limit_ratio() aggregation
operators.
* [ENHANCEMENT] PromQL: Accept underscores in literal numbers.
* [ENHANCEMENT] PromQL: float literal numbers and durations are
now interchangeable (experimental).
* [ENHANCEMENT] PromQL (experimental native histograms): Optimize
histogram_count and histogram_sum functions.
* [BUGFIX] PromQL: Fix various issues with native histograms.
* [BUGFIX] TSDB: Fix race on stale values in headAppender.
* [BUGFIX] OTLP receiver: Allow colons in non-standard units.
Patchnames: SUSE-SLES-16.0-243
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.6 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
8.2 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
| URL | Category | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for golang-github-prometheus-prometheus",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for golang-github-prometheus-prometheus fixes the following issues:\n\nUpdate to version 3.5.0:\n\nSecurity issues fixed:\n\n- CVE-2025-13465: prototype pollution in the _.unset and _.omit functions can lead to deletion of methods from global (bsc#1257329).\n- CVE-2025-12816: interpretation conflict vulnerability allowing bypassing cryptographic verifications (bsc#1255588).\n\nOther updates and bugfixes:\n\n- Update to 3.5.0 (jsc#PED-13824):\n\n * [FEATURE] Remote-write: Add support for Azure Workload Identity\n as an authentication method for the receiver.\n * [FEATURE] PromQL: Add first_over_time(...) and\n ts_of_first_over_time(...) behind feature flag.\n * [FEATURE] Federation: Add support for native histograms with\n custom buckets (NHCB).\n * [ENHANCEMENT] PromQL: Add warn-level annotations for counter\n reset conflicts in certain histogram operations.\n * [ENHANCEMENT] UI: Add scrape interval and scrape timeout to\n targets page.\n\n- Update to 3.4.0:\n\n * Add unified AWS service discovery for ec2, lightsail and ecs services.\n * [FEATURE] Native histograms are now a stable, but optional\n feature.\n * [FEATURE] UI: Show detailed relabeling steps for each\n discovered target.\n * [ENHANCEMENT] Alerting: Add \"unknown\" state for alerting rules\n that haven\u0027t been evaluated yet.\n * [BUGFIX] Scrape: Fix a bug where scrape cache would not be\n cleared on startup.\n\n- Update to 3.3.0:\n\n * [FEATURE] Spring Boot 3.3 includes support for the Prometheus\n Client 1.x.\n * [ENHANCEMENT] Dependency management for Dropwizard Metrics has\n been removed.\n\n- Update to 3.2.0:\n\n * [FEATURE] OAuth2: support jwt-bearer grant-type (RFC7523 3.1).\n * [ENHANCEMENT] PromQL: Reconcile mismatched NHCB bounds in Add\n and Sub.\n * [BUGFIX] TSDB: Native Histogram Custom Bounds with a NaN\n threshold are now rejected.\n\n- Update to 3.1.0:\n\n * [FEATURE] Remote-write 2 (receiving): Update to 2.0-rc.4 spec.\n \"created timestamp\" (CT) is now called \"start timestamp\" (ST).\n * [BUGFIX] Mixin: Add static UID to the remote-write dashboard.\n\n- Update to 3.0.1:\n\n * [BUGFIX] Promql: Make subqueries left open.\n * [BUGFIX] Fix memory leak when query log is enabled.\n * [BUGFIX] Support utf8 names on /v1/label/:name/values endpoint.\n\n- Update to 3.0.0:\n\n * [CHANGE] Deprecated feature flags removed.\n * [FEATURE] New UI.\n * [FEATURE] Remote Write 2.0.\n * [FEATURE] OpenTelemetry Support.\n * [FEATURE] UTF-8 support is now stable and enabled by default.\n * [FEATURE] OTLP Ingestion.\n * [FEATURE] Native Histograms.\n * [BUGFIX] PromQL: Fix count_values for histograms.\n * [BUGFIX] TSDB: Fix race on stale values in headAppender.\n * [BUGFIX] UI: Fix selector / series formatting for empty metric\n names.\n\n- Update to 2.55.0:\n\n * [FEATURE] PromQL: Add `last_over_time` function.\n * [FEATURE] Agent: Add `prometheus_agent_build_info` metric.\n * [ENHANCEMENT] PromQL: Optimise `group()` and `group by()`.\n * [ENHANCEMENT] TSDB: Reduce memory usage when loading blocks.\n * [BUGFIX] Scrape: Fix a bug where a target could be scraped\n multiple times.\n\n- Update to 2.54.0:\n\n * [CHANGE] Remote-Write: highest_timestamp_in_seconds and\n queue_highest_sent_timestamp_seconds metrics now initialized to\n 0.\n * [CHANGE] API: Split warnings from info annotations in API\n response.\n * [FEATURE] Remote-Write: Version 2.0 experimental, plus metadata\n in WAL via feature flag.\n * [FEATURE] PromQL: add limitk() and limit_ratio() aggregation\n operators.\n * [ENHANCEMENT] PromQL: Accept underscores in literal numbers.\n * [ENHANCEMENT] PromQL: float literal numbers and durations are\n now interchangeable (experimental).\n * [ENHANCEMENT] PromQL (experimental native histograms): Optimize\n histogram_count and histogram_sum functions.\n * [BUGFIX] PromQL: Fix various issues with native histograms.\n * [BUGFIX] TSDB: Fix race on stale values in headAppender.\n * [BUGFIX] OTLP receiver: Allow colons in non-standard units.\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLES-16.0-243",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_20232-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:20232-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202620232-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:20232-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024095.html"
},
{
"category": "self",
"summary": "SUSE Bug 1255588",
"url": "https://bugzilla.suse.com/1255588"
},
{
"category": "self",
"summary": "SUSE Bug 1257329",
"url": "https://bugzilla.suse.com/1257329"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-12816 page",
"url": "https://www.suse.com/security/cve/CVE-2025-12816/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-13465 page",
"url": "https://www.suse.com/security/cve/CVE-2025-13465/"
}
],
"title": "Security update for golang-github-prometheus-prometheus",
"tracking": {
"current_release_date": "2026-02-05T10:43:17Z",
"generator": {
"date": "2026-02-05T10:43:17Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:20232-1",
"initial_release_date": "2026-02-05T10:43:17Z",
"revision_history": [
{
"date": "2026-02-05T10:43:17Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-3.5.0-160000.1.1.aarch64",
"product": {
"name": "golang-github-prometheus-prometheus-3.5.0-160000.1.1.aarch64",
"product_id": "golang-github-prometheus-prometheus-3.5.0-160000.1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-3.5.0-160000.1.1.ppc64le",
"product": {
"name": "golang-github-prometheus-prometheus-3.5.0-160000.1.1.ppc64le",
"product_id": "golang-github-prometheus-prometheus-3.5.0-160000.1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-3.5.0-160000.1.1.s390x",
"product": {
"name": "golang-github-prometheus-prometheus-3.5.0-160000.1.1.s390x",
"product_id": "golang-github-prometheus-prometheus-3.5.0-160000.1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-3.5.0-160000.1.1.x86_64",
"product": {
"name": "golang-github-prometheus-prometheus-3.5.0-160000.1.1.x86_64",
"product_id": "golang-github-prometheus-prometheus-3.5.0-160000.1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 16.0",
"product": {
"name": "SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:16:16.0:server"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product": {
"name": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:16:16.0:server-sap"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-3.5.0-160000.1.1.aarch64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.aarch64"
},
"product_reference": "golang-github-prometheus-prometheus-3.5.0-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-3.5.0-160000.1.1.ppc64le as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.ppc64le"
},
"product_reference": "golang-github-prometheus-prometheus-3.5.0-160000.1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-3.5.0-160000.1.1.s390x as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.s390x"
},
"product_reference": "golang-github-prometheus-prometheus-3.5.0-160000.1.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-3.5.0-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.x86_64"
},
"product_reference": "golang-github-prometheus-prometheus-3.5.0-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-3.5.0-160000.1.1.aarch64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.aarch64"
},
"product_reference": "golang-github-prometheus-prometheus-3.5.0-160000.1.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-3.5.0-160000.1.1.ppc64le as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.ppc64le"
},
"product_reference": "golang-github-prometheus-prometheus-3.5.0-160000.1.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-3.5.0-160000.1.1.s390x as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.s390x"
},
"product_reference": "golang-github-prometheus-prometheus-3.5.0-160000.1.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-3.5.0-160000.1.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.x86_64"
},
"product_reference": "golang-github-prometheus-prometheus-3.5.0-160000.1.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-12816",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-12816"
}
],
"notes": [
{
"category": "general",
"text": "An interpretation-conflict (CWE-436) vulnerability in node-forge versions 1.3.1 and earlier enables unauthenticated attackers to craft ASN.1 structures to desynchronize schema validations, yielding a semantic divergence that may bypass downstream cryptographic verifications and security decisions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-12816",
"url": "https://www.suse.com/security/cve/CVE-2025-12816"
},
{
"category": "external",
"summary": "SUSE Bug 1255584 for CVE-2025-12816",
"url": "https://bugzilla.suse.com/1255584"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-05T10:43:17Z",
"details": "important"
}
],
"title": "CVE-2025-12816"
},
{
"cve": "CVE-2025-13465",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-13465"
}
],
"notes": [
{
"category": "general",
"text": "Lodash versions 4.0.0 through 4.17.22 are vulnerable to prototype pollution in the _.unset and _.omit functions. An attacker can pass crafted paths which cause Lodash to delete methods from global prototypes.\n\nThe issue permits deletion of properties but does not allow overwriting their original behavior.\n\nThis issue is patched on 4.17.23",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-13465",
"url": "https://www.suse.com/security/cve/CVE-2025-13465"
},
{
"category": "external",
"summary": "SUSE Bug 1257321 for CVE-2025-13465",
"url": "https://bugzilla.suse.com/1257321"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.aarch64",
"SUSE Linux Enterprise Server 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.s390x",
"SUSE Linux Enterprise Server 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:golang-github-prometheus-prometheus-3.5.0-160000.1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-02-05T10:43:17Z",
"details": "important"
}
],
"title": "CVE-2025-13465"
}
]
}
SUSE-SU-2026:1008-1
Vulnerability from csaf_suse - Published: 2026-03-25 10:07 - Updated: 2026-03-25 10:07Summary
Security update for Prometheus
Severity
Important
Notes
Title of the patch: Security update for Prometheus
Description of the patch: This update for Prometheus fixes the following issues:
golang-github-prometheus-alertmanager, golang-github-prometheus-node_exporter:
- Internal changes to fix build issues with no impact for customers
golang-github-prometheus-prometheus:
- Security issues fixed:
* CVE-2026-27606: Fixed arbitrary file write via path traversal in rollup (bsc#1258893)
* CVE-2026-25547: Fixed unbounded brace range expansion leading to excessive CPU and memory consumption (bsc#1257841)
* CVE-2026-1615, CVE-2025-61140 The old web UI is no longer built due to security issues (bsc#1257897, bsc#1257442)
* CVE-2025-13465: Bump lodash package to version 4.17.23 to fix prototype pollution vulnerability (bsc#1257329)
* CVE-2025-12816: Interpretation conflict vulnerability allowing bypassing cryptographic verifications (bsc#1255588)
- Version update from 2.53.4 to 3.5.0 with the following highlighted changes (jsc#PED-13824):
* Modernized Interface: Introduced a brand-new UI
* Enhanced Cloud and Auth: Added unified AWS service discovery (EC2, ECS, Lightsail) and Azure Workload Identity support
for more secure, native cloudauthentication.
* Performance Standards: Fully integrated OpenTelemetry (OTLP) ingestion and moved Native Histograms from experimental
to a stable feature.
* Advanced Data Export: Rolled out Remote Write 2.0, offering better performance and metadata handling when sending
data to external systems.
* Query Power: Added new PromQL functions (like first_over_time and last_over_time) and optimization for grouping
operations.
* Better Visibility: The UI now displays detailed relabeling steps, scrape intervals, and timeouts, making it easier
to troubleshoot why targets aren't reporting correctly.
* Critical Fixes: Resolved significant memory leaks related to query logging and fixed bugs where targets were
accidentally being scraped multiple times.
Patchnames: SUSE-2026-1008,SUSE-SLE-Manager-Tools-15-2026-1008,SUSE-SLE-Manager-Tools-For-Micro-5-2026-1008,SUSE-SLE-Module-Basesystem-15-SP7-2026-1008,SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-1008,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-1008,SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-1008,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-1008,SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-1008,SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-1008,SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-1008,SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-1008,SUSE-SLE-Product-SLES_SAP-15-SP4-2026-1008,SUSE-SLE-Product-SLES_SAP-15-SP5-2026-1008,SUSE-SLE-Product-SLES_SAP-15-SP6-2026-1008,openSUSE-SLE-15.6-2026-1008
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.6 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
8.2 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
8.1 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
9.8 (Critical)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.5 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
| URL | Category | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for Prometheus ",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for Prometheus fixes the following issues:\n\ngolang-github-prometheus-alertmanager, golang-github-prometheus-node_exporter: \n\n- Internal changes to fix build issues with no impact for customers \n\ngolang-github-prometheus-prometheus:\n\n- Security issues fixed:\n\n * CVE-2026-27606: Fixed arbitrary file write via path traversal in rollup (bsc#1258893)\n * CVE-2026-25547: Fixed unbounded brace range expansion leading to excessive CPU and memory consumption (bsc#1257841)\n * CVE-2026-1615, CVE-2025-61140 The old web UI is no longer built due to security issues (bsc#1257897, bsc#1257442)\n * CVE-2025-13465: Bump lodash package to version 4.17.23 to fix prototype pollution vulnerability (bsc#1257329)\n * CVE-2025-12816: Interpretation conflict vulnerability allowing bypassing cryptographic verifications (bsc#1255588)\n\n- Version update from 2.53.4 to 3.5.0 with the following highlighted changes (jsc#PED-13824):\n\n * Modernized Interface: Introduced a brand-new UI\n * Enhanced Cloud and Auth: Added unified AWS service discovery (EC2, ECS, Lightsail) and Azure Workload Identity support\n for more secure, native cloudauthentication.\n * Performance Standards: Fully integrated OpenTelemetry (OTLP) ingestion and moved Native Histograms from experimental\n to a stable feature.\n * Advanced Data Export: Rolled out Remote Write 2.0, offering better performance and metadata handling when sending\n data to external systems.\n * Query Power: Added new PromQL functions (like first_over_time and last_over_time) and optimization for grouping\n operations.\n * Better Visibility: The UI now displays detailed relabeling steps, scrape intervals, and timeouts, making it easier\n to troubleshoot why targets aren\u0027t reporting correctly.\n * Critical Fixes: Resolved significant memory leaks related to query logging and fixed bugs where targets were\n accidentally being scraped multiple times.\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2026-1008,SUSE-SLE-Manager-Tools-15-2026-1008,SUSE-SLE-Manager-Tools-For-Micro-5-2026-1008,SUSE-SLE-Module-Basesystem-15-SP7-2026-1008,SUSE-SLE-Module-Packagehub-Subpackages-15-SP7-2026-1008,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-1008,SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-1008,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-1008,SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-1008,SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-1008,SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-1008,SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-1008,SUSE-SLE-Product-SLES_SAP-15-SP4-2026-1008,SUSE-SLE-Product-SLES_SAP-15-SP5-2026-1008,SUSE-SLE-Product-SLES_SAP-15-SP6-2026-1008,openSUSE-SLE-15.6-2026-1008",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_1008-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:1008-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20261008-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:1008-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024921.html"
},
{
"category": "self",
"summary": "SUSE Bug 1255588",
"url": "https://bugzilla.suse.com/1255588"
},
{
"category": "self",
"summary": "SUSE Bug 1257329",
"url": "https://bugzilla.suse.com/1257329"
},
{
"category": "self",
"summary": "SUSE Bug 1257442",
"url": "https://bugzilla.suse.com/1257442"
},
{
"category": "self",
"summary": "SUSE Bug 1257841",
"url": "https://bugzilla.suse.com/1257841"
},
{
"category": "self",
"summary": "SUSE Bug 1257897",
"url": "https://bugzilla.suse.com/1257897"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-12816 page",
"url": "https://www.suse.com/security/cve/CVE-2025-12816/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-13465 page",
"url": "https://www.suse.com/security/cve/CVE-2025-13465/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-61140 page",
"url": "https://www.suse.com/security/cve/CVE-2025-61140/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-1615 page",
"url": "https://www.suse.com/security/cve/CVE-2026-1615/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-25547 page",
"url": "https://www.suse.com/security/cve/CVE-2026-25547/"
}
],
"title": "Security update for Prometheus ",
"tracking": {
"current_release_date": "2026-03-25T10:07:27Z",
"generator": {
"date": "2026-03-25T10:07:27Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:1008-1",
"initial_release_date": "2026-03-25T10:07:27Z",
"revision_history": [
{
"date": "2026-03-25T10:07:27Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "firewalld-prometheus-config-0.1-150100.4.29.1.aarch64",
"product": {
"name": "firewalld-prometheus-config-0.1-150100.4.29.1.aarch64",
"product_id": "firewalld-prometheus-config-0.1-150100.4.29.1.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"product": {
"name": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"product_id": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"product": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"product_id": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64",
"product": {
"name": "golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64",
"product_id": "golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "firewalld-prometheus-config-0.1-150100.4.29.1.i586",
"product": {
"name": "firewalld-prometheus-config-0.1-150100.4.29.1.i586",
"product_id": "firewalld-prometheus-config-0.1-150100.4.29.1.i586"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.i586",
"product": {
"name": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.i586",
"product_id": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.i586"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.i586",
"product": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.i586",
"product_id": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.i586"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.i586",
"product": {
"name": "golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.i586",
"product_id": "golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "firewalld-prometheus-config-0.1-150100.4.29.1.ppc64le",
"product": {
"name": "firewalld-prometheus-config-0.1-150100.4.29.1.ppc64le",
"product_id": "firewalld-prometheus-config-0.1-150100.4.29.1.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"product": {
"name": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"product_id": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"product": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"product_id": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le",
"product": {
"name": "golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le",
"product_id": "golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "firewalld-prometheus-config-0.1-150100.4.29.1.s390x",
"product": {
"name": "firewalld-prometheus-config-0.1-150100.4.29.1.s390x",
"product_id": "firewalld-prometheus-config-0.1-150100.4.29.1.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"product": {
"name": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"product_id": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"product": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"product_id": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x",
"product": {
"name": "golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x",
"product_id": "golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "firewalld-prometheus-config-0.1-150100.4.29.1.x86_64",
"product": {
"name": "firewalld-prometheus-config-0.1-150100.4.29.1.x86_64",
"product_id": "firewalld-prometheus-config-0.1-150100.4.29.1.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"product": {
"name": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"product_id": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"product": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"product_id": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64"
}
},
{
"category": "product_version",
"name": "golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64",
"product": {
"name": "golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64",
"product_id": "golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Manager Client Tools 15",
"product": {
"name": "SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15"
}
},
{
"category": "product_name",
"name": "SUSE Manager Client Tools for SLE Micro 5",
"product": {
"name": "SUSE Manager Client Tools for SLE Micro 5",
"product_id": "SUSE Manager Client Tools for SLE Micro 5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-manager-tools-micro:5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15:sp7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:packagehub:15:sp7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP6-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp6"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64 as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64"
},
"product_reference": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le"
},
"product_reference": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x"
},
"product_reference": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64 as component of SUSE Manager Client Tools 15",
"product_id": "SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64"
},
"product_reference": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools 15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64 as component of SUSE Manager Client Tools for SLE Micro 5",
"product_id": "SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"relates_to_product_reference": "SUSE Manager Client Tools for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x as component of SUSE Manager Client Tools for SLE Micro 5",
"product_id": "SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"relates_to_product_reference": "SUSE Manager Client Tools for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64 as component of SUSE Manager Client Tools for SLE Micro 5",
"product_id": "SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"relates_to_product_reference": "SUSE Manager Client Tools for SLE Micro 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64"
},
"product_reference": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le"
},
"product_reference": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x"
},
"product_reference": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64"
},
"product_reference": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64"
},
"product_reference": "golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le"
},
"product_reference": "golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x"
},
"product_reference": "golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64"
},
"product_reference": "golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firewalld-prometheus-config-0.1-150100.4.29.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.aarch64"
},
"product_reference": "firewalld-prometheus-config-0.1-150100.4.29.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firewalld-prometheus-config-0.1-150100.4.29.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.ppc64le"
},
"product_reference": "firewalld-prometheus-config-0.1-150100.4.29.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firewalld-prometheus-config-0.1-150100.4.29.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.s390x"
},
"product_reference": "firewalld-prometheus-config-0.1-150100.4.29.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firewalld-prometheus-config-0.1-150100.4.29.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.x86_64"
},
"product_reference": "firewalld-prometheus-config-0.1-150100.4.29.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64"
},
"product_reference": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le"
},
"product_reference": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x"
},
"product_reference": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64"
},
"product_reference": "golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64"
},
"product_reference": "golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64"
},
"product_reference": "golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le"
},
"product_reference": "golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x"
},
"product_reference": "golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64"
},
"product_reference": "golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-12816",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-12816"
}
],
"notes": [
{
"category": "general",
"text": "An interpretation-conflict (CWE-436) vulnerability in node-forge versions 1.3.1 and earlier enables unauthenticated attackers to craft ASN.1 structures to desynchronize schema validations, yielding a semantic divergence that may bypass downstream cryptographic verifications and security decisions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.aarch64",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.ppc64le",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.s390x",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-12816",
"url": "https://www.suse.com/security/cve/CVE-2025-12816"
},
{
"category": "external",
"summary": "SUSE Bug 1255584 for CVE-2025-12816",
"url": "https://bugzilla.suse.com/1255584"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.aarch64",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.ppc64le",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.s390x",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.aarch64",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.ppc64le",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.s390x",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-25T10:07:27Z",
"details": "important"
}
],
"title": "CVE-2025-12816"
},
{
"cve": "CVE-2025-13465",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-13465"
}
],
"notes": [
{
"category": "general",
"text": "Lodash versions 4.0.0 through 4.17.22 are vulnerable to prototype pollution in the _.unset and _.omit functions. An attacker can pass crafted paths which cause Lodash to delete methods from global prototypes.\n\nThe issue permits deletion of properties but does not allow overwriting their original behavior.\n\nThis issue is patched on 4.17.23",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.aarch64",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.ppc64le",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.s390x",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-13465",
"url": "https://www.suse.com/security/cve/CVE-2025-13465"
},
{
"category": "external",
"summary": "SUSE Bug 1257321 for CVE-2025-13465",
"url": "https://bugzilla.suse.com/1257321"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.aarch64",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.ppc64le",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.s390x",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.aarch64",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.ppc64le",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.s390x",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-25T10:07:27Z",
"details": "important"
}
],
"title": "CVE-2025-13465"
},
{
"cve": "CVE-2025-61140",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-61140"
}
],
"notes": [
{
"category": "general",
"text": "The value function in jsonpath 1.1.1 lib/index.js is vulnerable to Prototype Pollution.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.aarch64",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.ppc64le",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.s390x",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-61140",
"url": "https://www.suse.com/security/cve/CVE-2025-61140"
},
{
"category": "external",
"summary": "SUSE Bug 1257442 for CVE-2025-61140",
"url": "https://bugzilla.suse.com/1257442"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.aarch64",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.ppc64le",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.s390x",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.aarch64",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.ppc64le",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.s390x",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-25T10:07:27Z",
"details": "important"
}
],
"title": "CVE-2025-61140"
},
{
"cve": "CVE-2026-1615",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-1615"
}
],
"notes": [
{
"category": "general",
"text": "Versions of the package jsonpath before 1.2.0 are vulnerable to Arbitrary Code Injection via unsafe evaluation of user-supplied JSON Path expressions. The library relies on the static-eval module to process JSON Path input, which is not designed to handle untrusted data safely. An attacker can exploit this vulnerability by supplying a malicious JSON Path expression that, when evaluated, executes arbitrary JavaScript code, leading to Remote Code Execution in Node.js environments or Cross-site Scripting (XSS) in browser contexts. This affects all methods that evaluate JSON Paths against objects, including .query, .nodes, .paths, .value, .parent, and .apply.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.aarch64",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.ppc64le",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.s390x",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-1615",
"url": "https://www.suse.com/security/cve/CVE-2026-1615"
},
{
"category": "external",
"summary": "SUSE Bug 1257897 for CVE-2026-1615",
"url": "https://bugzilla.suse.com/1257897"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.aarch64",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.ppc64le",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.s390x",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.aarch64",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.ppc64le",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.s390x",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-25T10:07:27Z",
"details": "critical"
}
],
"title": "CVE-2026-1615"
},
{
"cve": "CVE-2026-25547",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-25547"
}
],
"notes": [
{
"category": "general",
"text": "@isaacs/brace-expansion is a hybrid CJS/ESM TypeScript fork of brace-expansion. Prior to version 5.0.1, @isaacs/brace-expansion is vulnerable to a denial of service (DoS) issue caused by unbounded brace range expansion. When an attacker provides a pattern containing repeated numeric brace ranges, the library attempts to eagerly generate every possible combination synchronously. Because the expansion grows exponentially, even a small input can consume excessive CPU and memory and may crash the Node.js process. This issue has been patched in version 5.0.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.aarch64",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.ppc64le",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.s390x",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-25547",
"url": "https://www.suse.com/security/cve/CVE-2026-25547"
},
{
"category": "external",
"summary": "SUSE Bug 1257834 for CVE-2026-25547",
"url": "https://bugzilla.suse.com/1257834"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.aarch64",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.ppc64le",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.s390x",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP7:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"SUSE Manager Client Tools 15:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"SUSE Manager Client Tools for SLE Micro 5:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.aarch64",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.ppc64le",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.s390x",
"openSUSE Leap 15.6:firewalld-prometheus-config-0.1-150100.4.29.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-alertmanager-0.28.1-150100.4.31.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-node_exporter-1.9.1-150100.3.38.1.x86_64",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.aarch64",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.ppc64le",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.s390x",
"openSUSE Leap 15.6:golang-github-prometheus-prometheus-3.5.0-150100.4.29.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-25T10:07:27Z",
"details": "important"
}
],
"title": "CVE-2026-25547"
}
]
}
RHSA-2026:4185
Vulnerability from csaf_redhat - Published: 2026-03-10 13:57 - Updated: 2026-05-07 07:30Summary
Red Hat Security Advisory: Red Hat Quay 3.13.11
Severity
Important
Notes
Topic: Red Hat Quay 3.13.11 is now available with bug fixes.
Details: Quay 3.13.11
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in node-forge. This vulnerability allows unauthenticated attackers to bypass downstream cryptographic verifications and security decisions via crafting ASN.1 (Abstract Syntax Notation One) structures to desynchronize schema validations, yielding a semantic divergence.
8.7 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11358
https://access.redhat.com/errata/RHSA-2026:4185
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
A flaw was found in qs, a module used for parsing query strings. A remote attacker can exploit an improper input validation vulnerability by sending specially crafted HTTP requests that use bracket notation (e.g., `a[]=value`). This bypasses the `arrayLimit` option, which is designed to limit the size of parsed arrays and prevent resource exhaustion. Successful exploitation can lead to memory exhaustion, causing a Denial of Service (DoS) where the application crashes or becomes unresponsive, making the service unavailable to users.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11358
https://access.redhat.com/errata/RHSA-2026:4185
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
A flaw was found in runc. This attack is a more sophisticated variant of CVE-2019-16884, which was a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process. The mitigation applied for CVE-2019-16884 was fairly limited and effectively only caused runc to verify that when we write LSM labels that those labels are actual procfs files.
8.2 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11358
https://access.redhat.com/errata/RHSA-2026:4185
Workaround
Potential mitigations for this issue include:
* Using rootless containers, as doing so will block most of the inadvertent writes (runc would run with reduced privileges, making attempts to write to procfs files ineffective).
* Based on our analysis, neither AppArmor or SELinux can protect against the full version of the redirected write attack. The container runtime is generally privileged enough to write to arbitrary procfs files, which is more than sufficient to cause a container breakout.
A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11358
https://access.redhat.com/errata/RHSA-2026:4185
A flaw was found in auth0/node-jws. This vulnerability allows improper signature verification via using the HS256 (Hash-based Message Authentication Code using SHA-256) algorithm under specific conditions, where applications use the jws.createVerify() function for HMAC (Keyed-Hash Message Authentication Code) algorithms and user-provided data from the JSON (JavaScript Object Notation) Web Signature protected header or payload in HMAC secret lookup routines.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11358
https://access.redhat.com/errata/RHSA-2026:4185
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
A flaw was found in urllib3 Python library that could lead to a Denial of Service condition. A remote, malicious server can exploit this flaw by responding to a client request with an HTTP message that uses an excessive number of chained compression algorithms. This unlimited decompression chain causes the client system to consume a virtually unbounded amount of CPU resources and memory. The high resource usage leads to service disruption, making the application unresponsive.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11358
https://access.redhat.com/errata/RHSA-2026:4185
A decompression handling flaw has been discovered in urllib3. When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header (e.g., gzip, deflate, br, or zstd). The library must read compressed data from the network and decompress it until the requested chunk size is met. Any resulting decompressed data that exceeds the requested amount is held in an internal buffer for the next read operation. The decompression logic could cause urllib3 to fully decode a small amount of highly compressed data in a single operation. This can result in excessive resource consumption (high CPU usage and massive memory allocation for the decompressed data; CWE-409) on the client side, even if the application only requested a small chunk of data.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11358
https://access.redhat.com/errata/RHSA-2026:4185
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in Fulcio, a free-to-use certificate authority. This vulnerability allows a denial of service (DoS) due to excessive memory allocation when processing a malicious OpenID Connect (OIDC) identity token containing numerous period characters.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11358
https://access.redhat.com/errata/RHSA-2026:4185
urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP `Content-Encoding` header (e.g., `gzip`, `deflate`, `br`, or `zstd`). When using the streaming API, the library decompresses only the necessary bytes, enabling partial content consumption. Starting in version 1.22 and prior to version 2.6.3, for HTTP redirect responses, the library would read the entire response body to drain the connection and decompress the content unnecessarily. This decompression occurred even before any read methods were called, and configured read limits did not restrict the amount of decompressed data. As a result, there was no safeguard against decompression bombs. A malicious server could exploit this to trigger excessive resource consumption on the client. Applications and libraries are affected when they stream content from untrusted sources by setting `preload_content=False` when they do not disable redirects. Users should upgrade to at least urllib3 v2.6.3, in which the library does not decode content of redirect responses when `preload_content=False`. If upgrading is not immediately possible, disable redirects by setting `redirect=False` for requests to untrusted source.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11358
https://access.redhat.com/errata/RHSA-2026:4185
A path traversal flaw has been discovered in the python wheel too. The unpack function is vulnerable to file permission modification through mishandling of file permissions after extraction. The logic blindly trusts the filename from the archive header for the chmod operation, even though the extraction process itself might have sanitized the path. Attackers can craft a malicious wheel file that, when unpacked, changes the permissions of critical system files (e.g., /etc/passwd, SSH keys, config files), allowing for Privilege Escalation or arbitrary code execution by modifying now-writable scripts.
7.1 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11358
https://access.redhat.com/errata/RHSA-2026:4185
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
References
| URL | Category | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat Quay 3.13.11 is now available with bug fixes.",
"title": "Topic"
},
{
"category": "general",
"text": "Quay 3.13.11",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:4185",
"url": "https://access.redhat.com/errata/RHSA-2026:4185"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-12816",
"url": "https://access.redhat.com/security/cve/CVE-2025-12816"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-15284",
"url": "https://access.redhat.com/security/cve/CVE-2025-15284"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-52881",
"url": "https://access.redhat.com/security/cve/CVE-2025-52881"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61729",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-65945",
"url": "https://access.redhat.com/security/cve/CVE-2025-65945"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66418",
"url": "https://access.redhat.com/security/cve/CVE-2025-66418"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66471",
"url": "https://access.redhat.com/security/cve/CVE-2025-66471"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66506",
"url": "https://access.redhat.com/security/cve/CVE-2025-66506"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-21441",
"url": "https://access.redhat.com/security/cve/CVE-2026-21441"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-24049",
"url": "https://access.redhat.com/security/cve/CVE-2026-24049"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_4185.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Quay 3.13.11",
"tracking": {
"current_release_date": "2026-05-07T07:30:26+00:00",
"generator": {
"date": "2026-05-07T07:30:26+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.9"
}
},
"id": "RHSA-2026:4185",
"initial_release_date": "2026-03-10T13:57:02+00:00",
"revision_history": [
{
"date": "2026-03-10T13:57:02+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-03-12T14:13:32+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-07T07:30:26+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Quay 3.13",
"product": {
"name": "Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:quay:3.13::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Quay"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-bundle@sha256%3A61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1771540384"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3A740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1771539915"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-bundle@sha256%3Abfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1771540464"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3A25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1771539959"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"product_id": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-qemu-rhcos-rhel8@sha256%3A0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1771860977"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel8@sha256%3Ad711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1771942423"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"product": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"product_id": "registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel8@sha256%3Abb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1770071468"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"product_id": "registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-bundle@sha256%3Aaa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1773092950"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel8@sha256%3A6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1771947506"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"product_id": "registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel8@sha256%3A39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1773088862"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3A7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=1771539915"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3A21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=1771539959"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"product": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"product_id": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-qemu-rhcos-rhel8@sha256%3A8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=1771860977"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel8@sha256%3A0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=1771942423"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"product": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"product_id": "registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel8@sha256%3Af3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=1770071468"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64",
"product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel8@sha256%3Aff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=1771947506"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"product": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"product_id": "registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel8@sha256%3A1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=1773088862"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3Aca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1771539915"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3Afc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1771539959"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"product_id": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-qemu-rhcos-rhel8@sha256%3Aaf814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1771860977"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel8@sha256%3A5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1771942423"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"product": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"product_id": "registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel8@sha256%3A917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1770071468"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel8@sha256%3Aba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1771947506"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le",
"product_id": "registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel8@sha256%3Ad1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1773088862"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3A86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1771539915"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3Afb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1771539959"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"product_id": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-qemu-rhcos-rhel8@sha256%3Af0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1771860977"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel8@sha256%3A2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1771942423"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"product": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"product_id": "registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel8@sha256%3Aaddfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1770071468"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel8@sha256%3Afe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1771947506"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"product_id": "registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel8@sha256%3A8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1773088862"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le"
},
"product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x"
},
"product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64 as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64"
},
"product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64 as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64"
},
"product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64 as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64 as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64 as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64 as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64 as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64"
},
"product_reference": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64 as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64 as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64 as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64 as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64 as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64 as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64 as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64 as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64 as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64"
},
"product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64 as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"relates_to_product_reference": "Red Hat Quay 3.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le as a component of Red Hat Quay 3.13",
"product_id": "Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.13"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-12816",
"cwe": {
"id": "CWE-179",
"name": "Incorrect Behavior Order: Early Validation"
},
"discovery_date": "2025-11-25T20:01:05.875196+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2417097"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in node-forge. This vulnerability allows unauthenticated attackers to bypass downstream cryptographic verifications and security decisions via crafting ASN.1 (Abstract Syntax Notation One) structures to desynchronize schema validations, yielding a semantic divergence.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: node-forge: Interpretation conflict vulnerability allows bypassing cryptographic verifications",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products due to an interpretation conflict in the node-forge library. An unauthenticated attacker could exploit this flaw by crafting malicious ASN.1 structures, leading to a bypass of cryptographic verifications and security decisions in affected applications. This impacts various Red Hat products that utilize node-forge for cryptographic operations.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-12816"
},
{
"category": "external",
"summary": "RHBZ#2417097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-12816",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12816"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-12816",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12816"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge",
"url": "https://github.com/digitalbazaar/forge"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/pull/1124",
"url": "https://github.com/digitalbazaar/forge/pull/1124"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5gfm-wpxj-wjgq",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5gfm-wpxj-wjgq"
},
{
"category": "external",
"summary": "https://kb.cert.org/vuls/id/521113",
"url": "https://kb.cert.org/vuls/id/521113"
},
{
"category": "external",
"summary": "https://www.npmjs.com/package/node-forge",
"url": "https://www.npmjs.com/package/node-forge"
}
],
"release_date": "2025-11-25T19:15:50.243000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-10T13:57:02+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11358",
"product_ids": [
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4185"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "node-forge: node-forge: Interpretation conflict vulnerability allows bypassing cryptographic verifications"
},
{
"cve": "CVE-2025-15284",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-12-29T23:00:58.541337+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2425946"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in qs, a module used for parsing query strings. A remote attacker can exploit an improper input validation vulnerability by sending specially crafted HTTP requests that use bracket notation (e.g., `a[]=value`). This bypasses the `arrayLimit` option, which is designed to limit the size of parsed arrays and prevent resource exhaustion. Successful exploitation can lead to memory exhaustion, causing a Denial of Service (DoS) where the application crashes or becomes unresponsive, making the service unavailable to users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "qs: qs: Denial of Service via improper input validation in array parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products that utilize the `qs` module for parsing query strings, particularly when processing user-controlled input with bracket notation. The `arrayLimit` option, intended to prevent resource exhaustion, is bypassed when bracket notation (`a[]=value`) is used, allowing a remote attacker to cause a denial of service through memory exhaustion. This can lead to application crashes or unresponsiveness, making the service unavailable.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-15284"
},
{
"category": "external",
"summary": "RHBZ#2425946",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425946"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-15284",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15284"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-15284",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-15284"
},
{
"category": "external",
"summary": "https://github.com/ljharb/qs/commit/3086902ecf7f088d0d1803887643ac6c03d415b9",
"url": "https://github.com/ljharb/qs/commit/3086902ecf7f088d0d1803887643ac6c03d415b9"
},
{
"category": "external",
"summary": "https://github.com/ljharb/qs/security/advisories/GHSA-6rw7-vpxm-498p",
"url": "https://github.com/ljharb/qs/security/advisories/GHSA-6rw7-vpxm-498p"
}
],
"release_date": "2025-12-29T22:56:45.240000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-10T13:57:02+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11358",
"product_ids": [
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4185"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "qs: qs: Denial of Service via improper input validation in array parsing"
},
{
"cve": "CVE-2025-52881",
"cwe": {
"id": "CWE-59",
"name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
},
"discovery_date": "2025-10-17T14:19:18.652000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2404715"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in runc. This attack is a more sophisticated variant of CVE-2019-16884, which was a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process. The mitigation applied for CVE-2019-16884 was fairly limited and effectively only caused runc to verify that when we write LSM labels that those labels are actual procfs files.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat considers this as an Important flaw since the impact is limited to local attack with minimal privileges in order to jeopardize the environment.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-52881"
},
{
"category": "external",
"summary": "RHBZ#2404715",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2404715"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-52881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52881"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-52881",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-52881"
},
{
"category": "external",
"summary": "https://github.com/opencontainers/runc/security/advisories/GHSA-cgrx-mc8f-2prm",
"url": "https://github.com/opencontainers/runc/security/advisories/GHSA-cgrx-mc8f-2prm"
},
{
"category": "external",
"summary": "https://github.com/opencontainers/selinux/pull/237",
"url": "https://github.com/opencontainers/selinux/pull/237"
}
],
"release_date": "2025-11-05T09:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-10T13:57:02+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11358",
"product_ids": [
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4185"
},
{
"category": "workaround",
"details": "Potential mitigations for this issue include:\n\n* Using rootless containers, as doing so will block most of the inadvertent writes (runc would run with reduced privileges, making attempts to write to procfs files ineffective).\n* Based on our analysis, neither AppArmor or SELinux can protect against the full version of the redirected write attack. The container runtime is generally privileged enough to write to arbitrary procfs files, which is more than sufficient to cause a container breakout.",
"product_ids": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects"
},
{
"cve": "CVE-2025-61729",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2025-12-02T20:01:45.330964+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418462"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "RHBZ#2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://go.dev/cl/725920",
"url": "https://go.dev/cl/725920"
},
{
"category": "external",
"summary": "https://go.dev/issue/76445",
"url": "https://go.dev/issue/76445"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4",
"url": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4155",
"url": "https://pkg.go.dev/vuln/GO-2025-4155"
}
],
"release_date": "2025-12-02T18:54:10.166000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-10T13:57:02+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11358",
"product_ids": [
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4185"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate"
},
{
"cve": "CVE-2025-65945",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"discovery_date": "2025-12-04T19:01:14.733682+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418904"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in auth0/node-jws. This vulnerability allows improper signature verification via using the HS256 (Hash-based Message Authentication Code using SHA-256) algorithm under specific conditions, where applications use the jws.createVerify() function for HMAC (Keyed-Hash Message Authentication Code) algorithms and user-provided data from the JSON (JavaScript Object Notation) Web Signature protected header or payload in HMAC secret lookup routines.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-jws: auth0/node-jws: Improper signature verification in HS256 algorithm",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-65945"
},
{
"category": "external",
"summary": "RHBZ#2418904",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418904"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-65945",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-65945"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-65945",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-65945"
},
{
"category": "external",
"summary": "https://github.com/auth0/node-jws/commit/34c45b2c04434f925b638de6a061de9339c0ea2e",
"url": "https://github.com/auth0/node-jws/commit/34c45b2c04434f925b638de6a061de9339c0ea2e"
},
{
"category": "external",
"summary": "https://github.com/auth0/node-jws/security/advisories/GHSA-869p-cjfg-cm3x",
"url": "https://github.com/auth0/node-jws/security/advisories/GHSA-869p-cjfg-cm3x"
}
],
"release_date": "2025-12-04T18:45:37.517000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-10T13:57:02+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11358",
"product_ids": [
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4185"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "node-jws: auth0/node-jws: Improper signature verification in HS256 algorithm"
},
{
"cve": "CVE-2025-66418",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-12-05T17:01:20.277857+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419455"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in urllib3 Python library that could lead to a Denial of Service condition. A remote, malicious server can exploit this flaw by responding to a client request with an HTTP message that uses an excessive number of chained compression algorithms. This unlimited decompression chain causes the client system to consume a virtually unbounded amount of CPU resources and memory. The high resource usage leads to service disruption, making the application unresponsive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66418"
},
{
"category": "external",
"summary": "RHBZ#2419455",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419455"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66418"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66418",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66418"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/24d7b67eac89f94e11003424bcf0d8f7b72222a8",
"url": "https://github.com/urllib3/urllib3/commit/24d7b67eac89f94e11003424bcf0d8f7b72222a8"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53"
}
],
"release_date": "2025-12-05T16:02:15.271000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-10T13:57:02+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11358",
"product_ids": [
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4185"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion"
},
{
"cve": "CVE-2025-66471",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2025-12-05T17:02:21.597728+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419467"
}
],
"notes": [
{
"category": "description",
"text": "A decompression handling flaw has been discovered in urllib3. When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header (e.g., gzip, deflate, br, or zstd). The library must read compressed data from the network and decompress it until the requested chunk size is met. Any resulting decompressed data that exceeds the requested amount is held in an internal buffer for the next read operation. The decompression logic could cause urllib3 to fully decode a small amount of highly compressed data in a single operation. This can result in excessive resource consumption (high CPU usage and massive memory allocation for the decompressed data; CWE-409) on the client side, even if the application only requested a small chunk of data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3 Streaming API improperly handles highly compressed data",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66471"
},
{
"category": "external",
"summary": "RHBZ#2419467",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419467"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66471",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66471"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66471",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66471"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/c19571de34c47de3a766541b041637ba5f716ed7",
"url": "https://github.com/urllib3/urllib3/commit/c19571de34c47de3a766541b041637ba5f716ed7"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37"
}
],
"release_date": "2025-12-05T16:06:08.531000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-10T13:57:02+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11358",
"product_ids": [
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4185"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3 Streaming API improperly handles highly compressed data"
},
{
"cve": "CVE-2025-66506",
"cwe": {
"id": "CWE-405",
"name": "Asymmetric Resource Consumption (Amplification)"
},
"discovery_date": "2025-12-04T23:01:20.507333+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419056"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Fulcio, a free-to-use certificate authority. This vulnerability allows a denial of service (DoS) due to excessive memory allocation when processing a malicious OpenID Connect (OIDC) identity token containing numerous period characters.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/sigstore/fulcio: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat as Fulcio, a certificate authority used for issuing code signing certificates, is susceptible to a denial of service when processing a specially crafted OpenID Connect (OIDC) token. This could lead to resource exhaustion and service unavailability in affected Red Hat products that utilize Fulcio.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66506"
},
{
"category": "external",
"summary": "RHBZ#2419056",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419056"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66506"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66506",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66506"
},
{
"category": "external",
"summary": "https://github.com/sigstore/fulcio/commit/765a0e57608b9ef390e1eeeea8595b9054c63a5a",
"url": "https://github.com/sigstore/fulcio/commit/765a0e57608b9ef390e1eeeea8595b9054c63a5a"
},
{
"category": "external",
"summary": "https://github.com/sigstore/fulcio/security/advisories/GHSA-f83f-xpx7-ffpw",
"url": "https://github.com/sigstore/fulcio/security/advisories/GHSA-f83f-xpx7-ffpw"
}
],
"release_date": "2025-12-04T22:04:41.637000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-10T13:57:02+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11358",
"product_ids": [
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4185"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/sigstore/fulcio: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token"
},
{
"cve": "CVE-2026-21441",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2026-01-07T23:01:59.422078+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2427726"
}
],
"notes": [
{
"category": "description",
"text": "urllib3 is an HTTP client library for Python. urllib3\u0027s streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP `Content-Encoding` header (e.g., `gzip`, `deflate`, `br`, or `zstd`). When using the streaming API, the library decompresses only the necessary bytes, enabling partial content consumption. Starting in version 1.22 and prior to version 2.6.3, for HTTP redirect responses, the library would read the entire response body to drain the connection and decompress the content unnecessarily. This decompression occurred even before any read methods were called, and configured read limits did not restrict the amount of decompressed data. As a result, there was no safeguard against decompression bombs. A malicious server could exploit this to trigger excessive resource consumption on the client. Applications and libraries are affected when they stream content from untrusted sources by setting `preload_content=False` when they do not disable redirects. Users should upgrade to at least urllib3 v2.6.3, in which the library does not decode content of redirect responses when `preload_content=False`. If upgrading is not immediately possible, disable redirects by setting `redirect=False` for requests to untrusted source.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-21441"
},
{
"category": "external",
"summary": "RHBZ#2427726",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2427726"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-21441",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21441"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-21441",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21441"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b",
"url": "https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99"
}
],
"release_date": "2026-01-07T22:09:01.936000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-10T13:57:02+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11358",
"product_ids": [
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4185"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)"
},
{
"cve": "CVE-2026-24049",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2026-01-22T05:00:54.709179+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2431959"
}
],
"notes": [
{
"category": "description",
"text": "A path traversal flaw has been discovered in the python wheel too. The unpack function is vulnerable to file permission modification through mishandling of file permissions after extraction. The logic blindly trusts the filename from the archive header for the chmod operation, even though the extraction process itself might have sanitized the path. Attackers can craft a malicious wheel file that, when unpacked, changes the permissions of critical system files (e.g., /etc/passwd, SSH keys, config files), allowing for Privilege Escalation or arbitrary code execution by modifying now-writable scripts.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wheel: wheel: Privilege Escalation or Arbitrary Code Execution via malicious wheel file unpacking",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24049"
},
{
"category": "external",
"summary": "RHBZ#2431959",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431959"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24049",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24049"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24049",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24049"
},
{
"category": "external",
"summary": "https://github.com/pypa/wheel/commit/7a7d2de96b22a9adf9208afcc9547e1001569fef",
"url": "https://github.com/pypa/wheel/commit/7a7d2de96b22a9adf9208afcc9547e1001569fef"
},
{
"category": "external",
"summary": "https://github.com/pypa/wheel/releases/tag/0.46.2",
"url": "https://github.com/pypa/wheel/releases/tag/0.46.2"
},
{
"category": "external",
"summary": "https://github.com/pypa/wheel/security/advisories/GHSA-8rrh-rw8j-w5fx",
"url": "https://github.com/pypa/wheel/security/advisories/GHSA-8rrh-rw8j-w5fx"
}
],
"release_date": "2026-01-22T04:02:08.706000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-10T13:57:02+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11358",
"product_ids": [
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:4185"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:917812ed1960aa5718c3bab783adcb332afe375630cba7943ca22a715fedaffc_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:addfe949914aa4fb9403d1e8c4664bee3f97d1c9cc99de4c9d4a0e77e5d2f399_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:bb98c2611c6cf222bddd75faf18660d645a2136303cf0daf31cc7b5e0bb7182b_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/clair-rhel8@sha256:f3dc9df30aa3d8112ab0c47900141aa4cdeb4c618f111f091b66d27be9202993_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:bfe38a61bcd4f9e1a74a9b2f681b8713ed4efa553eb40c615fb5ded0aacf24df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:21094dd4f8766f6fa5ace83e671f85652b72392b18aa21621aa4cd79600d404c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:25360dfbb6e69528b557f1fbe33a5bde6c37188fc9d1d0d575b2596a8269456f_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fb832f735a69250fa66d90956526222a7e2b64ca0a7f6d09acc582f6527a3ed1_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:fc369b45e2f0cfafc7da05282474ae813830b012f8032b91d6b8f7d75287d470_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c811368ef77d8b17e1e27fa273c87dcd4b572635872221a8cb9bdf39ae6fe06_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8eaf9253428eef927bfa7509f1fbbaf6998e5bd262f0aca2b980863e6f411618_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:af814ef84aa0e649a02ef2877c9ad963e30ee9a1416e30f128c4841d7e53f211_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:f0c44916f0e4a0b792e743a8157a014d569dc759fc64657bc3b911f2d1d22ecc_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:0993ee9ca326a40bdd35828b7f07f9d832d033b99b061ddd046e384285a408b6_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:2ede08e62b85bbbd62b45f892aa5532226b403fbb27ce5ec4ee0e79a65532551_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:5ee96859a8b4da0eaf09e7c14e032264ec29c7adc2c6826a7365f85313dff3c2_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-builder-rhel8@sha256:d711fca418151140d24632df9f461e6cf72d70cbcc225e42cb3a2d6c695848df_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:61cb5727b7d7ba543c4b6eade2c582960bdd432ff44e060892e7ecd20def4c88_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:740d25ad8aec0139151be72e70a1d12b5f78dc1ee813658bef52578306608d0c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7a19a5b8796e9c90a6c88859f02c366cc047901b9c0c62a99b2513fbb4d756e1_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:86bd2e921dc9a6ed1afb355a3c8aabd5a385ec91b1d2429a14516e7fde43aa17_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ca30d6af7d8923ac5b65fbb74cc06e943c67ea24f2cdaf2a27f9e9c9196728d5_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-bundle@sha256:aa20b724915b4302c8be86874d50df8c32e624a4dcef4f4b90d6e9394f5bb149_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:6ad9da9512951c26a98358939d06785387689089df874ebce49874466903afcc_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ba2dbd3198ff3b9089bb05fc78dfd2b20b31f1f89b274f99b4d5aec7004c20ea_ppc64le",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:fe1e31fc27a9cf50f168495f9ea08a561f5fb577195691fa4ac6a177d5d36d8c_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-operator-rhel8@sha256:ff7b37a2d32eda5c7f81111e0bced17cac64d5652e632e5207fb1794836d3a4c_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:1403699a49e9fa2e04fab27f28de244b6e3e631877eb6eddb55b676d3ec44587_arm64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:39cadc6e19d0ea7e86a6b11aa15093d4e7d24bc69be260abed90396f92b4126c_amd64",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:8b52456a5391e1e5179ccdc6ac3ec3737a9a33481128a86dd055813881ebc900_s390x",
"Red Hat Quay 3.13:registry.redhat.io/quay/quay-rhel8@sha256:d1fa7495f6dfad0e41f81ca8bf02689f6241973af27e2b98165878d3fc602d12_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "wheel: wheel: Privilege Escalation or Arbitrary Code Execution via malicious wheel file unpacking"
}
]
}
RHSA-2026:2762
Vulnerability from csaf_redhat - Published: 2026-02-16 17:44 - Updated: 2026-05-07 07:29Summary
Red Hat Security Advisory: Red Hat Quay 3.10.18
Severity
Important
Notes
Topic: Red Hat Quay 3.10.18 is now available with bug fixes.
Details: Quay 3.10.18
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:2762
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in the x/crypto/ssh go library. Applications and libraries that misuse the ServerConfig.PublicKeyCallback callback may be susceptible to an authorization bypass. For example, an attacker may send public keys A and B and authenticate with A. PublicKeyCallback would be called only twice, first with A and then with B. A vulnerable application may then make authorization decisions based on key B, for which the attacker does not control the private key. The misuse of ServerConfig.PublicKeyCallback may cause an authorization bypass.
8.2 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:2762
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in golang.org/x/net/html. This flaw allows an attacker to craft input to the parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This issue can cause a denial of service.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:2762
A flaw was found in node-forge. This vulnerability allows unauthenticated attackers to bypass downstream cryptographic verifications and security decisions via crafting ASN.1 (Abstract Syntax Notation One) structures to desynchronize schema validations, yielding a semantic divergence.
8.7 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:2762
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
A flaw was found in qs, a module used for parsing query strings. A remote attacker can exploit an improper input validation vulnerability by sending specially crafted HTTP requests that use bracket notation (e.g., `a[]=value`). This bypasses the `arrayLimit` option, which is designed to limit the size of parsed arrays and prevent resource exhaustion. Successful exploitation can lead to memory exhaustion, causing a Denial of Service (DoS) where the application crashes or becomes unresponsive, making the service unavailable to users.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:2762
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
A flaw was found in runc. This attack is a more sophisticated variant of CVE-2019-16884, which was a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process. The mitigation applied for CVE-2019-16884 was fairly limited and effectively only caused runc to verify that when we write LSM labels that those labels are actual procfs files.
8.2 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:2762
Workaround
Potential mitigations for this issue include:
* Using rootless containers, as doing so will block most of the inadvertent writes (runc would run with reduced privileges, making attempts to write to procfs files ineffective).
* Based on our analysis, neither AppArmor or SELinux can protect against the full version of the redirected write attack. The container runtime is generally privileged enough to write to arbitrary procfs files, which is more than sufficient to cause a container breakout.
A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:2762
A flaw was found in auth0/node-jws. This vulnerability allows improper signature verification via using the HS256 (Hash-based Message Authentication Code using SHA-256) algorithm under specific conditions, where applications use the jws.createVerify() function for HMAC (Keyed-Hash Message Authentication Code) algorithms and user-provided data from the JSON (JavaScript Object Notation) Web Signature protected header or payload in HMAC secret lookup routines.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:2762
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
An ASN.1 Denial of Service (Dos) vulnerability exists in the node-forge asn1.fromDer function within forge/lib/asn1.js. The ASN.1 DER parser implementation (_fromDer) recurses for every constructed ASN.1 value (SEQUENCE, SET, etc.) and lacks a guard limiting recursion depth. An attacker can craft a small DER blob containing a very large nesting depth of constructed TLVs which causes the Node.js V8 engine to exhaust its call stack and throw RangeError: Maximum call stack size exceeded, crashing or incapacitating the process handling the parse. This is a remote, low-cost Denial-of-Service against applications that parse untrusted ASN.1 objects.
5.3 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:2762
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in urllib3 Python library that could lead to a Denial of Service condition. A remote, malicious server can exploit this flaw by responding to a client request with an HTTP message that uses an excessive number of chained compression algorithms. This unlimited decompression chain causes the client system to consume a virtually unbounded amount of CPU resources and memory. The high resource usage leads to service disruption, making the application unresponsive.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:2762
A decompression handling flaw has been discovered in urllib3. When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header (e.g., gzip, deflate, br, or zstd). The library must read compressed data from the network and decompress it until the requested chunk size is met. Any resulting decompressed data that exceeds the requested amount is held in an internal buffer for the next read operation. The decompression logic could cause urllib3 to fully decode a small amount of highly compressed data in a single operation. This can result in excessive resource consumption (high CPU usage and massive memory allocation for the decompressed data; CWE-409) on the client side, even if the application only requested a small chunk of data.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:2762
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in Fulcio, a free-to-use certificate authority. This vulnerability allows a denial of service (DoS) due to excessive memory allocation when processing a malicious OpenID Connect (OIDC) identity token containing numerous period characters.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:2762
urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP `Content-Encoding` header (e.g., `gzip`, `deflate`, `br`, or `zstd`). When using the streaming API, the library decompresses only the necessary bytes, enabling partial content consumption. Starting in version 1.22 and prior to version 2.6.3, for HTTP redirect responses, the library would read the entire response body to drain the connection and decompress the content unnecessarily. This decompression occurred even before any read methods were called, and configured read limits did not restrict the amount of decompressed data. As a result, there was no safeguard against decompression bombs. A malicious server could exploit this to trigger excessive resource consumption on the client. Applications and libraries are affected when they stream content from untrusted sources by setting `preload_content=False` when they do not disable redirects. Users should upgrade to at least urllib3 v2.6.3, in which the library does not decode content of redirect responses when `preload_content=False`. If upgrading is not immediately possible, disable redirects by setting `redirect=False` for requests to untrusted source.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:2762
A path traversal flaw has been discovered in the python wheel too. The unpack function is vulnerable to file permission modification through mishandling of file permissions after extraction. The logic blindly trusts the filename from the archive header for the chmod operation, even though the extraction process itself might have sanitized the path. Attackers can craft a malicious wheel file that, when unpacked, changes the permissions of critical system files (e.g., /etc/passwd, SSH keys, config files), allowing for Privilege Escalation or arbitrary code execution by modifying now-writable scripts.
7.1 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:2762
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
References
| URL | Category | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat Quay 3.10.18 is now available with bug fixes.",
"title": "Topic"
},
{
"category": "general",
"text": "Quay 3.10.18",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:2762",
"url": "https://access.redhat.com/errata/RHSA-2026:2762"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-34156",
"url": "https://access.redhat.com/security/cve/CVE-2024-34156"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-45337",
"url": "https://access.redhat.com/security/cve/CVE-2024-45337"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-45338",
"url": "https://access.redhat.com/security/cve/CVE-2024-45338"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-12816",
"url": "https://access.redhat.com/security/cve/CVE-2025-12816"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-15284",
"url": "https://access.redhat.com/security/cve/CVE-2025-15284"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-52881",
"url": "https://access.redhat.com/security/cve/CVE-2025-52881"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61729",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-65945",
"url": "https://access.redhat.com/security/cve/CVE-2025-65945"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66031",
"url": "https://access.redhat.com/security/cve/CVE-2025-66031"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66418",
"url": "https://access.redhat.com/security/cve/CVE-2025-66418"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66471",
"url": "https://access.redhat.com/security/cve/CVE-2025-66471"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66506",
"url": "https://access.redhat.com/security/cve/CVE-2025-66506"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-21441",
"url": "https://access.redhat.com/security/cve/CVE-2026-21441"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-24049",
"url": "https://access.redhat.com/security/cve/CVE-2026-24049"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_2762.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Quay 3.10.18",
"tracking": {
"current_release_date": "2026-05-07T07:29:48+00:00",
"generator": {
"date": "2026-05-07T07:29:48+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.9"
}
},
"id": "RHSA-2026:2762",
"initial_release_date": "2026-02-16T17:44:31+00:00",
"revision_history": [
{
"date": "2026-02-16T17:44:31+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-02-16T17:44:35+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-07T07:29:48+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Quay 3.1",
"product": {
"name": "Red Hat Quay 3.1",
"product_id": "Red Hat Quay 3.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:quay:3.10::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Quay"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-bundle@sha256%3Af006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1770249889"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3A0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1770224116"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-bundle@sha256%3A27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1770249881"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3Af7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1770133631"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"product_id": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-qemu-rhcos-rhel8@sha256%3Ac5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1770991805"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel8@sha256%3Ad8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1770991340"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"product": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"product_id": "registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel8@sha256%3A191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1770133671"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"product_id": "registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-bundle@sha256%3A363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1770993022"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64",
"product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel8@sha256%3A8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1770133646"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64",
"product_id": "registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel8@sha256%3Ab54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1770249183"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3A17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1770224116"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3A085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1770133631"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel8@sha256%3A0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1770991340"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"product": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"product_id": "registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel8@sha256%3A1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1770133671"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel8@sha256%3A0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1770133646"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"product_id": "registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel8@sha256%3A5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1770249183"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3A571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1770224116"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3Aaab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1770133631"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel8@sha256%3A7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1770991340"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"product": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"product_id": "registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel8@sha256%3A31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1770133671"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel8@sha256%3A7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1770133646"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"product_id": "registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel8@sha256%3Ab46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1770249183"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64 as a component of Red Hat Quay 3.1",
"product_id": "Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64"
},
"product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"relates_to_product_reference": "Red Hat Quay 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le as a component of Red Hat Quay 3.1",
"product_id": "Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le"
},
"product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x as a component of Red Hat Quay 3.1",
"product_id": "Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x"
},
"product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"relates_to_product_reference": "Red Hat Quay 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64 as a component of Red Hat Quay 3.1",
"product_id": "Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"relates_to_product_reference": "Red Hat Quay 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le as a component of Red Hat Quay 3.1",
"product_id": "Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x as a component of Red Hat Quay 3.1",
"product_id": "Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"relates_to_product_reference": "Red Hat Quay 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64 as a component of Red Hat Quay 3.1",
"product_id": "Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"relates_to_product_reference": "Red Hat Quay 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64 as a component of Red Hat Quay 3.1",
"product_id": "Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"relates_to_product_reference": "Red Hat Quay 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le as a component of Red Hat Quay 3.1",
"product_id": "Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x as a component of Red Hat Quay 3.1",
"product_id": "Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"relates_to_product_reference": "Red Hat Quay 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64 as a component of Red Hat Quay 3.1",
"product_id": "Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"relates_to_product_reference": "Red Hat Quay 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64 as a component of Red Hat Quay 3.1",
"product_id": "Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"relates_to_product_reference": "Red Hat Quay 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64 as a component of Red Hat Quay 3.1",
"product_id": "Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"relates_to_product_reference": "Red Hat Quay 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le as a component of Red Hat Quay 3.1",
"product_id": "Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x as a component of Red Hat Quay 3.1",
"product_id": "Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"relates_to_product_reference": "Red Hat Quay 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64 as a component of Red Hat Quay 3.1",
"product_id": "Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"relates_to_product_reference": "Red Hat Quay 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le as a component of Red Hat Quay 3.1",
"product_id": "Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x as a component of Red Hat Quay 3.1",
"product_id": "Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"relates_to_product_reference": "Red Hat Quay 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64 as a component of Red Hat Quay 3.1",
"product_id": "Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64",
"relates_to_product_reference": "Red Hat Quay 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le as a component of Red Hat Quay 3.1",
"product_id": "Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x as a component of Red Hat Quay 3.1",
"product_id": "Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"relates_to_product_reference": "Red Hat Quay 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64 as a component of Red Hat Quay 3.1",
"product_id": "Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64",
"relates_to_product_reference": "Red Hat Quay 3.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-34156",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2024-09-06T21:20:09.377905+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310528"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in Go\u0027s `encoding/gob` package is of high severity because it exposes applications to potential Denial of Service (DoS) attacks through stack exhaustion. Since `gob` relies on recursive function calls to decode nested structures, an attacker could exploit this by sending crafted messages with excessively deep nesting, causing the application to panic due to stack overflow. This risk is particularly important in scenarios where untrusted or external input is processed, as it can lead to system unavailability or crashes, undermining the reliability and availability of services.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
],
"known_not_affected": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-34156"
},
{
"category": "external",
"summary": "RHBZ#2310528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310528"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-34156",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-34156",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34156"
},
{
"category": "external",
"summary": "https://go.dev/cl/611239",
"url": "https://go.dev/cl/611239"
},
{
"category": "external",
"summary": "https://go.dev/issue/69139",
"url": "https://go.dev/issue/69139"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk",
"url": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3106",
"url": "https://pkg.go.dev/vuln/GO-2024-3106"
}
],
"release_date": "2024-09-06T21:15:12.020000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T17:44:31+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2762"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion"
},
{
"cve": "CVE-2024-45337",
"cwe": {
"id": "CWE-285",
"name": "Improper Authorization"
},
"discovery_date": "2024-12-11T19:00:54.247490+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2331720"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the x/crypto/ssh go library. Applications and libraries that misuse the ServerConfig.PublicKeyCallback callback may be susceptible to an authorization bypass. For example, an attacker may send public keys A and B and authenticate with A. PublicKeyCallback would be called only twice, first with A and then with B. A vulnerable application may then make authorization decisions based on key B, for which the attacker does not control the private key. The misuse of ServerConfig.PublicKeyCallback may cause an authorization bypass.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is classified as important rather than critical because it does not directly enable unauthorized access but rather introduces a risk of authorization bypass if the application or library misuses the PublicKeyCallback API. The vulnerability relies on incorrect assumptions made by the application when handling the sequence or state of keys provided during SSH authentication. Properly implemented systems that use the Permissions field or avoid relying on external state remain unaffected. Additionally, the vulnerability does not allow direct exploitation to gain control over a system without the presence of insecure logic in the application\u0027s handling of authentication attempts.\n\n\nRed Hat Enterprise Linux(RHEL) 8 \u0026 9 and Red Hat Openshift marked as not affected as it was determined that the problem function `ServerConfig.PublicKeyCallback`, as noted in the CVE-2024-45337 issue, is not called by Podman, Buildah, containers-common, or the gvisor-tap-vsock projects.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
],
"known_not_affected": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45337"
},
{
"category": "external",
"summary": "RHBZ#2331720",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331720"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45337",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45337"
},
{
"category": "external",
"summary": "https://github.com/golang/crypto/commit/b4f1988a35dee11ec3e05d6bf3e90b695fbd8909",
"url": "https://github.com/golang/crypto/commit/b4f1988a35dee11ec3e05d6bf3e90b695fbd8909"
},
{
"category": "external",
"summary": "https://go.dev/cl/635315",
"url": "https://go.dev/cl/635315"
},
{
"category": "external",
"summary": "https://go.dev/issue/70779",
"url": "https://go.dev/issue/70779"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/-nPEi39gI4Q/m/cGVPJCqdAQAJ",
"url": "https://groups.google.com/g/golang-announce/c/-nPEi39gI4Q/m/cGVPJCqdAQAJ"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3321",
"url": "https://pkg.go.dev/vuln/GO-2024-3321"
}
],
"release_date": "2024-12-11T18:55:58.506000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T17:44:31+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2762"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto"
},
{
"cve": "CVE-2024-45338",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2024-12-18T21:00:59.938173+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2333122"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/net/html. This flaw allows an attacker to craft input to the parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This issue can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as an Important severity because an attacker can craft malicious input that causes the parsing functions to process data non-linearly, resulting in significant delays which leads to a denial of service by exhausting system resources.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
],
"known_not_affected": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45338"
},
{
"category": "external",
"summary": "RHBZ#2333122",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333122"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45338"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45338",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45338"
},
{
"category": "external",
"summary": "https://go.dev/cl/637536",
"url": "https://go.dev/cl/637536"
},
{
"category": "external",
"summary": "https://go.dev/issue/70906",
"url": "https://go.dev/issue/70906"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ",
"url": "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3333",
"url": "https://pkg.go.dev/vuln/GO-2024-3333"
}
],
"release_date": "2024-12-18T20:38:22.660000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T17:44:31+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2762"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html"
},
{
"cve": "CVE-2025-12816",
"cwe": {
"id": "CWE-179",
"name": "Incorrect Behavior Order: Early Validation"
},
"discovery_date": "2025-11-25T20:01:05.875196+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2417097"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in node-forge. This vulnerability allows unauthenticated attackers to bypass downstream cryptographic verifications and security decisions via crafting ASN.1 (Abstract Syntax Notation One) structures to desynchronize schema validations, yielding a semantic divergence.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: node-forge: Interpretation conflict vulnerability allows bypassing cryptographic verifications",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products due to an interpretation conflict in the node-forge library. An unauthenticated attacker could exploit this flaw by crafting malicious ASN.1 structures, leading to a bypass of cryptographic verifications and security decisions in affected applications. This impacts various Red Hat products that utilize node-forge for cryptographic operations.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
],
"known_not_affected": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-12816"
},
{
"category": "external",
"summary": "RHBZ#2417097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-12816",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12816"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-12816",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12816"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge",
"url": "https://github.com/digitalbazaar/forge"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/pull/1124",
"url": "https://github.com/digitalbazaar/forge/pull/1124"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5gfm-wpxj-wjgq",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5gfm-wpxj-wjgq"
},
{
"category": "external",
"summary": "https://kb.cert.org/vuls/id/521113",
"url": "https://kb.cert.org/vuls/id/521113"
},
{
"category": "external",
"summary": "https://www.npmjs.com/package/node-forge",
"url": "https://www.npmjs.com/package/node-forge"
}
],
"release_date": "2025-11-25T19:15:50.243000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T17:44:31+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2762"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "node-forge: node-forge: Interpretation conflict vulnerability allows bypassing cryptographic verifications"
},
{
"cve": "CVE-2025-15284",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-12-29T23:00:58.541337+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2425946"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in qs, a module used for parsing query strings. A remote attacker can exploit an improper input validation vulnerability by sending specially crafted HTTP requests that use bracket notation (e.g., `a[]=value`). This bypasses the `arrayLimit` option, which is designed to limit the size of parsed arrays and prevent resource exhaustion. Successful exploitation can lead to memory exhaustion, causing a Denial of Service (DoS) where the application crashes or becomes unresponsive, making the service unavailable to users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "qs: qs: Denial of Service via improper input validation in array parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products that utilize the `qs` module for parsing query strings, particularly when processing user-controlled input with bracket notation. The `arrayLimit` option, intended to prevent resource exhaustion, is bypassed when bracket notation (`a[]=value`) is used, allowing a remote attacker to cause a denial of service through memory exhaustion. This can lead to application crashes or unresponsiveness, making the service unavailable.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
],
"known_not_affected": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-15284"
},
{
"category": "external",
"summary": "RHBZ#2425946",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425946"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-15284",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15284"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-15284",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-15284"
},
{
"category": "external",
"summary": "https://github.com/ljharb/qs/commit/3086902ecf7f088d0d1803887643ac6c03d415b9",
"url": "https://github.com/ljharb/qs/commit/3086902ecf7f088d0d1803887643ac6c03d415b9"
},
{
"category": "external",
"summary": "https://github.com/ljharb/qs/security/advisories/GHSA-6rw7-vpxm-498p",
"url": "https://github.com/ljharb/qs/security/advisories/GHSA-6rw7-vpxm-498p"
}
],
"release_date": "2025-12-29T22:56:45.240000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T17:44:31+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2762"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "qs: qs: Denial of Service via improper input validation in array parsing"
},
{
"cve": "CVE-2025-52881",
"cwe": {
"id": "CWE-59",
"name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
},
"discovery_date": "2025-10-17T14:19:18.652000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2404715"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in runc. This attack is a more sophisticated variant of CVE-2019-16884, which was a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process. The mitigation applied for CVE-2019-16884 was fairly limited and effectively only caused runc to verify that when we write LSM labels that those labels are actual procfs files.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat considers this as an Important flaw since the impact is limited to local attack with minimal privileges in order to jeopardize the environment.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
],
"known_not_affected": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-52881"
},
{
"category": "external",
"summary": "RHBZ#2404715",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2404715"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-52881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52881"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-52881",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-52881"
},
{
"category": "external",
"summary": "https://github.com/opencontainers/runc/security/advisories/GHSA-cgrx-mc8f-2prm",
"url": "https://github.com/opencontainers/runc/security/advisories/GHSA-cgrx-mc8f-2prm"
},
{
"category": "external",
"summary": "https://github.com/opencontainers/selinux/pull/237",
"url": "https://github.com/opencontainers/selinux/pull/237"
}
],
"release_date": "2025-11-05T09:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T17:44:31+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2762"
},
{
"category": "workaround",
"details": "Potential mitigations for this issue include:\n\n* Using rootless containers, as doing so will block most of the inadvertent writes (runc would run with reduced privileges, making attempts to write to procfs files ineffective).\n* Based on our analysis, neither AppArmor or SELinux can protect against the full version of the redirected write attack. The container runtime is generally privileged enough to write to arbitrary procfs files, which is more than sufficient to cause a container breakout.",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects"
},
{
"cve": "CVE-2025-61729",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2025-12-02T20:01:45.330964+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418462"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
],
"known_not_affected": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "RHBZ#2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://go.dev/cl/725920",
"url": "https://go.dev/cl/725920"
},
{
"category": "external",
"summary": "https://go.dev/issue/76445",
"url": "https://go.dev/issue/76445"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4",
"url": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4155",
"url": "https://pkg.go.dev/vuln/GO-2025-4155"
}
],
"release_date": "2025-12-02T18:54:10.166000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T17:44:31+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2762"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate"
},
{
"cve": "CVE-2025-65945",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"discovery_date": "2025-12-04T19:01:14.733682+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418904"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in auth0/node-jws. This vulnerability allows improper signature verification via using the HS256 (Hash-based Message Authentication Code using SHA-256) algorithm under specific conditions, where applications use the jws.createVerify() function for HMAC (Keyed-Hash Message Authentication Code) algorithms and user-provided data from the JSON (JavaScript Object Notation) Web Signature protected header or payload in HMAC secret lookup routines.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-jws: auth0/node-jws: Improper signature verification in HS256 algorithm",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
],
"known_not_affected": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-65945"
},
{
"category": "external",
"summary": "RHBZ#2418904",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418904"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-65945",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-65945"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-65945",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-65945"
},
{
"category": "external",
"summary": "https://github.com/auth0/node-jws/commit/34c45b2c04434f925b638de6a061de9339c0ea2e",
"url": "https://github.com/auth0/node-jws/commit/34c45b2c04434f925b638de6a061de9339c0ea2e"
},
{
"category": "external",
"summary": "https://github.com/auth0/node-jws/security/advisories/GHSA-869p-cjfg-cm3x",
"url": "https://github.com/auth0/node-jws/security/advisories/GHSA-869p-cjfg-cm3x"
}
],
"release_date": "2025-12-04T18:45:37.517000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T17:44:31+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2762"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "node-jws: auth0/node-jws: Improper signature verification in HS256 algorithm"
},
{
"cve": "CVE-2025-66031",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2025-11-26T23:01:36.363253+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2417397"
}
],
"notes": [
{
"category": "description",
"text": "An ASN.1 Denial of Service (Dos) vulnerability exists in the node-forge asn1.fromDer function within forge/lib/asn1.js. The ASN.1 DER parser implementation (_fromDer) recurses for every constructed ASN.1 value (SEQUENCE, SET, etc.) and lacks a guard limiting recursion depth. An attacker can craft a small DER blob containing a very large nesting depth of constructed TLVs which causes the Node.js V8 engine to exhaust its call stack and throw RangeError: Maximum call stack size exceeded, crashing or incapacitating the process handling the parse. This is a remote, low-cost Denial-of-Service against applications that parse untrusted ASN.1 objects.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: node-forge ASN.1 Unbounded Recursion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
],
"known_not_affected": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66031"
},
{
"category": "external",
"summary": "RHBZ#2417397",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417397"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66031",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66031"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66031",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66031"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/commit/260425c6167a38aae038697132483b5517b26451",
"url": "https://github.com/digitalbazaar/forge/commit/260425c6167a38aae038697132483b5517b26451"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-554w-wpv2-vw27",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-554w-wpv2-vw27"
}
],
"release_date": "2025-11-26T22:23:26.013000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T17:44:31+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2762"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "node-forge: node-forge ASN.1 Unbounded Recursion"
},
{
"cve": "CVE-2025-66418",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-12-05T17:01:20.277857+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419455"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in urllib3 Python library that could lead to a Denial of Service condition. A remote, malicious server can exploit this flaw by responding to a client request with an HTTP message that uses an excessive number of chained compression algorithms. This unlimited decompression chain causes the client system to consume a virtually unbounded amount of CPU resources and memory. The high resource usage leads to service disruption, making the application unresponsive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
],
"known_not_affected": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66418"
},
{
"category": "external",
"summary": "RHBZ#2419455",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419455"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66418"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66418",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66418"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/24d7b67eac89f94e11003424bcf0d8f7b72222a8",
"url": "https://github.com/urllib3/urllib3/commit/24d7b67eac89f94e11003424bcf0d8f7b72222a8"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53"
}
],
"release_date": "2025-12-05T16:02:15.271000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T17:44:31+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2762"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion"
},
{
"cve": "CVE-2025-66471",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2025-12-05T17:02:21.597728+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419467"
}
],
"notes": [
{
"category": "description",
"text": "A decompression handling flaw has been discovered in urllib3. When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header (e.g., gzip, deflate, br, or zstd). The library must read compressed data from the network and decompress it until the requested chunk size is met. Any resulting decompressed data that exceeds the requested amount is held in an internal buffer for the next read operation. The decompression logic could cause urllib3 to fully decode a small amount of highly compressed data in a single operation. This can result in excessive resource consumption (high CPU usage and massive memory allocation for the decompressed data; CWE-409) on the client side, even if the application only requested a small chunk of data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3 Streaming API improperly handles highly compressed data",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
],
"known_not_affected": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66471"
},
{
"category": "external",
"summary": "RHBZ#2419467",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419467"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66471",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66471"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66471",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66471"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/c19571de34c47de3a766541b041637ba5f716ed7",
"url": "https://github.com/urllib3/urllib3/commit/c19571de34c47de3a766541b041637ba5f716ed7"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37"
}
],
"release_date": "2025-12-05T16:06:08.531000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T17:44:31+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2762"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3 Streaming API improperly handles highly compressed data"
},
{
"cve": "CVE-2025-66506",
"cwe": {
"id": "CWE-405",
"name": "Asymmetric Resource Consumption (Amplification)"
},
"discovery_date": "2025-12-04T23:01:20.507333+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419056"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Fulcio, a free-to-use certificate authority. This vulnerability allows a denial of service (DoS) due to excessive memory allocation when processing a malicious OpenID Connect (OIDC) identity token containing numerous period characters.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/sigstore/fulcio: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat as Fulcio, a certificate authority used for issuing code signing certificates, is susceptible to a denial of service when processing a specially crafted OpenID Connect (OIDC) token. This could lead to resource exhaustion and service unavailability in affected Red Hat products that utilize Fulcio.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
],
"known_not_affected": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66506"
},
{
"category": "external",
"summary": "RHBZ#2419056",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419056"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66506"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66506",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66506"
},
{
"category": "external",
"summary": "https://github.com/sigstore/fulcio/commit/765a0e57608b9ef390e1eeeea8595b9054c63a5a",
"url": "https://github.com/sigstore/fulcio/commit/765a0e57608b9ef390e1eeeea8595b9054c63a5a"
},
{
"category": "external",
"summary": "https://github.com/sigstore/fulcio/security/advisories/GHSA-f83f-xpx7-ffpw",
"url": "https://github.com/sigstore/fulcio/security/advisories/GHSA-f83f-xpx7-ffpw"
}
],
"release_date": "2025-12-04T22:04:41.637000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T17:44:31+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2762"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/sigstore/fulcio: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token"
},
{
"cve": "CVE-2026-21441",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2026-01-07T23:01:59.422078+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2427726"
}
],
"notes": [
{
"category": "description",
"text": "urllib3 is an HTTP client library for Python. urllib3\u0027s streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP `Content-Encoding` header (e.g., `gzip`, `deflate`, `br`, or `zstd`). When using the streaming API, the library decompresses only the necessary bytes, enabling partial content consumption. Starting in version 1.22 and prior to version 2.6.3, for HTTP redirect responses, the library would read the entire response body to drain the connection and decompress the content unnecessarily. This decompression occurred even before any read methods were called, and configured read limits did not restrict the amount of decompressed data. As a result, there was no safeguard against decompression bombs. A malicious server could exploit this to trigger excessive resource consumption on the client. Applications and libraries are affected when they stream content from untrusted sources by setting `preload_content=False` when they do not disable redirects. Users should upgrade to at least urllib3 v2.6.3, in which the library does not decode content of redirect responses when `preload_content=False`. If upgrading is not immediately possible, disable redirects by setting `redirect=False` for requests to untrusted source.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
],
"known_not_affected": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-21441"
},
{
"category": "external",
"summary": "RHBZ#2427726",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2427726"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-21441",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21441"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-21441",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21441"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b",
"url": "https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99"
}
],
"release_date": "2026-01-07T22:09:01.936000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T17:44:31+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2762"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)"
},
{
"cve": "CVE-2026-24049",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2026-01-22T05:00:54.709179+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2431959"
}
],
"notes": [
{
"category": "description",
"text": "A path traversal flaw has been discovered in the python wheel too. The unpack function is vulnerable to file permission modification through mishandling of file permissions after extraction. The logic blindly trusts the filename from the archive header for the chmod operation, even though the extraction process itself might have sanitized the path. Attackers can craft a malicious wheel file that, when unpacked, changes the permissions of critical system files (e.g., /etc/passwd, SSH keys, config files), allowing for Privilege Escalation or arbitrary code execution by modifying now-writable scripts.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wheel: wheel: Privilege Escalation or Arbitrary Code Execution via malicious wheel file unpacking",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
],
"known_not_affected": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24049"
},
{
"category": "external",
"summary": "RHBZ#2431959",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431959"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24049",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24049"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24049",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24049"
},
{
"category": "external",
"summary": "https://github.com/pypa/wheel/commit/7a7d2de96b22a9adf9208afcc9547e1001569fef",
"url": "https://github.com/pypa/wheel/commit/7a7d2de96b22a9adf9208afcc9547e1001569fef"
},
{
"category": "external",
"summary": "https://github.com/pypa/wheel/releases/tag/0.46.2",
"url": "https://github.com/pypa/wheel/releases/tag/0.46.2"
},
{
"category": "external",
"summary": "https://github.com/pypa/wheel/security/advisories/GHSA-8rrh-rw8j-w5fx",
"url": "https://github.com/pypa/wheel/security/advisories/GHSA-8rrh-rw8j-w5fx"
}
],
"release_date": "2026-01-22T04:02:08.706000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T17:44:31+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2762"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:191ca7ff2973addc6e654d85d8c764128aa0f314f5733673f884726f65d39cef_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:1c8cdc119d2774968249e45f44d6c6b8db7be5d1722a10370d6a5d8a610bdad3_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/clair-rhel8@sha256:31d6f3852e464d9e691d671ca9e31c7ffb74eac660f2dc1d174eb9541f77025b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:27c6e90239456e04b5d4788207c4b93d2a501e054c531817a5d9dd1d3050e88b_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:085401485780294ee1030fcbcf9e5b27d424175539a3c6b58aa1510464506fac_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aab02c5996a8fc6b4a5ccc4c5fe8e104117ecdfb89053ad76c243f098636bf47_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f7db77081450f895a76d5f2bd14801cbfba5aeb8feabc6488686358312a006a9_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c5efa89a8889042a125561e20ce918feab88ed8bb2e82a6dbb8e63a48e188cee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ac2270f040425b228c5be29498fb3b7179cc1c2b89ffc498d0e533a1f215913_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:7fdd702d7a92b1ecad9e8aed2572c66144a8deb6b7796d422ae192442d35fecf_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-builder-rhel8@sha256:d8ed6625f531394ab4bad84d68e24226e887ecfbd09c57cc63e005879fb49525_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:f006b674a07b09680682842c3e0f6a543fb19865124bd0c23d3fe4faf75a86f8_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:0a1b0e6be074b935cc6dc0d4782cbcb0afa8e86e1fa1eda7a107994c933554ee_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:17cd981b26466b0ec48f051f9c9b9168af6780006031a128c7f7a03a5622b8ba_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:571a99e76806fd7d7fb805fac388fd450d9ef58a00a95f90c9dbdc32ed93c44c_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-bundle@sha256:363e7b4be994bc1aaae25be1b26e400631aad24e92a7a5ee7f9d2ca960cdb420_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:0d396616e44ed9de0e390c19cd893fb39681d32a99f30c0187dfa54f1089e980_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:7b6239fb3d5ff13816e8c348addba581070cf104a81bf9b2019841594f30980b_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-operator-rhel8@sha256:8d7b4ba73bc93b1bc69027d37a5bdcf43dbc31a06b5f592d36ac5b9d2641a839_amd64",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:5cf58b1f54219b67c725f4a5066d9e757e7b5ece39d5de1a474a8be6a3490401_ppc64le",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b46b24ca0902be8f03b1ffa1b593ef55a4d92a9660adb4b8b4d0f44692431b93_s390x",
"Red Hat Quay 3.1:registry.redhat.io/quay/quay-rhel8@sha256:b54b571ac2f245f1a2eb1c7cf0dff6bc24ca6b9706ab8ee2dca323d561238255_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "wheel: wheel: Privilege Escalation or Arbitrary Code Execution via malicious wheel file unpacking"
}
]
}
RHSA-2026:2737
Vulnerability from csaf_redhat - Published: 2026-02-16 12:56 - Updated: 2026-05-07 03:03Summary
Red Hat Security Advisory: Red Hat Ceph Storage
Severity
Important
Notes
Topic: A new version of Red Hat build of Ceph Storage has been released
Details: The Red Hat Storage Ceph container images are based on the latest ubi9 base image and Ceph 8.1.
This release updates to the latest version.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
taffydb npm module, vulnerable in all versions up to and including 2.7.3, allows attackers to forge adding additional properties into user-input processed by taffy which can allow access to any data items in the DB. taffy sets an internal index for each data item in its DB. However, it is found that the internal index can be forged by adding additional properties into user-input. If index is found in the query, taffyDB will ignore other query conditions and directly return the indexed data item. Moreover, the internal index is in an easily-guessable format (e.g., T000002R000001). As such, attackers can use this vulnerability to access any data items in the DB.
7.5 (High)
Vendor Fix
The container images provided by this update can be downloaded from the
Red Hat container registry at registry.redhat.io using the "podman pull" command.
https://access.redhat.com/errata/RHSA-2026:2737
A flaw was found in nodejs-underscore. Arbitrary code execution via the template function is possible, particularly when a variable property is passed as an argument as it is not sanitized. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
7.2 (High)
Vendor Fix
The container images provided by this update can be downloaded from the
Red Hat container registry at registry.redhat.io using the "podman pull" command.
https://access.redhat.com/errata/RHSA-2026:2737
A regular expression denial of service (ReDoS) flaw was found in the asteris emphasis regular expression implementation in Mistune. By sending specially-crafted regex input, a remote attacker could invoke a catastrophic backtrack, resulting in a denial of service.
7.5 (High)
Vendor Fix
The container images provided by this update can be downloaded from the
Red Hat container registry at registry.redhat.io using the "podman pull" command.
https://access.redhat.com/errata/RHSA-2026:2737
A flaw was found in Ceph. An attacker can allow Ceph to accept any certificate because no certificate context is passed via Pybind to the constructors imaplib.IMAP4_SSL or smtplib.SMTP_SSL. As a result, pybind pybind does not check the server's X.509 certificate, instead accepting any certificate. This enables an attacker to commit a Man In the Middle (MITM) attack, compromising mail server credentials or mail contents
6.5 (Medium)
Vendor Fix
The container images provided by this update can be downloaded from the
Red Hat container registry at registry.redhat.io using the "podman pull" command.
https://access.redhat.com/errata/RHSA-2026:2737
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
A flaw was found in the golang-jwt package. Unclear documentation of the error behavior in `ParseWithClaims` can lead to situation where users are not checking errors in the way they should be. Especially, if a token is both expired and invalid, the errors returned by `ParseWithClaims` return both error codes. If users only check for the `jwt.ErrTokenExpired ` using `error.Is`, they can miss the embedded `jwt.ErrTokenSignatureInvalid`, and thus, potentially accept invalid tokens.
CWE-755 - Improper Handling of Exceptional Conditions
Vendor Fix
The container images provided by this update can be downloaded from the
Red Hat container registry at registry.redhat.io using the "podman pull" command.
https://access.redhat.com/errata/RHSA-2026:2737
A flaw was found in nanoid. Affected versions of nanoid mishandles non-integer values. When nanoid is called with a fractional value, there were a number of undesirable effects: - In browser and non-secure, the code infinite loops on while (size--) - In node, the value of poolOffset becomes fractional, causing calls to nanoid to return zeroes until the pool is next filled: when i is initialized to poolOffset, pool[i] & 63 -> undefined & 63 -> 0 - If the first call in node is a fractional argument, the initial buffer allocation fails with an error The highest impact of this issue system availability.
6.5 (Medium)
Vendor Fix
The container images provided by this update can be downloaded from the
Red Hat container registry at registry.redhat.io using the "podman pull" command.
https://access.redhat.com/errata/RHSA-2026:2737
Scrapy are vulnerable to a denial of service (DoS) attack due to a flaw in its brotli decompression implementation. The protection mechanism against decompression bombs fails to mitigate the brotli variant, allowing remote servers to crash clients with less than 80GB of available memory. This occurs because brotli can achieve extremely high compression ratios for zero-filled data, leading to excessive memory consumption during decompression.
7.5 (High)
Vendor Fix
The container images provided by this update can be downloaded from the
Red Hat container registry at registry.redhat.io using the "podman pull" command.
https://access.redhat.com/errata/RHSA-2026:2737
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
A vulnerability related to predictable random number generation has been discovered in the form-data JavaScript library. The library utilizes Math.random() to determine boundary values for multipart form-encoded data. This presents a security risk if an attacker can observe other values generated by Math.random() within the target application and simultaneously control at least one field of a request made using form-data. Under these conditions, the attacker could potentially predict or determine the boundary values. This predictability could be leveraged to bypass security controls, manipulate form data, or potentially lead to data integrity issues or other forms of exploitation.
5.4 (Medium)
Vendor Fix
The container images provided by this update can be downloaded from the
Red Hat container registry at registry.redhat.io using the "podman pull" command.
https://access.redhat.com/errata/RHSA-2026:2737
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in node-forge. This vulnerability allows unauthenticated attackers to bypass downstream cryptographic verifications and security decisions via crafting ASN.1 (Abstract Syntax Notation One) structures to desynchronize schema validations, yielding a semantic divergence.
8.7 (High)
Vendor Fix
The container images provided by this update can be downloaded from the
Red Hat container registry at registry.redhat.io using the "podman pull" command.
https://access.redhat.com/errata/RHSA-2026:2737
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
A flaw was found in util-linux. This vulnerability allows a heap buffer overread when processing 256-byte usernames, specifically within the `setpwnam()` function, affecting SUID (Set User ID) login-utils utilities writing to the password database.
6.1 (Medium)
Vendor Fix
The container images provided by this update can be downloaded from the
Red Hat container registry at registry.redhat.io using the "podman pull" command.
https://access.redhat.com/errata/RHSA-2026:2737
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
A flaw was found in DOMPurify. This vulnerability allows attackers to execute mutation-based Cross-site scripting (mXSS) via an incorrect template literal regular expression.
4.5 (Medium)
Vendor Fix
The container images provided by this update can be downloaded from the
Red Hat container registry at registry.redhat.io using the "podman pull" command.
https://access.redhat.com/errata/RHSA-2026:2737
A flaw was found in database/sql. Concurrent queries can produce unexpected results when a query is cancelled during a Scan method call on returned Rows, creating a race condition. This vulnerability allows an attacker who can initiate and cancel queries to trigger this condition, possibly leading to inconsistent data being returned to the application.
7.0 (High)
Vendor Fix
The container images provided by this update can be downloaded from the
Red Hat container registry at registry.redhat.io using the "podman pull" command.
https://access.redhat.com/errata/RHSA-2026:2737
A flaw in golang.org/x/crypto/ssh/agent causes the SSH agent client to panic when a peer responds with the generic SSH_AGENT_SUCCESS (0x06) message to requests expecting typed replies (e.g., List, Sign). The unmarshal layer produces an unexpected message type, which the client code does not handle, leading to panic("unreachable") or a nil-pointer dereference. A malicious agent or forwarded connection can exploit this to terminate the client process.
7.5 (High)
Vendor Fix
The container images provided by this update can be downloaded from the
Red Hat container registry at registry.redhat.io using the "podman pull" command.
https://access.redhat.com/errata/RHSA-2026:2737
Workaround
No mitigation is currently available that meets Red Hat Product Security’s standards for usability, deployment, applicability, or stability.
A flaw was found in the archive/tar package in the Go standard library. tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A specially crafted tar archive with a pax header indicating a big number of sparse regions can cause a Go program to try to allocate a large amount of memory, causing an out-of-memory condition and resulting in a denial of service.
7.5 (High)
Vendor Fix
The container images provided by this update can be downloaded from the
Red Hat container registry at registry.redhat.io using the "podman pull" command.
https://access.redhat.com/errata/RHSA-2026:2737
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
An ASN.1 Denial of Service (Dos) vulnerability exists in the node-forge asn1.fromDer function within forge/lib/asn1.js. The ASN.1 DER parser implementation (_fromDer) recurses for every constructed ASN.1 value (SEQUENCE, SET, etc.) and lacks a guard limiting recursion depth. An attacker can craft a small DER blob containing a very large nesting depth of constructed TLVs which causes the Node.js V8 engine to exhaust its call stack and throw RangeError: Maximum call stack size exceeded, crashing or incapacitating the process handling the parse. This is a remote, low-cost Denial-of-Service against applications that parse untrusted ASN.1 objects.
5.3 (Medium)
Vendor Fix
The container images provided by this update can be downloaded from the
Red Hat container registry at registry.redhat.io using the "podman pull" command.
https://access.redhat.com/errata/RHSA-2026:2737
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in urllib3 Python library that could lead to a Denial of Service condition. A remote, malicious server can exploit this flaw by responding to a client request with an HTTP message that uses an excessive number of chained compression algorithms. This unlimited decompression chain causes the client system to consume a virtually unbounded amount of CPU resources and memory. The high resource usage leads to service disruption, making the application unresponsive.
7.5 (High)
Vendor Fix
The container images provided by this update can be downloaded from the
Red Hat container registry at registry.redhat.io using the "podman pull" command.
https://access.redhat.com/errata/RHSA-2026:2737
A decompression handling flaw has been discovered in urllib3. When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header (e.g., gzip, deflate, br, or zstd). The library must read compressed data from the network and decompress it until the requested chunk size is met. Any resulting decompressed data that exceeds the requested amount is held in an internal buffer for the next read operation. The decompression logic could cause urllib3 to fully decode a small amount of highly compressed data in a single operation. This can result in excessive resource consumption (high CPU usage and massive memory allocation for the decompressed data; CWE-409) on the client side, even if the application only requested a small chunk of data.
7.5 (High)
Vendor Fix
The container images provided by this update can be downloaded from the
Red Hat container registry at registry.redhat.io using the "podman pull" command.
https://access.redhat.com/errata/RHSA-2026:2737
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in Storybook, a tool for building user interface components. This vulnerability can lead to the unintended exposure of sensitive information. When Storybook is built in a directory containing a `.env` file and then published online, environment variables from that file may be included in the publicly accessible build artifacts. This allows anyone with access to the published Storybook to view these potentially confidential variables.
7.5 (High)
Vendor Fix
The container images provided by this update can be downloaded from the
Red Hat container registry at registry.redhat.io using the "podman pull" command.
https://access.redhat.com/errata/RHSA-2026:2737
References
| URL | Category | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Acknowledgments
Martin Schobert
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A new version of Red Hat build of Ceph Storage has been released",
"title": "Topic"
},
{
"category": "general",
"text": "The Red Hat Storage Ceph container images are based on the latest ubi9 base image and Ceph 8.1.\nThis release updates to the latest version.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:2737",
"url": "https://access.redhat.com/errata/RHSA-2026:2737"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2019-10790",
"url": "https://access.redhat.com/security/cve/CVE-2019-10790"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2021-23358",
"url": "https://access.redhat.com/security/cve/CVE-2021-23358"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2022-34749",
"url": "https://access.redhat.com/security/cve/CVE-2022-34749"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-31884",
"url": "https://access.redhat.com/security/cve/CVE-2024-31884"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-51744",
"url": "https://access.redhat.com/security/cve/CVE-2024-51744"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-55565",
"url": "https://access.redhat.com/security/cve/CVE-2024-55565"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-12816",
"url": "https://access.redhat.com/security/cve/CVE-2025-12816"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-14104",
"url": "https://access.redhat.com/security/cve/CVE-2025-14104"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-26791",
"url": "https://access.redhat.com/security/cve/CVE-2025-26791"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-47907",
"url": "https://access.redhat.com/security/cve/CVE-2025-47907"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-47913",
"url": "https://access.redhat.com/security/cve/CVE-2025-47913"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-58183",
"url": "https://access.redhat.com/security/cve/CVE-2025-58183"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-6176",
"url": "https://access.redhat.com/security/cve/CVE-2025-6176"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66031",
"url": "https://access.redhat.com/security/cve/CVE-2025-66031"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66418",
"url": "https://access.redhat.com/security/cve/CVE-2025-66418"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66471",
"url": "https://access.redhat.com/security/cve/CVE-2025-66471"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-68429",
"url": "https://access.redhat.com/security/cve/CVE-2025-68429"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-7783",
"url": "https://access.redhat.com/security/cve/CVE-2025-7783"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_ceph_storage/",
"url": "https://docs.redhat.com/en/documentation/red_hat_ceph_storage/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_2737.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Ceph Storage",
"tracking": {
"current_release_date": "2026-05-07T03:03:12+00:00",
"generator": {
"date": "2026-05-07T03:03:12+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.9"
}
},
"id": "RHSA-2026:2737",
"initial_release_date": "2026-02-16T12:56:05+00:00",
"revision_history": [
{
"date": "2026-02-16T12:56:05+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-02-16T12:56:11+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-07T03:03:12+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Ceph Storage 8",
"product": {
"name": "Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ceph_storage:8::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Ceph Storage"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:b219c4478e43d68d1a3f2bb9aa0ec16cd30d11587d48ab5952ac09b03771c396_amd64",
"product": {
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:b219c4478e43d68d1a3f2bb9aa0ec16cd30d11587d48ab5952ac09b03771c396_amd64",
"product_id": "registry.redhat.io/rhceph/grafana-rhel9@sha256:b219c4478e43d68d1a3f2bb9aa0ec16cd30d11587d48ab5952ac09b03771c396_amd64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel9@sha256%3Ab219c4478e43d68d1a3f2bb9aa0ec16cd30d11587d48ab5952ac09b03771c396?arch=amd64\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1770630607"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9ed8cbcf7d72efc99c619dbebb4f0dc548ac574d76f321efd5bc077ab35051c7_amd64",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9ed8cbcf7d72efc99c619dbebb4f0dc548ac574d76f321efd5bc077ab35051c7_amd64",
"product_id": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9ed8cbcf7d72efc99c619dbebb4f0dc548ac574d76f321efd5bc077ab35051c7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-haproxy-rhel9@sha256%3A9ed8cbcf7d72efc99c619dbebb4f0dc548ac574d76f321efd5bc077ab35051c7?arch=amd64\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1770631713"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:f00d96629947fa7b290d75ed751bc3e6a514cee8545307f1685d05662b3257cb_amd64",
"product": {
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:f00d96629947fa7b290d75ed751bc3e6a514cee8545307f1685d05662b3257cb_amd64",
"product_id": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:f00d96629947fa7b290d75ed751bc3e6a514cee8545307f1685d05662b3257cb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/keepalived-rhel9@sha256%3Af00d96629947fa7b290d75ed751bc3e6a514cee8545307f1685d05662b3257cb?arch=amd64\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1770632172"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:224d90fd4efbf139fa0a8f37705af8556c89128d9fe9911de8a421877e920746_amd64",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:224d90fd4efbf139fa0a8f37705af8556c89128d9fe9911de8a421877e920746_amd64",
"product_id": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:224d90fd4efbf139fa0a8f37705af8556c89128d9fe9911de8a421877e920746_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-promtail-rhel9@sha256%3A224d90fd4efbf139fa0a8f37705af8556c89128d9fe9911de8a421877e920746?arch=amd64\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1770631941"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:bf39728adabe9f4c9b50eed0af81d3524ed655718a0e3f86fa1f77aa6ccdb4d2_amd64",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:bf39728adabe9f4c9b50eed0af81d3524ed655718a0e3f86fa1f77aa6ccdb4d2_amd64",
"product_id": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:bf39728adabe9f4c9b50eed0af81d3524ed655718a0e3f86fa1f77aa6ccdb4d2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-8-rhel9@sha256%3Abf39728adabe9f4c9b50eed0af81d3524ed655718a0e3f86fa1f77aa6ccdb4d2?arch=amd64\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1770630907"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:064b805df36b0ce427e9aa04177bce9334b1f691f2d3f15e469b9b969ce34bd4_amd64",
"product": {
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:064b805df36b0ce427e9aa04177bce9334b1f691f2d3f15e469b9b969ce34bd4_amd64",
"product_id": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:064b805df36b0ce427e9aa04177bce9334b1f691f2d3f15e469b9b969ce34bd4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/snmp-notifier-rhel9@sha256%3A064b805df36b0ce427e9aa04177bce9334b1f691f2d3f15e469b9b969ce34bd4?arch=amd64\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1770632233"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:25ba51881b0dbabd2911ec309a1aa881cfb8075605a6d50dac63751482a55d62_arm64",
"product": {
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:25ba51881b0dbabd2911ec309a1aa881cfb8075605a6d50dac63751482a55d62_arm64",
"product_id": "registry.redhat.io/rhceph/grafana-rhel9@sha256:25ba51881b0dbabd2911ec309a1aa881cfb8075605a6d50dac63751482a55d62_arm64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel9@sha256%3A25ba51881b0dbabd2911ec309a1aa881cfb8075605a6d50dac63751482a55d62?arch=arm64\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1770630607"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:e856a58e6720d1fb05988d53f5b5868f10407551f8dfffd8b27e30d683b79920_arm64",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:e856a58e6720d1fb05988d53f5b5868f10407551f8dfffd8b27e30d683b79920_arm64",
"product_id": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:e856a58e6720d1fb05988d53f5b5868f10407551f8dfffd8b27e30d683b79920_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-haproxy-rhel9@sha256%3Ae856a58e6720d1fb05988d53f5b5868f10407551f8dfffd8b27e30d683b79920?arch=arm64\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1770631713"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:5eb26c2ee619ea24d5fa836b1d34e18fcaf83ce5202f9cb5e57adc4c1860cedb_arm64",
"product": {
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:5eb26c2ee619ea24d5fa836b1d34e18fcaf83ce5202f9cb5e57adc4c1860cedb_arm64",
"product_id": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:5eb26c2ee619ea24d5fa836b1d34e18fcaf83ce5202f9cb5e57adc4c1860cedb_arm64",
"product_identification_helper": {
"purl": "pkg:oci/keepalived-rhel9@sha256%3A5eb26c2ee619ea24d5fa836b1d34e18fcaf83ce5202f9cb5e57adc4c1860cedb?arch=arm64\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1770632172"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:fe7eac5ba8577d0f36408c3f8be773c4e95ef57ded868a47cf80f669c51dca98_arm64",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:fe7eac5ba8577d0f36408c3f8be773c4e95ef57ded868a47cf80f669c51dca98_arm64",
"product_id": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:fe7eac5ba8577d0f36408c3f8be773c4e95ef57ded868a47cf80f669c51dca98_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-promtail-rhel9@sha256%3Afe7eac5ba8577d0f36408c3f8be773c4e95ef57ded868a47cf80f669c51dca98?arch=arm64\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1770631941"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:2325f237ab329cb3f1d3db4da40ed19f68d6daa2a5902c71be3f0d3cfcadd503_arm64",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:2325f237ab329cb3f1d3db4da40ed19f68d6daa2a5902c71be3f0d3cfcadd503_arm64",
"product_id": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:2325f237ab329cb3f1d3db4da40ed19f68d6daa2a5902c71be3f0d3cfcadd503_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-8-rhel9@sha256%3A2325f237ab329cb3f1d3db4da40ed19f68d6daa2a5902c71be3f0d3cfcadd503?arch=arm64\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1770630907"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:f31fe74f9dfb4a181358d4513573690c60fee2b3658472269239189374636a11_arm64",
"product": {
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:f31fe74f9dfb4a181358d4513573690c60fee2b3658472269239189374636a11_arm64",
"product_id": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:f31fe74f9dfb4a181358d4513573690c60fee2b3658472269239189374636a11_arm64",
"product_identification_helper": {
"purl": "pkg:oci/snmp-notifier-rhel9@sha256%3Af31fe74f9dfb4a181358d4513573690c60fee2b3658472269239189374636a11?arch=arm64\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1770632233"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:1dc2620596822eb28fb997bc51ad2ecb352011e63f4c54fb650bc3e4c8009c4e_s390x",
"product": {
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:1dc2620596822eb28fb997bc51ad2ecb352011e63f4c54fb650bc3e4c8009c4e_s390x",
"product_id": "registry.redhat.io/rhceph/grafana-rhel9@sha256:1dc2620596822eb28fb997bc51ad2ecb352011e63f4c54fb650bc3e4c8009c4e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel9@sha256%3A1dc2620596822eb28fb997bc51ad2ecb352011e63f4c54fb650bc3e4c8009c4e?arch=s390x\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1770630607"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:edb5ff30f3984733c7c778e06a05fedf562790e9b2baf7f91f23b84e3db1228f_s390x",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:edb5ff30f3984733c7c778e06a05fedf562790e9b2baf7f91f23b84e3db1228f_s390x",
"product_id": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:edb5ff30f3984733c7c778e06a05fedf562790e9b2baf7f91f23b84e3db1228f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-haproxy-rhel9@sha256%3Aedb5ff30f3984733c7c778e06a05fedf562790e9b2baf7f91f23b84e3db1228f?arch=s390x\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1770631713"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:ad1d4a09a47b2770be8feffed6cf0b8da2305b0472515ebbb08ebda65d608e79_s390x",
"product": {
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:ad1d4a09a47b2770be8feffed6cf0b8da2305b0472515ebbb08ebda65d608e79_s390x",
"product_id": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:ad1d4a09a47b2770be8feffed6cf0b8da2305b0472515ebbb08ebda65d608e79_s390x",
"product_identification_helper": {
"purl": "pkg:oci/keepalived-rhel9@sha256%3Aad1d4a09a47b2770be8feffed6cf0b8da2305b0472515ebbb08ebda65d608e79?arch=s390x\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1770632172"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:91606367539bd6d36ad256a49a14f94eb534de2ad28e894d18288d97612fda7c_s390x",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:91606367539bd6d36ad256a49a14f94eb534de2ad28e894d18288d97612fda7c_s390x",
"product_id": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:91606367539bd6d36ad256a49a14f94eb534de2ad28e894d18288d97612fda7c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-promtail-rhel9@sha256%3A91606367539bd6d36ad256a49a14f94eb534de2ad28e894d18288d97612fda7c?arch=s390x\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1770631941"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c571ca5630d65b34f08776d61f6be269a5e819dd870a99530993adc50c19e43e_s390x",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c571ca5630d65b34f08776d61f6be269a5e819dd870a99530993adc50c19e43e_s390x",
"product_id": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c571ca5630d65b34f08776d61f6be269a5e819dd870a99530993adc50c19e43e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-8-rhel9@sha256%3Ac571ca5630d65b34f08776d61f6be269a5e819dd870a99530993adc50c19e43e?arch=s390x\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1770630907"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:3a2e53f6ac97df7e08ea40464916bbb50edb2bbfd5623b1037a04a8cd7f80ee6_s390x",
"product": {
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:3a2e53f6ac97df7e08ea40464916bbb50edb2bbfd5623b1037a04a8cd7f80ee6_s390x",
"product_id": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:3a2e53f6ac97df7e08ea40464916bbb50edb2bbfd5623b1037a04a8cd7f80ee6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/snmp-notifier-rhel9@sha256%3A3a2e53f6ac97df7e08ea40464916bbb50edb2bbfd5623b1037a04a8cd7f80ee6?arch=s390x\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1770632233"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:eca201d07c2a36e80e38d331ac5daf176ae85b6f36884bb6cb22df27dc14eb63_ppc64le",
"product": {
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:eca201d07c2a36e80e38d331ac5daf176ae85b6f36884bb6cb22df27dc14eb63_ppc64le",
"product_id": "registry.redhat.io/rhceph/grafana-rhel9@sha256:eca201d07c2a36e80e38d331ac5daf176ae85b6f36884bb6cb22df27dc14eb63_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel9@sha256%3Aeca201d07c2a36e80e38d331ac5daf176ae85b6f36884bb6cb22df27dc14eb63?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1770630607"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:60f49f5b8bf2a681ee8fc8b5cd1351f70c1fe9a0052b4ec4806f6f5e996c14ad_ppc64le",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:60f49f5b8bf2a681ee8fc8b5cd1351f70c1fe9a0052b4ec4806f6f5e996c14ad_ppc64le",
"product_id": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:60f49f5b8bf2a681ee8fc8b5cd1351f70c1fe9a0052b4ec4806f6f5e996c14ad_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-haproxy-rhel9@sha256%3A60f49f5b8bf2a681ee8fc8b5cd1351f70c1fe9a0052b4ec4806f6f5e996c14ad?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1770631713"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:72e2a67c8f707d8c4c0657b2d69e47e3d426db857e8270330fcff59f7145f362_ppc64le",
"product": {
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:72e2a67c8f707d8c4c0657b2d69e47e3d426db857e8270330fcff59f7145f362_ppc64le",
"product_id": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:72e2a67c8f707d8c4c0657b2d69e47e3d426db857e8270330fcff59f7145f362_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/keepalived-rhel9@sha256%3A72e2a67c8f707d8c4c0657b2d69e47e3d426db857e8270330fcff59f7145f362?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1770632172"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d287d7b9594acfc6c2a49e9734c4699a7f641a24c136af2a984ce91ea2c3bdb1_ppc64le",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d287d7b9594acfc6c2a49e9734c4699a7f641a24c136af2a984ce91ea2c3bdb1_ppc64le",
"product_id": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d287d7b9594acfc6c2a49e9734c4699a7f641a24c136af2a984ce91ea2c3bdb1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-promtail-rhel9@sha256%3Ad287d7b9594acfc6c2a49e9734c4699a7f641a24c136af2a984ce91ea2c3bdb1?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1770631941"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:ecd314ed5a994812d976dbccf0d3c4db54fadf5c1cba46d1fa0b2f0a1fd0e921_ppc64le",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:ecd314ed5a994812d976dbccf0d3c4db54fadf5c1cba46d1fa0b2f0a1fd0e921_ppc64le",
"product_id": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:ecd314ed5a994812d976dbccf0d3c4db54fadf5c1cba46d1fa0b2f0a1fd0e921_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-8-rhel9@sha256%3Aecd314ed5a994812d976dbccf0d3c4db54fadf5c1cba46d1fa0b2f0a1fd0e921?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1770630907"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:d19e8224bbbc5b8a5c4c4ce7e3f7406d93c7e8de87de638f20cd806bcb8049c0_ppc64le",
"product": {
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:d19e8224bbbc5b8a5c4c4ce7e3f7406d93c7e8de87de638f20cd806bcb8049c0_ppc64le",
"product_id": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:d19e8224bbbc5b8a5c4c4ce7e3f7406d93c7e8de87de638f20cd806bcb8049c0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/snmp-notifier-rhel9@sha256%3Ad19e8224bbbc5b8a5c4c4ce7e3f7406d93c7e8de87de638f20cd806bcb8049c0?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1770632233"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:1dc2620596822eb28fb997bc51ad2ecb352011e63f4c54fb650bc3e4c8009c4e_s390x as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:1dc2620596822eb28fb997bc51ad2ecb352011e63f4c54fb650bc3e4c8009c4e_s390x"
},
"product_reference": "registry.redhat.io/rhceph/grafana-rhel9@sha256:1dc2620596822eb28fb997bc51ad2ecb352011e63f4c54fb650bc3e4c8009c4e_s390x",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:25ba51881b0dbabd2911ec309a1aa881cfb8075605a6d50dac63751482a55d62_arm64 as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:25ba51881b0dbabd2911ec309a1aa881cfb8075605a6d50dac63751482a55d62_arm64"
},
"product_reference": "registry.redhat.io/rhceph/grafana-rhel9@sha256:25ba51881b0dbabd2911ec309a1aa881cfb8075605a6d50dac63751482a55d62_arm64",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:b219c4478e43d68d1a3f2bb9aa0ec16cd30d11587d48ab5952ac09b03771c396_amd64 as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b219c4478e43d68d1a3f2bb9aa0ec16cd30d11587d48ab5952ac09b03771c396_amd64"
},
"product_reference": "registry.redhat.io/rhceph/grafana-rhel9@sha256:b219c4478e43d68d1a3f2bb9aa0ec16cd30d11587d48ab5952ac09b03771c396_amd64",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:eca201d07c2a36e80e38d331ac5daf176ae85b6f36884bb6cb22df27dc14eb63_ppc64le as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:eca201d07c2a36e80e38d331ac5daf176ae85b6f36884bb6cb22df27dc14eb63_ppc64le"
},
"product_reference": "registry.redhat.io/rhceph/grafana-rhel9@sha256:eca201d07c2a36e80e38d331ac5daf176ae85b6f36884bb6cb22df27dc14eb63_ppc64le",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:5eb26c2ee619ea24d5fa836b1d34e18fcaf83ce5202f9cb5e57adc4c1860cedb_arm64 as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5eb26c2ee619ea24d5fa836b1d34e18fcaf83ce5202f9cb5e57adc4c1860cedb_arm64"
},
"product_reference": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:5eb26c2ee619ea24d5fa836b1d34e18fcaf83ce5202f9cb5e57adc4c1860cedb_arm64",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:72e2a67c8f707d8c4c0657b2d69e47e3d426db857e8270330fcff59f7145f362_ppc64le as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:72e2a67c8f707d8c4c0657b2d69e47e3d426db857e8270330fcff59f7145f362_ppc64le"
},
"product_reference": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:72e2a67c8f707d8c4c0657b2d69e47e3d426db857e8270330fcff59f7145f362_ppc64le",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:ad1d4a09a47b2770be8feffed6cf0b8da2305b0472515ebbb08ebda65d608e79_s390x as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:ad1d4a09a47b2770be8feffed6cf0b8da2305b0472515ebbb08ebda65d608e79_s390x"
},
"product_reference": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:ad1d4a09a47b2770be8feffed6cf0b8da2305b0472515ebbb08ebda65d608e79_s390x",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:f00d96629947fa7b290d75ed751bc3e6a514cee8545307f1685d05662b3257cb_amd64 as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f00d96629947fa7b290d75ed751bc3e6a514cee8545307f1685d05662b3257cb_amd64"
},
"product_reference": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:f00d96629947fa7b290d75ed751bc3e6a514cee8545307f1685d05662b3257cb_amd64",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:2325f237ab329cb3f1d3db4da40ed19f68d6daa2a5902c71be3f0d3cfcadd503_arm64 as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:2325f237ab329cb3f1d3db4da40ed19f68d6daa2a5902c71be3f0d3cfcadd503_arm64"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:2325f237ab329cb3f1d3db4da40ed19f68d6daa2a5902c71be3f0d3cfcadd503_arm64",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:bf39728adabe9f4c9b50eed0af81d3524ed655718a0e3f86fa1f77aa6ccdb4d2_amd64 as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:bf39728adabe9f4c9b50eed0af81d3524ed655718a0e3f86fa1f77aa6ccdb4d2_amd64"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:bf39728adabe9f4c9b50eed0af81d3524ed655718a0e3f86fa1f77aa6ccdb4d2_amd64",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c571ca5630d65b34f08776d61f6be269a5e819dd870a99530993adc50c19e43e_s390x as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c571ca5630d65b34f08776d61f6be269a5e819dd870a99530993adc50c19e43e_s390x"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c571ca5630d65b34f08776d61f6be269a5e819dd870a99530993adc50c19e43e_s390x",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:ecd314ed5a994812d976dbccf0d3c4db54fadf5c1cba46d1fa0b2f0a1fd0e921_ppc64le as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:ecd314ed5a994812d976dbccf0d3c4db54fadf5c1cba46d1fa0b2f0a1fd0e921_ppc64le"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:ecd314ed5a994812d976dbccf0d3c4db54fadf5c1cba46d1fa0b2f0a1fd0e921_ppc64le",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:60f49f5b8bf2a681ee8fc8b5cd1351f70c1fe9a0052b4ec4806f6f5e996c14ad_ppc64le as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:60f49f5b8bf2a681ee8fc8b5cd1351f70c1fe9a0052b4ec4806f6f5e996c14ad_ppc64le"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:60f49f5b8bf2a681ee8fc8b5cd1351f70c1fe9a0052b4ec4806f6f5e996c14ad_ppc64le",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9ed8cbcf7d72efc99c619dbebb4f0dc548ac574d76f321efd5bc077ab35051c7_amd64 as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9ed8cbcf7d72efc99c619dbebb4f0dc548ac574d76f321efd5bc077ab35051c7_amd64"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9ed8cbcf7d72efc99c619dbebb4f0dc548ac574d76f321efd5bc077ab35051c7_amd64",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:e856a58e6720d1fb05988d53f5b5868f10407551f8dfffd8b27e30d683b79920_arm64 as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:e856a58e6720d1fb05988d53f5b5868f10407551f8dfffd8b27e30d683b79920_arm64"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:e856a58e6720d1fb05988d53f5b5868f10407551f8dfffd8b27e30d683b79920_arm64",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:edb5ff30f3984733c7c778e06a05fedf562790e9b2baf7f91f23b84e3db1228f_s390x as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:edb5ff30f3984733c7c778e06a05fedf562790e9b2baf7f91f23b84e3db1228f_s390x"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:edb5ff30f3984733c7c778e06a05fedf562790e9b2baf7f91f23b84e3db1228f_s390x",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:224d90fd4efbf139fa0a8f37705af8556c89128d9fe9911de8a421877e920746_amd64 as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:224d90fd4efbf139fa0a8f37705af8556c89128d9fe9911de8a421877e920746_amd64"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:224d90fd4efbf139fa0a8f37705af8556c89128d9fe9911de8a421877e920746_amd64",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:91606367539bd6d36ad256a49a14f94eb534de2ad28e894d18288d97612fda7c_s390x as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:91606367539bd6d36ad256a49a14f94eb534de2ad28e894d18288d97612fda7c_s390x"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:91606367539bd6d36ad256a49a14f94eb534de2ad28e894d18288d97612fda7c_s390x",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d287d7b9594acfc6c2a49e9734c4699a7f641a24c136af2a984ce91ea2c3bdb1_ppc64le as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d287d7b9594acfc6c2a49e9734c4699a7f641a24c136af2a984ce91ea2c3bdb1_ppc64le"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d287d7b9594acfc6c2a49e9734c4699a7f641a24c136af2a984ce91ea2c3bdb1_ppc64le",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:fe7eac5ba8577d0f36408c3f8be773c4e95ef57ded868a47cf80f669c51dca98_arm64 as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:fe7eac5ba8577d0f36408c3f8be773c4e95ef57ded868a47cf80f669c51dca98_arm64"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:fe7eac5ba8577d0f36408c3f8be773c4e95ef57ded868a47cf80f669c51dca98_arm64",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:064b805df36b0ce427e9aa04177bce9334b1f691f2d3f15e469b9b969ce34bd4_amd64 as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:064b805df36b0ce427e9aa04177bce9334b1f691f2d3f15e469b9b969ce34bd4_amd64"
},
"product_reference": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:064b805df36b0ce427e9aa04177bce9334b1f691f2d3f15e469b9b969ce34bd4_amd64",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:3a2e53f6ac97df7e08ea40464916bbb50edb2bbfd5623b1037a04a8cd7f80ee6_s390x as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:3a2e53f6ac97df7e08ea40464916bbb50edb2bbfd5623b1037a04a8cd7f80ee6_s390x"
},
"product_reference": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:3a2e53f6ac97df7e08ea40464916bbb50edb2bbfd5623b1037a04a8cd7f80ee6_s390x",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:d19e8224bbbc5b8a5c4c4ce7e3f7406d93c7e8de87de638f20cd806bcb8049c0_ppc64le as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:d19e8224bbbc5b8a5c4c4ce7e3f7406d93c7e8de87de638f20cd806bcb8049c0_ppc64le"
},
"product_reference": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:d19e8224bbbc5b8a5c4c4ce7e3f7406d93c7e8de87de638f20cd806bcb8049c0_ppc64le",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:f31fe74f9dfb4a181358d4513573690c60fee2b3658472269239189374636a11_arm64 as a component of Red Hat Ceph Storage 8",
"product_id": "Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:f31fe74f9dfb4a181358d4513573690c60fee2b3658472269239189374636a11_arm64"
},
"product_reference": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:f31fe74f9dfb4a181358d4513573690c60fee2b3658472269239189374636a11_arm64",
"relates_to_product_reference": "Red Hat Ceph Storage 8"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-10790",
"discovery_date": "2025-08-20T22:37:38.151000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:1dc2620596822eb28fb997bc51ad2ecb352011e63f4c54fb650bc3e4c8009c4e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:25ba51881b0dbabd2911ec309a1aa881cfb8075605a6d50dac63751482a55d62_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b219c4478e43d68d1a3f2bb9aa0ec16cd30d11587d48ab5952ac09b03771c396_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:eca201d07c2a36e80e38d331ac5daf176ae85b6f36884bb6cb22df27dc14eb63_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5eb26c2ee619ea24d5fa836b1d34e18fcaf83ce5202f9cb5e57adc4c1860cedb_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:72e2a67c8f707d8c4c0657b2d69e47e3d426db857e8270330fcff59f7145f362_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:ad1d4a09a47b2770be8feffed6cf0b8da2305b0472515ebbb08ebda65d608e79_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f00d96629947fa7b290d75ed751bc3e6a514cee8545307f1685d05662b3257cb_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:60f49f5b8bf2a681ee8fc8b5cd1351f70c1fe9a0052b4ec4806f6f5e996c14ad_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9ed8cbcf7d72efc99c619dbebb4f0dc548ac574d76f321efd5bc077ab35051c7_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:e856a58e6720d1fb05988d53f5b5868f10407551f8dfffd8b27e30d683b79920_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:edb5ff30f3984733c7c778e06a05fedf562790e9b2baf7f91f23b84e3db1228f_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:224d90fd4efbf139fa0a8f37705af8556c89128d9fe9911de8a421877e920746_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:91606367539bd6d36ad256a49a14f94eb534de2ad28e894d18288d97612fda7c_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d287d7b9594acfc6c2a49e9734c4699a7f641a24c136af2a984ce91ea2c3bdb1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:fe7eac5ba8577d0f36408c3f8be773c4e95ef57ded868a47cf80f669c51dca98_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:064b805df36b0ce427e9aa04177bce9334b1f691f2d3f15e469b9b969ce34bd4_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:3a2e53f6ac97df7e08ea40464916bbb50edb2bbfd5623b1037a04a8cd7f80ee6_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:d19e8224bbbc5b8a5c4c4ce7e3f7406d93c7e8de87de638f20cd806bcb8049c0_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:f31fe74f9dfb4a181358d4513573690c60fee2b3658472269239189374636a11_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2389970"
}
],
"notes": [
{
"category": "description",
"text": "taffydb npm module, vulnerable in all versions up to and including 2.7.3, allows attackers to forge adding additional properties into user-input processed by taffy which can allow access to any data items in the DB. taffy sets an internal index for each data item in its DB. However, it is found that the internal index can be forged by adding additional properties into user-input. If index is found in the query, taffyDB will ignore other query conditions and directly return the indexed data item. Moreover, the internal index is in an easily-guessable format (e.g., T000002R000001). As such, attackers can use this vulnerability to access any data items in the DB.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "taffy: taffydb: Internal Property Tampering",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:2325f237ab329cb3f1d3db4da40ed19f68d6daa2a5902c71be3f0d3cfcadd503_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:bf39728adabe9f4c9b50eed0af81d3524ed655718a0e3f86fa1f77aa6ccdb4d2_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c571ca5630d65b34f08776d61f6be269a5e819dd870a99530993adc50c19e43e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:ecd314ed5a994812d976dbccf0d3c4db54fadf5c1cba46d1fa0b2f0a1fd0e921_ppc64le"
],
"known_not_affected": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:1dc2620596822eb28fb997bc51ad2ecb352011e63f4c54fb650bc3e4c8009c4e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:25ba51881b0dbabd2911ec309a1aa881cfb8075605a6d50dac63751482a55d62_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b219c4478e43d68d1a3f2bb9aa0ec16cd30d11587d48ab5952ac09b03771c396_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:eca201d07c2a36e80e38d331ac5daf176ae85b6f36884bb6cb22df27dc14eb63_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5eb26c2ee619ea24d5fa836b1d34e18fcaf83ce5202f9cb5e57adc4c1860cedb_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:72e2a67c8f707d8c4c0657b2d69e47e3d426db857e8270330fcff59f7145f362_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:ad1d4a09a47b2770be8feffed6cf0b8da2305b0472515ebbb08ebda65d608e79_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f00d96629947fa7b290d75ed751bc3e6a514cee8545307f1685d05662b3257cb_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:60f49f5b8bf2a681ee8fc8b5cd1351f70c1fe9a0052b4ec4806f6f5e996c14ad_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9ed8cbcf7d72efc99c619dbebb4f0dc548ac574d76f321efd5bc077ab35051c7_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:e856a58e6720d1fb05988d53f5b5868f10407551f8dfffd8b27e30d683b79920_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:edb5ff30f3984733c7c778e06a05fedf562790e9b2baf7f91f23b84e3db1228f_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:224d90fd4efbf139fa0a8f37705af8556c89128d9fe9911de8a421877e920746_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:91606367539bd6d36ad256a49a14f94eb534de2ad28e894d18288d97612fda7c_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d287d7b9594acfc6c2a49e9734c4699a7f641a24c136af2a984ce91ea2c3bdb1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:fe7eac5ba8577d0f36408c3f8be773c4e95ef57ded868a47cf80f669c51dca98_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:064b805df36b0ce427e9aa04177bce9334b1f691f2d3f15e469b9b969ce34bd4_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:3a2e53f6ac97df7e08ea40464916bbb50edb2bbfd5623b1037a04a8cd7f80ee6_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:d19e8224bbbc5b8a5c4c4ce7e3f7406d93c7e8de87de638f20cd806bcb8049c0_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:f31fe74f9dfb4a181358d4513573690c60fee2b3658472269239189374636a11_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-10790"
},
{
"category": "external",
"summary": "RHBZ#2389970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2389970"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-10790",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10790"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10790",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10790"
},
{
"category": "external",
"summary": "https://security.snyk.io/vuln/SNYK-JS-TAFFYDB-2992450",
"url": "https://security.snyk.io/vuln/SNYK-JS-TAFFYDB-2992450"
},
{
"category": "external",
"summary": "https://snyk.io/vuln/SNYK-JS-TAFFY-546521",
"url": "https://snyk.io/vuln/SNYK-JS-TAFFY-546521"
},
{
"category": "external",
"summary": "https://www.usenix.org/system/files/sec21-xiao.pdf",
"url": "https://www.usenix.org/system/files/sec21-xiao.pdf"
}
],
"release_date": "2020-02-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T12:56:05+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:2325f237ab329cb3f1d3db4da40ed19f68d6daa2a5902c71be3f0d3cfcadd503_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:bf39728adabe9f4c9b50eed0af81d3524ed655718a0e3f86fa1f77aa6ccdb4d2_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c571ca5630d65b34f08776d61f6be269a5e819dd870a99530993adc50c19e43e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:ecd314ed5a994812d976dbccf0d3c4db54fadf5c1cba46d1fa0b2f0a1fd0e921_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2737"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:1dc2620596822eb28fb997bc51ad2ecb352011e63f4c54fb650bc3e4c8009c4e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:25ba51881b0dbabd2911ec309a1aa881cfb8075605a6d50dac63751482a55d62_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b219c4478e43d68d1a3f2bb9aa0ec16cd30d11587d48ab5952ac09b03771c396_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:eca201d07c2a36e80e38d331ac5daf176ae85b6f36884bb6cb22df27dc14eb63_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5eb26c2ee619ea24d5fa836b1d34e18fcaf83ce5202f9cb5e57adc4c1860cedb_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:72e2a67c8f707d8c4c0657b2d69e47e3d426db857e8270330fcff59f7145f362_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:ad1d4a09a47b2770be8feffed6cf0b8da2305b0472515ebbb08ebda65d608e79_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f00d96629947fa7b290d75ed751bc3e6a514cee8545307f1685d05662b3257cb_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:2325f237ab329cb3f1d3db4da40ed19f68d6daa2a5902c71be3f0d3cfcadd503_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:bf39728adabe9f4c9b50eed0af81d3524ed655718a0e3f86fa1f77aa6ccdb4d2_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c571ca5630d65b34f08776d61f6be269a5e819dd870a99530993adc50c19e43e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:ecd314ed5a994812d976dbccf0d3c4db54fadf5c1cba46d1fa0b2f0a1fd0e921_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:60f49f5b8bf2a681ee8fc8b5cd1351f70c1fe9a0052b4ec4806f6f5e996c14ad_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9ed8cbcf7d72efc99c619dbebb4f0dc548ac574d76f321efd5bc077ab35051c7_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:e856a58e6720d1fb05988d53f5b5868f10407551f8dfffd8b27e30d683b79920_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:edb5ff30f3984733c7c778e06a05fedf562790e9b2baf7f91f23b84e3db1228f_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:224d90fd4efbf139fa0a8f37705af8556c89128d9fe9911de8a421877e920746_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:91606367539bd6d36ad256a49a14f94eb534de2ad28e894d18288d97612fda7c_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d287d7b9594acfc6c2a49e9734c4699a7f641a24c136af2a984ce91ea2c3bdb1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:fe7eac5ba8577d0f36408c3f8be773c4e95ef57ded868a47cf80f669c51dca98_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:064b805df36b0ce427e9aa04177bce9334b1f691f2d3f15e469b9b969ce34bd4_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:3a2e53f6ac97df7e08ea40464916bbb50edb2bbfd5623b1037a04a8cd7f80ee6_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:d19e8224bbbc5b8a5c4c4ce7e3f7406d93c7e8de87de638f20cd806bcb8049c0_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:f31fe74f9dfb4a181358d4513573690c60fee2b3658472269239189374636a11_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "taffy: taffydb: Internal Property Tampering"
},
{
"cve": "CVE-2021-23358",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2021-03-29T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5eb26c2ee619ea24d5fa836b1d34e18fcaf83ce5202f9cb5e57adc4c1860cedb_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:72e2a67c8f707d8c4c0657b2d69e47e3d426db857e8270330fcff59f7145f362_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:ad1d4a09a47b2770be8feffed6cf0b8da2305b0472515ebbb08ebda65d608e79_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f00d96629947fa7b290d75ed751bc3e6a514cee8545307f1685d05662b3257cb_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:2325f237ab329cb3f1d3db4da40ed19f68d6daa2a5902c71be3f0d3cfcadd503_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:bf39728adabe9f4c9b50eed0af81d3524ed655718a0e3f86fa1f77aa6ccdb4d2_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c571ca5630d65b34f08776d61f6be269a5e819dd870a99530993adc50c19e43e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:ecd314ed5a994812d976dbccf0d3c4db54fadf5c1cba46d1fa0b2f0a1fd0e921_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:60f49f5b8bf2a681ee8fc8b5cd1351f70c1fe9a0052b4ec4806f6f5e996c14ad_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9ed8cbcf7d72efc99c619dbebb4f0dc548ac574d76f321efd5bc077ab35051c7_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:e856a58e6720d1fb05988d53f5b5868f10407551f8dfffd8b27e30d683b79920_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:edb5ff30f3984733c7c778e06a05fedf562790e9b2baf7f91f23b84e3db1228f_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:224d90fd4efbf139fa0a8f37705af8556c89128d9fe9911de8a421877e920746_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:91606367539bd6d36ad256a49a14f94eb534de2ad28e894d18288d97612fda7c_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d287d7b9594acfc6c2a49e9734c4699a7f641a24c136af2a984ce91ea2c3bdb1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:fe7eac5ba8577d0f36408c3f8be773c4e95ef57ded868a47cf80f669c51dca98_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:064b805df36b0ce427e9aa04177bce9334b1f691f2d3f15e469b9b969ce34bd4_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:3a2e53f6ac97df7e08ea40464916bbb50edb2bbfd5623b1037a04a8cd7f80ee6_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:d19e8224bbbc5b8a5c4c4ce7e3f7406d93c7e8de87de638f20cd806bcb8049c0_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:f31fe74f9dfb4a181358d4513573690c60fee2b3658472269239189374636a11_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1944286"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in nodejs-underscore. Arbitrary code execution via the template function is possible, particularly when a variable property is passed as an argument as it is not sanitized. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-underscore: Arbitrary code execution via the template function",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Whilst the OpenShift Container Platform (OCP) openshift4/ose-grafana and openshift3/grafana as well as console, grc-ui and search-ui containers for Red Hat Advanced Management for Kubernetes (RHACM) include the vulnerable underscore library, the access to it is protected by OpenShift OAuth. Additionally this library is used in openshift4/ose-grafana container only in Grafana End-to-End Test package. Therefore the impact by this flaw is reduced to Low and the affected OCP components are marked as \"will not fix\" at this time and to Moderate for the affected RHACM components. This might be fixed in a future release.\n\nRed Hat Enterprise Virtualization includes the vulnerable underscore library, however it is not parsing any untrusted data, therefore impact is reduced to Low.\n\nBelow Red Hat products include the underscore dependency, but it is not used by the product and hence this issue has been rated as having a security impact of Low.\n\n* Red Hat Quay\n* Red Hat Gluster Storage 3\n* Red Hat OpenShift Container Storage 4\n* Red Hat Ceph Storage 3 and 4",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:1dc2620596822eb28fb997bc51ad2ecb352011e63f4c54fb650bc3e4c8009c4e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:25ba51881b0dbabd2911ec309a1aa881cfb8075605a6d50dac63751482a55d62_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b219c4478e43d68d1a3f2bb9aa0ec16cd30d11587d48ab5952ac09b03771c396_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:eca201d07c2a36e80e38d331ac5daf176ae85b6f36884bb6cb22df27dc14eb63_ppc64le"
],
"known_not_affected": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5eb26c2ee619ea24d5fa836b1d34e18fcaf83ce5202f9cb5e57adc4c1860cedb_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:72e2a67c8f707d8c4c0657b2d69e47e3d426db857e8270330fcff59f7145f362_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:ad1d4a09a47b2770be8feffed6cf0b8da2305b0472515ebbb08ebda65d608e79_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f00d96629947fa7b290d75ed751bc3e6a514cee8545307f1685d05662b3257cb_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:2325f237ab329cb3f1d3db4da40ed19f68d6daa2a5902c71be3f0d3cfcadd503_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:bf39728adabe9f4c9b50eed0af81d3524ed655718a0e3f86fa1f77aa6ccdb4d2_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c571ca5630d65b34f08776d61f6be269a5e819dd870a99530993adc50c19e43e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:ecd314ed5a994812d976dbccf0d3c4db54fadf5c1cba46d1fa0b2f0a1fd0e921_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:60f49f5b8bf2a681ee8fc8b5cd1351f70c1fe9a0052b4ec4806f6f5e996c14ad_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9ed8cbcf7d72efc99c619dbebb4f0dc548ac574d76f321efd5bc077ab35051c7_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:e856a58e6720d1fb05988d53f5b5868f10407551f8dfffd8b27e30d683b79920_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:edb5ff30f3984733c7c778e06a05fedf562790e9b2baf7f91f23b84e3db1228f_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:224d90fd4efbf139fa0a8f37705af8556c89128d9fe9911de8a421877e920746_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:91606367539bd6d36ad256a49a14f94eb534de2ad28e894d18288d97612fda7c_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d287d7b9594acfc6c2a49e9734c4699a7f641a24c136af2a984ce91ea2c3bdb1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:fe7eac5ba8577d0f36408c3f8be773c4e95ef57ded868a47cf80f669c51dca98_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:064b805df36b0ce427e9aa04177bce9334b1f691f2d3f15e469b9b969ce34bd4_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:3a2e53f6ac97df7e08ea40464916bbb50edb2bbfd5623b1037a04a8cd7f80ee6_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:d19e8224bbbc5b8a5c4c4ce7e3f7406d93c7e8de87de638f20cd806bcb8049c0_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:f31fe74f9dfb4a181358d4513573690c60fee2b3658472269239189374636a11_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-23358"
},
{
"category": "external",
"summary": "RHBZ#1944286",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1944286"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-23358",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23358"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-23358",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-23358"
}
],
"release_date": "2021-03-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T12:56:05+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:1dc2620596822eb28fb997bc51ad2ecb352011e63f4c54fb650bc3e4c8009c4e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:25ba51881b0dbabd2911ec309a1aa881cfb8075605a6d50dac63751482a55d62_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b219c4478e43d68d1a3f2bb9aa0ec16cd30d11587d48ab5952ac09b03771c396_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:eca201d07c2a36e80e38d331ac5daf176ae85b6f36884bb6cb22df27dc14eb63_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2737"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:1dc2620596822eb28fb997bc51ad2ecb352011e63f4c54fb650bc3e4c8009c4e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:25ba51881b0dbabd2911ec309a1aa881cfb8075605a6d50dac63751482a55d62_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b219c4478e43d68d1a3f2bb9aa0ec16cd30d11587d48ab5952ac09b03771c396_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:eca201d07c2a36e80e38d331ac5daf176ae85b6f36884bb6cb22df27dc14eb63_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5eb26c2ee619ea24d5fa836b1d34e18fcaf83ce5202f9cb5e57adc4c1860cedb_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:72e2a67c8f707d8c4c0657b2d69e47e3d426db857e8270330fcff59f7145f362_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:ad1d4a09a47b2770be8feffed6cf0b8da2305b0472515ebbb08ebda65d608e79_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f00d96629947fa7b290d75ed751bc3e6a514cee8545307f1685d05662b3257cb_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:2325f237ab329cb3f1d3db4da40ed19f68d6daa2a5902c71be3f0d3cfcadd503_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:bf39728adabe9f4c9b50eed0af81d3524ed655718a0e3f86fa1f77aa6ccdb4d2_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c571ca5630d65b34f08776d61f6be269a5e819dd870a99530993adc50c19e43e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:ecd314ed5a994812d976dbccf0d3c4db54fadf5c1cba46d1fa0b2f0a1fd0e921_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:60f49f5b8bf2a681ee8fc8b5cd1351f70c1fe9a0052b4ec4806f6f5e996c14ad_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9ed8cbcf7d72efc99c619dbebb4f0dc548ac574d76f321efd5bc077ab35051c7_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:e856a58e6720d1fb05988d53f5b5868f10407551f8dfffd8b27e30d683b79920_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:edb5ff30f3984733c7c778e06a05fedf562790e9b2baf7f91f23b84e3db1228f_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:224d90fd4efbf139fa0a8f37705af8556c89128d9fe9911de8a421877e920746_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:91606367539bd6d36ad256a49a14f94eb534de2ad28e894d18288d97612fda7c_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d287d7b9594acfc6c2a49e9734c4699a7f641a24c136af2a984ce91ea2c3bdb1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:fe7eac5ba8577d0f36408c3f8be773c4e95ef57ded868a47cf80f669c51dca98_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:064b805df36b0ce427e9aa04177bce9334b1f691f2d3f15e469b9b969ce34bd4_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:3a2e53f6ac97df7e08ea40464916bbb50edb2bbfd5623b1037a04a8cd7f80ee6_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:d19e8224bbbc5b8a5c4c4ce7e3f7406d93c7e8de87de638f20cd806bcb8049c0_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:f31fe74f9dfb4a181358d4513573690c60fee2b3658472269239189374636a11_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "nodejs-underscore: Arbitrary code execution via the template function"
},
{
"cve": "CVE-2022-34749",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2022-07-29T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:1dc2620596822eb28fb997bc51ad2ecb352011e63f4c54fb650bc3e4c8009c4e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:25ba51881b0dbabd2911ec309a1aa881cfb8075605a6d50dac63751482a55d62_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b219c4478e43d68d1a3f2bb9aa0ec16cd30d11587d48ab5952ac09b03771c396_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:eca201d07c2a36e80e38d331ac5daf176ae85b6f36884bb6cb22df27dc14eb63_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5eb26c2ee619ea24d5fa836b1d34e18fcaf83ce5202f9cb5e57adc4c1860cedb_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:72e2a67c8f707d8c4c0657b2d69e47e3d426db857e8270330fcff59f7145f362_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:ad1d4a09a47b2770be8feffed6cf0b8da2305b0472515ebbb08ebda65d608e79_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f00d96629947fa7b290d75ed751bc3e6a514cee8545307f1685d05662b3257cb_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:60f49f5b8bf2a681ee8fc8b5cd1351f70c1fe9a0052b4ec4806f6f5e996c14ad_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9ed8cbcf7d72efc99c619dbebb4f0dc548ac574d76f321efd5bc077ab35051c7_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:e856a58e6720d1fb05988d53f5b5868f10407551f8dfffd8b27e30d683b79920_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:edb5ff30f3984733c7c778e06a05fedf562790e9b2baf7f91f23b84e3db1228f_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:224d90fd4efbf139fa0a8f37705af8556c89128d9fe9911de8a421877e920746_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:91606367539bd6d36ad256a49a14f94eb534de2ad28e894d18288d97612fda7c_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d287d7b9594acfc6c2a49e9734c4699a7f641a24c136af2a984ce91ea2c3bdb1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:fe7eac5ba8577d0f36408c3f8be773c4e95ef57ded868a47cf80f669c51dca98_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:064b805df36b0ce427e9aa04177bce9334b1f691f2d3f15e469b9b969ce34bd4_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:3a2e53f6ac97df7e08ea40464916bbb50edb2bbfd5623b1037a04a8cd7f80ee6_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:d19e8224bbbc5b8a5c4c4ce7e3f7406d93c7e8de87de638f20cd806bcb8049c0_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:f31fe74f9dfb4a181358d4513573690c60fee2b3658472269239189374636a11_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2112230"
}
],
"notes": [
{
"category": "description",
"text": "A regular expression denial of service (ReDoS) flaw was found in the asteris emphasis regular expression implementation in Mistune. By sending specially-crafted regex input, a remote attacker could invoke a catastrophic backtrack, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mistune: catastrophic backtracking",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:2325f237ab329cb3f1d3db4da40ed19f68d6daa2a5902c71be3f0d3cfcadd503_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:bf39728adabe9f4c9b50eed0af81d3524ed655718a0e3f86fa1f77aa6ccdb4d2_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c571ca5630d65b34f08776d61f6be269a5e819dd870a99530993adc50c19e43e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:ecd314ed5a994812d976dbccf0d3c4db54fadf5c1cba46d1fa0b2f0a1fd0e921_ppc64le"
],
"known_not_affected": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:1dc2620596822eb28fb997bc51ad2ecb352011e63f4c54fb650bc3e4c8009c4e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:25ba51881b0dbabd2911ec309a1aa881cfb8075605a6d50dac63751482a55d62_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b219c4478e43d68d1a3f2bb9aa0ec16cd30d11587d48ab5952ac09b03771c396_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:eca201d07c2a36e80e38d331ac5daf176ae85b6f36884bb6cb22df27dc14eb63_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5eb26c2ee619ea24d5fa836b1d34e18fcaf83ce5202f9cb5e57adc4c1860cedb_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:72e2a67c8f707d8c4c0657b2d69e47e3d426db857e8270330fcff59f7145f362_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:ad1d4a09a47b2770be8feffed6cf0b8da2305b0472515ebbb08ebda65d608e79_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f00d96629947fa7b290d75ed751bc3e6a514cee8545307f1685d05662b3257cb_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:60f49f5b8bf2a681ee8fc8b5cd1351f70c1fe9a0052b4ec4806f6f5e996c14ad_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9ed8cbcf7d72efc99c619dbebb4f0dc548ac574d76f321efd5bc077ab35051c7_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:e856a58e6720d1fb05988d53f5b5868f10407551f8dfffd8b27e30d683b79920_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:edb5ff30f3984733c7c778e06a05fedf562790e9b2baf7f91f23b84e3db1228f_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:224d90fd4efbf139fa0a8f37705af8556c89128d9fe9911de8a421877e920746_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:91606367539bd6d36ad256a49a14f94eb534de2ad28e894d18288d97612fda7c_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d287d7b9594acfc6c2a49e9734c4699a7f641a24c136af2a984ce91ea2c3bdb1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:fe7eac5ba8577d0f36408c3f8be773c4e95ef57ded868a47cf80f669c51dca98_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:064b805df36b0ce427e9aa04177bce9334b1f691f2d3f15e469b9b969ce34bd4_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:3a2e53f6ac97df7e08ea40464916bbb50edb2bbfd5623b1037a04a8cd7f80ee6_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:d19e8224bbbc5b8a5c4c4ce7e3f7406d93c7e8de87de638f20cd806bcb8049c0_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:f31fe74f9dfb4a181358d4513573690c60fee2b3658472269239189374636a11_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2022-34749"
},
{
"category": "external",
"summary": "RHBZ#2112230",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2112230"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2022-34749",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34749"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-34749",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-34749"
},
{
"category": "external",
"summary": "https://github.com/lepture/mistune/commit/a6d43215132fe4f3d93f8d7e90ba83b16a0838b2",
"url": "https://github.com/lepture/mistune/commit/a6d43215132fe4f3d93f8d7e90ba83b16a0838b2"
}
],
"release_date": "2022-07-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T12:56:05+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:2325f237ab329cb3f1d3db4da40ed19f68d6daa2a5902c71be3f0d3cfcadd503_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:bf39728adabe9f4c9b50eed0af81d3524ed655718a0e3f86fa1f77aa6ccdb4d2_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c571ca5630d65b34f08776d61f6be269a5e819dd870a99530993adc50c19e43e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:ecd314ed5a994812d976dbccf0d3c4db54fadf5c1cba46d1fa0b2f0a1fd0e921_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2737"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:1dc2620596822eb28fb997bc51ad2ecb352011e63f4c54fb650bc3e4c8009c4e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:25ba51881b0dbabd2911ec309a1aa881cfb8075605a6d50dac63751482a55d62_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b219c4478e43d68d1a3f2bb9aa0ec16cd30d11587d48ab5952ac09b03771c396_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:eca201d07c2a36e80e38d331ac5daf176ae85b6f36884bb6cb22df27dc14eb63_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5eb26c2ee619ea24d5fa836b1d34e18fcaf83ce5202f9cb5e57adc4c1860cedb_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:72e2a67c8f707d8c4c0657b2d69e47e3d426db857e8270330fcff59f7145f362_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:ad1d4a09a47b2770be8feffed6cf0b8da2305b0472515ebbb08ebda65d608e79_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f00d96629947fa7b290d75ed751bc3e6a514cee8545307f1685d05662b3257cb_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:2325f237ab329cb3f1d3db4da40ed19f68d6daa2a5902c71be3f0d3cfcadd503_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:bf39728adabe9f4c9b50eed0af81d3524ed655718a0e3f86fa1f77aa6ccdb4d2_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c571ca5630d65b34f08776d61f6be269a5e819dd870a99530993adc50c19e43e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:ecd314ed5a994812d976dbccf0d3c4db54fadf5c1cba46d1fa0b2f0a1fd0e921_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:60f49f5b8bf2a681ee8fc8b5cd1351f70c1fe9a0052b4ec4806f6f5e996c14ad_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9ed8cbcf7d72efc99c619dbebb4f0dc548ac574d76f321efd5bc077ab35051c7_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:e856a58e6720d1fb05988d53f5b5868f10407551f8dfffd8b27e30d683b79920_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:edb5ff30f3984733c7c778e06a05fedf562790e9b2baf7f91f23b84e3db1228f_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:224d90fd4efbf139fa0a8f37705af8556c89128d9fe9911de8a421877e920746_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:91606367539bd6d36ad256a49a14f94eb534de2ad28e894d18288d97612fda7c_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d287d7b9594acfc6c2a49e9734c4699a7f641a24c136af2a984ce91ea2c3bdb1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:fe7eac5ba8577d0f36408c3f8be773c4e95ef57ded868a47cf80f669c51dca98_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:064b805df36b0ce427e9aa04177bce9334b1f691f2d3f15e469b9b969ce34bd4_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:3a2e53f6ac97df7e08ea40464916bbb50edb2bbfd5623b1037a04a8cd7f80ee6_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:d19e8224bbbc5b8a5c4c4ce7e3f7406d93c7e8de87de638f20cd806bcb8049c0_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:f31fe74f9dfb4a181358d4513573690c60fee2b3658472269239189374636a11_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "mistune: catastrophic backtracking"
},
{
"acknowledgments": [
{
"names": [
"Martin Schobert"
]
}
],
"cve": "CVE-2024-31884",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2025-08-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:1dc2620596822eb28fb997bc51ad2ecb352011e63f4c54fb650bc3e4c8009c4e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:25ba51881b0dbabd2911ec309a1aa881cfb8075605a6d50dac63751482a55d62_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b219c4478e43d68d1a3f2bb9aa0ec16cd30d11587d48ab5952ac09b03771c396_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:eca201d07c2a36e80e38d331ac5daf176ae85b6f36884bb6cb22df27dc14eb63_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5eb26c2ee619ea24d5fa836b1d34e18fcaf83ce5202f9cb5e57adc4c1860cedb_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:72e2a67c8f707d8c4c0657b2d69e47e3d426db857e8270330fcff59f7145f362_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:ad1d4a09a47b2770be8feffed6cf0b8da2305b0472515ebbb08ebda65d608e79_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f00d96629947fa7b290d75ed751bc3e6a514cee8545307f1685d05662b3257cb_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:60f49f5b8bf2a681ee8fc8b5cd1351f70c1fe9a0052b4ec4806f6f5e996c14ad_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9ed8cbcf7d72efc99c619dbebb4f0dc548ac574d76f321efd5bc077ab35051c7_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:e856a58e6720d1fb05988d53f5b5868f10407551f8dfffd8b27e30d683b79920_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:edb5ff30f3984733c7c778e06a05fedf562790e9b2baf7f91f23b84e3db1228f_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:224d90fd4efbf139fa0a8f37705af8556c89128d9fe9911de8a421877e920746_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:91606367539bd6d36ad256a49a14f94eb534de2ad28e894d18288d97612fda7c_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d287d7b9594acfc6c2a49e9734c4699a7f641a24c136af2a984ce91ea2c3bdb1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:fe7eac5ba8577d0f36408c3f8be773c4e95ef57ded868a47cf80f669c51dca98_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:064b805df36b0ce427e9aa04177bce9334b1f691f2d3f15e469b9b969ce34bd4_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:3a2e53f6ac97df7e08ea40464916bbb50edb2bbfd5623b1037a04a8cd7f80ee6_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:d19e8224bbbc5b8a5c4c4ce7e3f7406d93c7e8de87de638f20cd806bcb8049c0_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:f31fe74f9dfb4a181358d4513573690c60fee2b3658472269239189374636a11_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2389907"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Ceph. An attacker can allow Ceph to accept any certificate because no certificate context is passed via Pybind to the constructors imaplib.IMAP4_SSL or smtplib.SMTP_SSL. As a result, pybind pybind does not check the server\u0027s X.509\n\ncertificate, instead accepting any certificate. This enables an attacker to commit a Man In the Middle (MITM) attack, compromising mail server credentials or mail contents",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pybind: Improper use of Pybind",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:2325f237ab329cb3f1d3db4da40ed19f68d6daa2a5902c71be3f0d3cfcadd503_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:bf39728adabe9f4c9b50eed0af81d3524ed655718a0e3f86fa1f77aa6ccdb4d2_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c571ca5630d65b34f08776d61f6be269a5e819dd870a99530993adc50c19e43e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:ecd314ed5a994812d976dbccf0d3c4db54fadf5c1cba46d1fa0b2f0a1fd0e921_ppc64le"
],
"known_not_affected": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:1dc2620596822eb28fb997bc51ad2ecb352011e63f4c54fb650bc3e4c8009c4e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:25ba51881b0dbabd2911ec309a1aa881cfb8075605a6d50dac63751482a55d62_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b219c4478e43d68d1a3f2bb9aa0ec16cd30d11587d48ab5952ac09b03771c396_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:eca201d07c2a36e80e38d331ac5daf176ae85b6f36884bb6cb22df27dc14eb63_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5eb26c2ee619ea24d5fa836b1d34e18fcaf83ce5202f9cb5e57adc4c1860cedb_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:72e2a67c8f707d8c4c0657b2d69e47e3d426db857e8270330fcff59f7145f362_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:ad1d4a09a47b2770be8feffed6cf0b8da2305b0472515ebbb08ebda65d608e79_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f00d96629947fa7b290d75ed751bc3e6a514cee8545307f1685d05662b3257cb_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:60f49f5b8bf2a681ee8fc8b5cd1351f70c1fe9a0052b4ec4806f6f5e996c14ad_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9ed8cbcf7d72efc99c619dbebb4f0dc548ac574d76f321efd5bc077ab35051c7_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:e856a58e6720d1fb05988d53f5b5868f10407551f8dfffd8b27e30d683b79920_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:edb5ff30f3984733c7c778e06a05fedf562790e9b2baf7f91f23b84e3db1228f_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:224d90fd4efbf139fa0a8f37705af8556c89128d9fe9911de8a421877e920746_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:91606367539bd6d36ad256a49a14f94eb534de2ad28e894d18288d97612fda7c_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d287d7b9594acfc6c2a49e9734c4699a7f641a24c136af2a984ce91ea2c3bdb1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:fe7eac5ba8577d0f36408c3f8be773c4e95ef57ded868a47cf80f669c51dca98_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:064b805df36b0ce427e9aa04177bce9334b1f691f2d3f15e469b9b969ce34bd4_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:3a2e53f6ac97df7e08ea40464916bbb50edb2bbfd5623b1037a04a8cd7f80ee6_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:d19e8224bbbc5b8a5c4c4ce7e3f7406d93c7e8de87de638f20cd806bcb8049c0_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:f31fe74f9dfb4a181358d4513573690c60fee2b3658472269239189374636a11_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-31884"
},
{
"category": "external",
"summary": "RHBZ#2389907",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2389907"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-31884",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-31884"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-31884",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-31884"
}
],
"release_date": "2026-01-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T12:56:05+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:2325f237ab329cb3f1d3db4da40ed19f68d6daa2a5902c71be3f0d3cfcadd503_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:bf39728adabe9f4c9b50eed0af81d3524ed655718a0e3f86fa1f77aa6ccdb4d2_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c571ca5630d65b34f08776d61f6be269a5e819dd870a99530993adc50c19e43e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:ecd314ed5a994812d976dbccf0d3c4db54fadf5c1cba46d1fa0b2f0a1fd0e921_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2737"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:1dc2620596822eb28fb997bc51ad2ecb352011e63f4c54fb650bc3e4c8009c4e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:25ba51881b0dbabd2911ec309a1aa881cfb8075605a6d50dac63751482a55d62_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b219c4478e43d68d1a3f2bb9aa0ec16cd30d11587d48ab5952ac09b03771c396_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:eca201d07c2a36e80e38d331ac5daf176ae85b6f36884bb6cb22df27dc14eb63_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5eb26c2ee619ea24d5fa836b1d34e18fcaf83ce5202f9cb5e57adc4c1860cedb_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:72e2a67c8f707d8c4c0657b2d69e47e3d426db857e8270330fcff59f7145f362_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:ad1d4a09a47b2770be8feffed6cf0b8da2305b0472515ebbb08ebda65d608e79_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f00d96629947fa7b290d75ed751bc3e6a514cee8545307f1685d05662b3257cb_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:2325f237ab329cb3f1d3db4da40ed19f68d6daa2a5902c71be3f0d3cfcadd503_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:bf39728adabe9f4c9b50eed0af81d3524ed655718a0e3f86fa1f77aa6ccdb4d2_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c571ca5630d65b34f08776d61f6be269a5e819dd870a99530993adc50c19e43e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:ecd314ed5a994812d976dbccf0d3c4db54fadf5c1cba46d1fa0b2f0a1fd0e921_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:60f49f5b8bf2a681ee8fc8b5cd1351f70c1fe9a0052b4ec4806f6f5e996c14ad_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9ed8cbcf7d72efc99c619dbebb4f0dc548ac574d76f321efd5bc077ab35051c7_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:e856a58e6720d1fb05988d53f5b5868f10407551f8dfffd8b27e30d683b79920_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:edb5ff30f3984733c7c778e06a05fedf562790e9b2baf7f91f23b84e3db1228f_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:224d90fd4efbf139fa0a8f37705af8556c89128d9fe9911de8a421877e920746_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:91606367539bd6d36ad256a49a14f94eb534de2ad28e894d18288d97612fda7c_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d287d7b9594acfc6c2a49e9734c4699a7f641a24c136af2a984ce91ea2c3bdb1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:fe7eac5ba8577d0f36408c3f8be773c4e95ef57ded868a47cf80f669c51dca98_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:064b805df36b0ce427e9aa04177bce9334b1f691f2d3f15e469b9b969ce34bd4_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:3a2e53f6ac97df7e08ea40464916bbb50edb2bbfd5623b1037a04a8cd7f80ee6_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:d19e8224bbbc5b8a5c4c4ce7e3f7406d93c7e8de87de638f20cd806bcb8049c0_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:f31fe74f9dfb4a181358d4513573690c60fee2b3658472269239189374636a11_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:1dc2620596822eb28fb997bc51ad2ecb352011e63f4c54fb650bc3e4c8009c4e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:25ba51881b0dbabd2911ec309a1aa881cfb8075605a6d50dac63751482a55d62_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b219c4478e43d68d1a3f2bb9aa0ec16cd30d11587d48ab5952ac09b03771c396_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:eca201d07c2a36e80e38d331ac5daf176ae85b6f36884bb6cb22df27dc14eb63_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5eb26c2ee619ea24d5fa836b1d34e18fcaf83ce5202f9cb5e57adc4c1860cedb_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:72e2a67c8f707d8c4c0657b2d69e47e3d426db857e8270330fcff59f7145f362_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:ad1d4a09a47b2770be8feffed6cf0b8da2305b0472515ebbb08ebda65d608e79_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f00d96629947fa7b290d75ed751bc3e6a514cee8545307f1685d05662b3257cb_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:2325f237ab329cb3f1d3db4da40ed19f68d6daa2a5902c71be3f0d3cfcadd503_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:bf39728adabe9f4c9b50eed0af81d3524ed655718a0e3f86fa1f77aa6ccdb4d2_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c571ca5630d65b34f08776d61f6be269a5e819dd870a99530993adc50c19e43e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:ecd314ed5a994812d976dbccf0d3c4db54fadf5c1cba46d1fa0b2f0a1fd0e921_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:60f49f5b8bf2a681ee8fc8b5cd1351f70c1fe9a0052b4ec4806f6f5e996c14ad_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9ed8cbcf7d72efc99c619dbebb4f0dc548ac574d76f321efd5bc077ab35051c7_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:e856a58e6720d1fb05988d53f5b5868f10407551f8dfffd8b27e30d683b79920_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:edb5ff30f3984733c7c778e06a05fedf562790e9b2baf7f91f23b84e3db1228f_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:224d90fd4efbf139fa0a8f37705af8556c89128d9fe9911de8a421877e920746_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:91606367539bd6d36ad256a49a14f94eb534de2ad28e894d18288d97612fda7c_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d287d7b9594acfc6c2a49e9734c4699a7f641a24c136af2a984ce91ea2c3bdb1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:fe7eac5ba8577d0f36408c3f8be773c4e95ef57ded868a47cf80f669c51dca98_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:064b805df36b0ce427e9aa04177bce9334b1f691f2d3f15e469b9b969ce34bd4_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:3a2e53f6ac97df7e08ea40464916bbb50edb2bbfd5623b1037a04a8cd7f80ee6_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:d19e8224bbbc5b8a5c4c4ce7e3f7406d93c7e8de87de638f20cd806bcb8049c0_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:f31fe74f9dfb4a181358d4513573690c60fee2b3658472269239189374636a11_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "pybind: Improper use of Pybind"
},
{
"cve": "CVE-2024-51744",
"cwe": {
"id": "CWE-755",
"name": "Improper Handling of Exceptional Conditions"
},
"discovery_date": "2024-11-04T22:01:08.655905+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5eb26c2ee619ea24d5fa836b1d34e18fcaf83ce5202f9cb5e57adc4c1860cedb_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:72e2a67c8f707d8c4c0657b2d69e47e3d426db857e8270330fcff59f7145f362_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:ad1d4a09a47b2770be8feffed6cf0b8da2305b0472515ebbb08ebda65d608e79_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f00d96629947fa7b290d75ed751bc3e6a514cee8545307f1685d05662b3257cb_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:2325f237ab329cb3f1d3db4da40ed19f68d6daa2a5902c71be3f0d3cfcadd503_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:bf39728adabe9f4c9b50eed0af81d3524ed655718a0e3f86fa1f77aa6ccdb4d2_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c571ca5630d65b34f08776d61f6be269a5e819dd870a99530993adc50c19e43e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:ecd314ed5a994812d976dbccf0d3c4db54fadf5c1cba46d1fa0b2f0a1fd0e921_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:60f49f5b8bf2a681ee8fc8b5cd1351f70c1fe9a0052b4ec4806f6f5e996c14ad_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9ed8cbcf7d72efc99c619dbebb4f0dc548ac574d76f321efd5bc077ab35051c7_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:e856a58e6720d1fb05988d53f5b5868f10407551f8dfffd8b27e30d683b79920_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:edb5ff30f3984733c7c778e06a05fedf562790e9b2baf7f91f23b84e3db1228f_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:224d90fd4efbf139fa0a8f37705af8556c89128d9fe9911de8a421877e920746_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:91606367539bd6d36ad256a49a14f94eb534de2ad28e894d18288d97612fda7c_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d287d7b9594acfc6c2a49e9734c4699a7f641a24c136af2a984ce91ea2c3bdb1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:fe7eac5ba8577d0f36408c3f8be773c4e95ef57ded868a47cf80f669c51dca98_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:064b805df36b0ce427e9aa04177bce9334b1f691f2d3f15e469b9b969ce34bd4_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:3a2e53f6ac97df7e08ea40464916bbb50edb2bbfd5623b1037a04a8cd7f80ee6_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:d19e8224bbbc5b8a5c4c4ce7e3f7406d93c7e8de87de638f20cd806bcb8049c0_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:f31fe74f9dfb4a181358d4513573690c60fee2b3658472269239189374636a11_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2323735"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang-jwt package. Unclear documentation of the error behavior in `ParseWithClaims` can lead to situation where users are not checking errors in the way they should be. Especially, if a token is both expired and invalid, the errors returned by `ParseWithClaims` return both error codes. If users only check for the `jwt.ErrTokenExpired ` using `error.Is`, they can miss the embedded `jwt.ErrTokenSignatureInvalid`, and thus, potentially accept invalid tokens.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang-jwt: Bad documentation of error handling in ParseWithClaims can lead to potentially dangerous situations in golang-jwt",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:1dc2620596822eb28fb997bc51ad2ecb352011e63f4c54fb650bc3e4c8009c4e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:25ba51881b0dbabd2911ec309a1aa881cfb8075605a6d50dac63751482a55d62_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b219c4478e43d68d1a3f2bb9aa0ec16cd30d11587d48ab5952ac09b03771c396_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:eca201d07c2a36e80e38d331ac5daf176ae85b6f36884bb6cb22df27dc14eb63_ppc64le"
],
"known_not_affected": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5eb26c2ee619ea24d5fa836b1d34e18fcaf83ce5202f9cb5e57adc4c1860cedb_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:72e2a67c8f707d8c4c0657b2d69e47e3d426db857e8270330fcff59f7145f362_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:ad1d4a09a47b2770be8feffed6cf0b8da2305b0472515ebbb08ebda65d608e79_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f00d96629947fa7b290d75ed751bc3e6a514cee8545307f1685d05662b3257cb_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:2325f237ab329cb3f1d3db4da40ed19f68d6daa2a5902c71be3f0d3cfcadd503_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:bf39728adabe9f4c9b50eed0af81d3524ed655718a0e3f86fa1f77aa6ccdb4d2_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c571ca5630d65b34f08776d61f6be269a5e819dd870a99530993adc50c19e43e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:ecd314ed5a994812d976dbccf0d3c4db54fadf5c1cba46d1fa0b2f0a1fd0e921_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:60f49f5b8bf2a681ee8fc8b5cd1351f70c1fe9a0052b4ec4806f6f5e996c14ad_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9ed8cbcf7d72efc99c619dbebb4f0dc548ac574d76f321efd5bc077ab35051c7_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:e856a58e6720d1fb05988d53f5b5868f10407551f8dfffd8b27e30d683b79920_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:edb5ff30f3984733c7c778e06a05fedf562790e9b2baf7f91f23b84e3db1228f_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:224d90fd4efbf139fa0a8f37705af8556c89128d9fe9911de8a421877e920746_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:91606367539bd6d36ad256a49a14f94eb534de2ad28e894d18288d97612fda7c_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d287d7b9594acfc6c2a49e9734c4699a7f641a24c136af2a984ce91ea2c3bdb1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:fe7eac5ba8577d0f36408c3f8be773c4e95ef57ded868a47cf80f669c51dca98_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:064b805df36b0ce427e9aa04177bce9334b1f691f2d3f15e469b9b969ce34bd4_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:3a2e53f6ac97df7e08ea40464916bbb50edb2bbfd5623b1037a04a8cd7f80ee6_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:d19e8224bbbc5b8a5c4c4ce7e3f7406d93c7e8de87de638f20cd806bcb8049c0_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:f31fe74f9dfb4a181358d4513573690c60fee2b3658472269239189374636a11_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-51744"
},
{
"category": "external",
"summary": "RHBZ#2323735",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2323735"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-51744",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-51744"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-51744",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-51744"
},
{
"category": "external",
"summary": "https://github.com/golang-jwt/jwt/commit/7b1c1c00a171c6c79bbdb40e4ce7d197060c1c2c",
"url": "https://github.com/golang-jwt/jwt/commit/7b1c1c00a171c6c79bbdb40e4ce7d197060c1c2c"
},
{
"category": "external",
"summary": "https://github.com/golang-jwt/jwt/security/advisories/GHSA-29wx-vh33-7x7r",
"url": "https://github.com/golang-jwt/jwt/security/advisories/GHSA-29wx-vh33-7x7r"
}
],
"release_date": "2024-11-04T21:47:12.170000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T12:56:05+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:1dc2620596822eb28fb997bc51ad2ecb352011e63f4c54fb650bc3e4c8009c4e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:25ba51881b0dbabd2911ec309a1aa881cfb8075605a6d50dac63751482a55d62_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b219c4478e43d68d1a3f2bb9aa0ec16cd30d11587d48ab5952ac09b03771c396_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:eca201d07c2a36e80e38d331ac5daf176ae85b6f36884bb6cb22df27dc14eb63_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2737"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:1dc2620596822eb28fb997bc51ad2ecb352011e63f4c54fb650bc3e4c8009c4e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:25ba51881b0dbabd2911ec309a1aa881cfb8075605a6d50dac63751482a55d62_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b219c4478e43d68d1a3f2bb9aa0ec16cd30d11587d48ab5952ac09b03771c396_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:eca201d07c2a36e80e38d331ac5daf176ae85b6f36884bb6cb22df27dc14eb63_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5eb26c2ee619ea24d5fa836b1d34e18fcaf83ce5202f9cb5e57adc4c1860cedb_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:72e2a67c8f707d8c4c0657b2d69e47e3d426db857e8270330fcff59f7145f362_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:ad1d4a09a47b2770be8feffed6cf0b8da2305b0472515ebbb08ebda65d608e79_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f00d96629947fa7b290d75ed751bc3e6a514cee8545307f1685d05662b3257cb_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:2325f237ab329cb3f1d3db4da40ed19f68d6daa2a5902c71be3f0d3cfcadd503_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:bf39728adabe9f4c9b50eed0af81d3524ed655718a0e3f86fa1f77aa6ccdb4d2_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c571ca5630d65b34f08776d61f6be269a5e819dd870a99530993adc50c19e43e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:ecd314ed5a994812d976dbccf0d3c4db54fadf5c1cba46d1fa0b2f0a1fd0e921_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:60f49f5b8bf2a681ee8fc8b5cd1351f70c1fe9a0052b4ec4806f6f5e996c14ad_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9ed8cbcf7d72efc99c619dbebb4f0dc548ac574d76f321efd5bc077ab35051c7_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:e856a58e6720d1fb05988d53f5b5868f10407551f8dfffd8b27e30d683b79920_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:edb5ff30f3984733c7c778e06a05fedf562790e9b2baf7f91f23b84e3db1228f_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:224d90fd4efbf139fa0a8f37705af8556c89128d9fe9911de8a421877e920746_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:91606367539bd6d36ad256a49a14f94eb534de2ad28e894d18288d97612fda7c_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d287d7b9594acfc6c2a49e9734c4699a7f641a24c136af2a984ce91ea2c3bdb1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:fe7eac5ba8577d0f36408c3f8be773c4e95ef57ded868a47cf80f669c51dca98_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:064b805df36b0ce427e9aa04177bce9334b1f691f2d3f15e469b9b969ce34bd4_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:3a2e53f6ac97df7e08ea40464916bbb50edb2bbfd5623b1037a04a8cd7f80ee6_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:d19e8224bbbc5b8a5c4c4ce7e3f7406d93c7e8de87de638f20cd806bcb8049c0_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:f31fe74f9dfb4a181358d4513573690c60fee2b3658472269239189374636a11_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "golang-jwt: Bad documentation of error handling in ParseWithClaims can lead to potentially dangerous situations in golang-jwt"
},
{
"cve": "CVE-2024-55565",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2024-12-09T02:00:45.255738+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5eb26c2ee619ea24d5fa836b1d34e18fcaf83ce5202f9cb5e57adc4c1860cedb_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:72e2a67c8f707d8c4c0657b2d69e47e3d426db857e8270330fcff59f7145f362_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:ad1d4a09a47b2770be8feffed6cf0b8da2305b0472515ebbb08ebda65d608e79_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f00d96629947fa7b290d75ed751bc3e6a514cee8545307f1685d05662b3257cb_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:2325f237ab329cb3f1d3db4da40ed19f68d6daa2a5902c71be3f0d3cfcadd503_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:bf39728adabe9f4c9b50eed0af81d3524ed655718a0e3f86fa1f77aa6ccdb4d2_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c571ca5630d65b34f08776d61f6be269a5e819dd870a99530993adc50c19e43e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:ecd314ed5a994812d976dbccf0d3c4db54fadf5c1cba46d1fa0b2f0a1fd0e921_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:60f49f5b8bf2a681ee8fc8b5cd1351f70c1fe9a0052b4ec4806f6f5e996c14ad_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9ed8cbcf7d72efc99c619dbebb4f0dc548ac574d76f321efd5bc077ab35051c7_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:e856a58e6720d1fb05988d53f5b5868f10407551f8dfffd8b27e30d683b79920_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:edb5ff30f3984733c7c778e06a05fedf562790e9b2baf7f91f23b84e3db1228f_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:224d90fd4efbf139fa0a8f37705af8556c89128d9fe9911de8a421877e920746_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:91606367539bd6d36ad256a49a14f94eb534de2ad28e894d18288d97612fda7c_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d287d7b9594acfc6c2a49e9734c4699a7f641a24c136af2a984ce91ea2c3bdb1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:fe7eac5ba8577d0f36408c3f8be773c4e95ef57ded868a47cf80f669c51dca98_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:064b805df36b0ce427e9aa04177bce9334b1f691f2d3f15e469b9b969ce34bd4_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:3a2e53f6ac97df7e08ea40464916bbb50edb2bbfd5623b1037a04a8cd7f80ee6_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:d19e8224bbbc5b8a5c4c4ce7e3f7406d93c7e8de87de638f20cd806bcb8049c0_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:f31fe74f9dfb4a181358d4513573690c60fee2b3658472269239189374636a11_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2331063"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in nanoid. Affected versions of nanoid mishandles non-integer values. When nanoid is called with a fractional value, there were a number of undesirable effects:\n\n- In browser and non-secure, the code infinite loops on while (size--)\n- In node, the value of poolOffset becomes fractional, causing calls to nanoid to return zeroes until the pool is next filled: when i is initialized to poolOffset, pool[i] \u0026 63 -\u003e undefined \u0026 63 -\u003e 0\n- If the first call in node is a fractional argument, the initial buffer allocation fails with an error\n\nThe highest impact of this issue system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nanoid: nanoid mishandles non-integer values",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:1dc2620596822eb28fb997bc51ad2ecb352011e63f4c54fb650bc3e4c8009c4e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:25ba51881b0dbabd2911ec309a1aa881cfb8075605a6d50dac63751482a55d62_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b219c4478e43d68d1a3f2bb9aa0ec16cd30d11587d48ab5952ac09b03771c396_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:eca201d07c2a36e80e38d331ac5daf176ae85b6f36884bb6cb22df27dc14eb63_ppc64le"
],
"known_not_affected": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5eb26c2ee619ea24d5fa836b1d34e18fcaf83ce5202f9cb5e57adc4c1860cedb_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:72e2a67c8f707d8c4c0657b2d69e47e3d426db857e8270330fcff59f7145f362_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:ad1d4a09a47b2770be8feffed6cf0b8da2305b0472515ebbb08ebda65d608e79_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f00d96629947fa7b290d75ed751bc3e6a514cee8545307f1685d05662b3257cb_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:2325f237ab329cb3f1d3db4da40ed19f68d6daa2a5902c71be3f0d3cfcadd503_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:bf39728adabe9f4c9b50eed0af81d3524ed655718a0e3f86fa1f77aa6ccdb4d2_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c571ca5630d65b34f08776d61f6be269a5e819dd870a99530993adc50c19e43e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:ecd314ed5a994812d976dbccf0d3c4db54fadf5c1cba46d1fa0b2f0a1fd0e921_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:60f49f5b8bf2a681ee8fc8b5cd1351f70c1fe9a0052b4ec4806f6f5e996c14ad_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9ed8cbcf7d72efc99c619dbebb4f0dc548ac574d76f321efd5bc077ab35051c7_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:e856a58e6720d1fb05988d53f5b5868f10407551f8dfffd8b27e30d683b79920_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:edb5ff30f3984733c7c778e06a05fedf562790e9b2baf7f91f23b84e3db1228f_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:224d90fd4efbf139fa0a8f37705af8556c89128d9fe9911de8a421877e920746_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:91606367539bd6d36ad256a49a14f94eb534de2ad28e894d18288d97612fda7c_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d287d7b9594acfc6c2a49e9734c4699a7f641a24c136af2a984ce91ea2c3bdb1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:fe7eac5ba8577d0f36408c3f8be773c4e95ef57ded868a47cf80f669c51dca98_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:064b805df36b0ce427e9aa04177bce9334b1f691f2d3f15e469b9b969ce34bd4_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:3a2e53f6ac97df7e08ea40464916bbb50edb2bbfd5623b1037a04a8cd7f80ee6_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:d19e8224bbbc5b8a5c4c4ce7e3f7406d93c7e8de87de638f20cd806bcb8049c0_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:f31fe74f9dfb4a181358d4513573690c60fee2b3658472269239189374636a11_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-55565"
},
{
"category": "external",
"summary": "RHBZ#2331063",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331063"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-55565",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-55565"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-55565",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-55565"
},
{
"category": "external",
"summary": "https://github.com/ai/nanoid/compare/3.3.7...3.3.8",
"url": "https://github.com/ai/nanoid/compare/3.3.7...3.3.8"
},
{
"category": "external",
"summary": "https://github.com/ai/nanoid/pull/510",
"url": "https://github.com/ai/nanoid/pull/510"
},
{
"category": "external",
"summary": "https://github.com/ai/nanoid/releases/tag/5.0.9",
"url": "https://github.com/ai/nanoid/releases/tag/5.0.9"
}
],
"release_date": "2024-12-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T12:56:05+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:1dc2620596822eb28fb997bc51ad2ecb352011e63f4c54fb650bc3e4c8009c4e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:25ba51881b0dbabd2911ec309a1aa881cfb8075605a6d50dac63751482a55d62_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b219c4478e43d68d1a3f2bb9aa0ec16cd30d11587d48ab5952ac09b03771c396_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:eca201d07c2a36e80e38d331ac5daf176ae85b6f36884bb6cb22df27dc14eb63_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2737"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:1dc2620596822eb28fb997bc51ad2ecb352011e63f4c54fb650bc3e4c8009c4e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:25ba51881b0dbabd2911ec309a1aa881cfb8075605a6d50dac63751482a55d62_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b219c4478e43d68d1a3f2bb9aa0ec16cd30d11587d48ab5952ac09b03771c396_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:eca201d07c2a36e80e38d331ac5daf176ae85b6f36884bb6cb22df27dc14eb63_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5eb26c2ee619ea24d5fa836b1d34e18fcaf83ce5202f9cb5e57adc4c1860cedb_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:72e2a67c8f707d8c4c0657b2d69e47e3d426db857e8270330fcff59f7145f362_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:ad1d4a09a47b2770be8feffed6cf0b8da2305b0472515ebbb08ebda65d608e79_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f00d96629947fa7b290d75ed751bc3e6a514cee8545307f1685d05662b3257cb_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:2325f237ab329cb3f1d3db4da40ed19f68d6daa2a5902c71be3f0d3cfcadd503_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:bf39728adabe9f4c9b50eed0af81d3524ed655718a0e3f86fa1f77aa6ccdb4d2_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c571ca5630d65b34f08776d61f6be269a5e819dd870a99530993adc50c19e43e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:ecd314ed5a994812d976dbccf0d3c4db54fadf5c1cba46d1fa0b2f0a1fd0e921_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:60f49f5b8bf2a681ee8fc8b5cd1351f70c1fe9a0052b4ec4806f6f5e996c14ad_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9ed8cbcf7d72efc99c619dbebb4f0dc548ac574d76f321efd5bc077ab35051c7_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:e856a58e6720d1fb05988d53f5b5868f10407551f8dfffd8b27e30d683b79920_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:edb5ff30f3984733c7c778e06a05fedf562790e9b2baf7f91f23b84e3db1228f_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:224d90fd4efbf139fa0a8f37705af8556c89128d9fe9911de8a421877e920746_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:91606367539bd6d36ad256a49a14f94eb534de2ad28e894d18288d97612fda7c_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d287d7b9594acfc6c2a49e9734c4699a7f641a24c136af2a984ce91ea2c3bdb1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:fe7eac5ba8577d0f36408c3f8be773c4e95ef57ded868a47cf80f669c51dca98_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:064b805df36b0ce427e9aa04177bce9334b1f691f2d3f15e469b9b969ce34bd4_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:3a2e53f6ac97df7e08ea40464916bbb50edb2bbfd5623b1037a04a8cd7f80ee6_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:d19e8224bbbc5b8a5c4c4ce7e3f7406d93c7e8de87de638f20cd806bcb8049c0_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:f31fe74f9dfb4a181358d4513573690c60fee2b3658472269239189374636a11_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "nanoid: nanoid mishandles non-integer values"
},
{
"cve": "CVE-2025-6176",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2025-10-31T01:00:56.408048+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:1dc2620596822eb28fb997bc51ad2ecb352011e63f4c54fb650bc3e4c8009c4e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:25ba51881b0dbabd2911ec309a1aa881cfb8075605a6d50dac63751482a55d62_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b219c4478e43d68d1a3f2bb9aa0ec16cd30d11587d48ab5952ac09b03771c396_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:eca201d07c2a36e80e38d331ac5daf176ae85b6f36884bb6cb22df27dc14eb63_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5eb26c2ee619ea24d5fa836b1d34e18fcaf83ce5202f9cb5e57adc4c1860cedb_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:72e2a67c8f707d8c4c0657b2d69e47e3d426db857e8270330fcff59f7145f362_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:ad1d4a09a47b2770be8feffed6cf0b8da2305b0472515ebbb08ebda65d608e79_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f00d96629947fa7b290d75ed751bc3e6a514cee8545307f1685d05662b3257cb_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:60f49f5b8bf2a681ee8fc8b5cd1351f70c1fe9a0052b4ec4806f6f5e996c14ad_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9ed8cbcf7d72efc99c619dbebb4f0dc548ac574d76f321efd5bc077ab35051c7_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:e856a58e6720d1fb05988d53f5b5868f10407551f8dfffd8b27e30d683b79920_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:edb5ff30f3984733c7c778e06a05fedf562790e9b2baf7f91f23b84e3db1228f_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:224d90fd4efbf139fa0a8f37705af8556c89128d9fe9911de8a421877e920746_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:91606367539bd6d36ad256a49a14f94eb534de2ad28e894d18288d97612fda7c_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d287d7b9594acfc6c2a49e9734c4699a7f641a24c136af2a984ce91ea2c3bdb1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:fe7eac5ba8577d0f36408c3f8be773c4e95ef57ded868a47cf80f669c51dca98_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:064b805df36b0ce427e9aa04177bce9334b1f691f2d3f15e469b9b969ce34bd4_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:3a2e53f6ac97df7e08ea40464916bbb50edb2bbfd5623b1037a04a8cd7f80ee6_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:d19e8224bbbc5b8a5c4c4ce7e3f7406d93c7e8de87de638f20cd806bcb8049c0_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:f31fe74f9dfb4a181358d4513573690c60fee2b3658472269239189374636a11_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2408762"
}
],
"notes": [
{
"category": "description",
"text": "Scrapy are vulnerable to a denial of service (DoS) attack due to a flaw in its brotli decompression implementation. The protection mechanism against decompression bombs fails to mitigate the brotli variant, allowing remote servers to crash clients with less than 80GB of available memory. This occurs because brotli can achieve extremely high compression ratios for zero-filled data, leading to excessive memory consumption during decompression.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Scrapy: python-scrapy: brotli: Python brotli decompression bomb DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products. The flaw in Scrapy\u0027s brotli decompression implementation allows remote attackers to trigger a denial of service by sending specially crafted brotli-compressed data. This can lead to excessive memory consumption and system instability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:2325f237ab329cb3f1d3db4da40ed19f68d6daa2a5902c71be3f0d3cfcadd503_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:bf39728adabe9f4c9b50eed0af81d3524ed655718a0e3f86fa1f77aa6ccdb4d2_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c571ca5630d65b34f08776d61f6be269a5e819dd870a99530993adc50c19e43e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:ecd314ed5a994812d976dbccf0d3c4db54fadf5c1cba46d1fa0b2f0a1fd0e921_ppc64le"
],
"known_not_affected": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:1dc2620596822eb28fb997bc51ad2ecb352011e63f4c54fb650bc3e4c8009c4e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:25ba51881b0dbabd2911ec309a1aa881cfb8075605a6d50dac63751482a55d62_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b219c4478e43d68d1a3f2bb9aa0ec16cd30d11587d48ab5952ac09b03771c396_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:eca201d07c2a36e80e38d331ac5daf176ae85b6f36884bb6cb22df27dc14eb63_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5eb26c2ee619ea24d5fa836b1d34e18fcaf83ce5202f9cb5e57adc4c1860cedb_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:72e2a67c8f707d8c4c0657b2d69e47e3d426db857e8270330fcff59f7145f362_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:ad1d4a09a47b2770be8feffed6cf0b8da2305b0472515ebbb08ebda65d608e79_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f00d96629947fa7b290d75ed751bc3e6a514cee8545307f1685d05662b3257cb_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:60f49f5b8bf2a681ee8fc8b5cd1351f70c1fe9a0052b4ec4806f6f5e996c14ad_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9ed8cbcf7d72efc99c619dbebb4f0dc548ac574d76f321efd5bc077ab35051c7_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:e856a58e6720d1fb05988d53f5b5868f10407551f8dfffd8b27e30d683b79920_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:edb5ff30f3984733c7c778e06a05fedf562790e9b2baf7f91f23b84e3db1228f_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:224d90fd4efbf139fa0a8f37705af8556c89128d9fe9911de8a421877e920746_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:91606367539bd6d36ad256a49a14f94eb534de2ad28e894d18288d97612fda7c_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d287d7b9594acfc6c2a49e9734c4699a7f641a24c136af2a984ce91ea2c3bdb1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:fe7eac5ba8577d0f36408c3f8be773c4e95ef57ded868a47cf80f669c51dca98_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:064b805df36b0ce427e9aa04177bce9334b1f691f2d3f15e469b9b969ce34bd4_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:3a2e53f6ac97df7e08ea40464916bbb50edb2bbfd5623b1037a04a8cd7f80ee6_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:d19e8224bbbc5b8a5c4c4ce7e3f7406d93c7e8de87de638f20cd806bcb8049c0_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:f31fe74f9dfb4a181358d4513573690c60fee2b3658472269239189374636a11_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6176"
},
{
"category": "external",
"summary": "RHBZ#2408762",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2408762"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6176",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6176"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6176",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6176"
},
{
"category": "external",
"summary": "https://huntr.com/bounties/2c26a886-5984-47ee-a421-0d5fe1344eb0",
"url": "https://huntr.com/bounties/2c26a886-5984-47ee-a421-0d5fe1344eb0"
}
],
"release_date": "2025-10-31T00:00:21.219000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T12:56:05+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:2325f237ab329cb3f1d3db4da40ed19f68d6daa2a5902c71be3f0d3cfcadd503_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:bf39728adabe9f4c9b50eed0af81d3524ed655718a0e3f86fa1f77aa6ccdb4d2_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c571ca5630d65b34f08776d61f6be269a5e819dd870a99530993adc50c19e43e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:ecd314ed5a994812d976dbccf0d3c4db54fadf5c1cba46d1fa0b2f0a1fd0e921_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2737"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:1dc2620596822eb28fb997bc51ad2ecb352011e63f4c54fb650bc3e4c8009c4e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:25ba51881b0dbabd2911ec309a1aa881cfb8075605a6d50dac63751482a55d62_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b219c4478e43d68d1a3f2bb9aa0ec16cd30d11587d48ab5952ac09b03771c396_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:eca201d07c2a36e80e38d331ac5daf176ae85b6f36884bb6cb22df27dc14eb63_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5eb26c2ee619ea24d5fa836b1d34e18fcaf83ce5202f9cb5e57adc4c1860cedb_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:72e2a67c8f707d8c4c0657b2d69e47e3d426db857e8270330fcff59f7145f362_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:ad1d4a09a47b2770be8feffed6cf0b8da2305b0472515ebbb08ebda65d608e79_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f00d96629947fa7b290d75ed751bc3e6a514cee8545307f1685d05662b3257cb_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:2325f237ab329cb3f1d3db4da40ed19f68d6daa2a5902c71be3f0d3cfcadd503_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:bf39728adabe9f4c9b50eed0af81d3524ed655718a0e3f86fa1f77aa6ccdb4d2_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c571ca5630d65b34f08776d61f6be269a5e819dd870a99530993adc50c19e43e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:ecd314ed5a994812d976dbccf0d3c4db54fadf5c1cba46d1fa0b2f0a1fd0e921_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:60f49f5b8bf2a681ee8fc8b5cd1351f70c1fe9a0052b4ec4806f6f5e996c14ad_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9ed8cbcf7d72efc99c619dbebb4f0dc548ac574d76f321efd5bc077ab35051c7_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:e856a58e6720d1fb05988d53f5b5868f10407551f8dfffd8b27e30d683b79920_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:edb5ff30f3984733c7c778e06a05fedf562790e9b2baf7f91f23b84e3db1228f_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:224d90fd4efbf139fa0a8f37705af8556c89128d9fe9911de8a421877e920746_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:91606367539bd6d36ad256a49a14f94eb534de2ad28e894d18288d97612fda7c_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d287d7b9594acfc6c2a49e9734c4699a7f641a24c136af2a984ce91ea2c3bdb1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:fe7eac5ba8577d0f36408c3f8be773c4e95ef57ded868a47cf80f669c51dca98_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:064b805df36b0ce427e9aa04177bce9334b1f691f2d3f15e469b9b969ce34bd4_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:3a2e53f6ac97df7e08ea40464916bbb50edb2bbfd5623b1037a04a8cd7f80ee6_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:d19e8224bbbc5b8a5c4c4ce7e3f7406d93c7e8de87de638f20cd806bcb8049c0_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:f31fe74f9dfb4a181358d4513573690c60fee2b3658472269239189374636a11_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:1dc2620596822eb28fb997bc51ad2ecb352011e63f4c54fb650bc3e4c8009c4e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:25ba51881b0dbabd2911ec309a1aa881cfb8075605a6d50dac63751482a55d62_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b219c4478e43d68d1a3f2bb9aa0ec16cd30d11587d48ab5952ac09b03771c396_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:eca201d07c2a36e80e38d331ac5daf176ae85b6f36884bb6cb22df27dc14eb63_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5eb26c2ee619ea24d5fa836b1d34e18fcaf83ce5202f9cb5e57adc4c1860cedb_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:72e2a67c8f707d8c4c0657b2d69e47e3d426db857e8270330fcff59f7145f362_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:ad1d4a09a47b2770be8feffed6cf0b8da2305b0472515ebbb08ebda65d608e79_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f00d96629947fa7b290d75ed751bc3e6a514cee8545307f1685d05662b3257cb_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:2325f237ab329cb3f1d3db4da40ed19f68d6daa2a5902c71be3f0d3cfcadd503_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:bf39728adabe9f4c9b50eed0af81d3524ed655718a0e3f86fa1f77aa6ccdb4d2_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c571ca5630d65b34f08776d61f6be269a5e819dd870a99530993adc50c19e43e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:ecd314ed5a994812d976dbccf0d3c4db54fadf5c1cba46d1fa0b2f0a1fd0e921_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:60f49f5b8bf2a681ee8fc8b5cd1351f70c1fe9a0052b4ec4806f6f5e996c14ad_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9ed8cbcf7d72efc99c619dbebb4f0dc548ac574d76f321efd5bc077ab35051c7_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:e856a58e6720d1fb05988d53f5b5868f10407551f8dfffd8b27e30d683b79920_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:edb5ff30f3984733c7c778e06a05fedf562790e9b2baf7f91f23b84e3db1228f_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:224d90fd4efbf139fa0a8f37705af8556c89128d9fe9911de8a421877e920746_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:91606367539bd6d36ad256a49a14f94eb534de2ad28e894d18288d97612fda7c_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d287d7b9594acfc6c2a49e9734c4699a7f641a24c136af2a984ce91ea2c3bdb1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:fe7eac5ba8577d0f36408c3f8be773c4e95ef57ded868a47cf80f669c51dca98_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:064b805df36b0ce427e9aa04177bce9334b1f691f2d3f15e469b9b969ce34bd4_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:3a2e53f6ac97df7e08ea40464916bbb50edb2bbfd5623b1037a04a8cd7f80ee6_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:d19e8224bbbc5b8a5c4c4ce7e3f7406d93c7e8de87de638f20cd806bcb8049c0_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:f31fe74f9dfb4a181358d4513573690c60fee2b3658472269239189374636a11_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Scrapy: python-scrapy: brotli: Python brotli decompression bomb DoS"
},
{
"cve": "CVE-2025-7783",
"cwe": {
"id": "CWE-330",
"name": "Use of Insufficiently Random Values"
},
"discovery_date": "2025-07-18T17:00:43.396637+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5eb26c2ee619ea24d5fa836b1d34e18fcaf83ce5202f9cb5e57adc4c1860cedb_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:72e2a67c8f707d8c4c0657b2d69e47e3d426db857e8270330fcff59f7145f362_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:ad1d4a09a47b2770be8feffed6cf0b8da2305b0472515ebbb08ebda65d608e79_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f00d96629947fa7b290d75ed751bc3e6a514cee8545307f1685d05662b3257cb_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:2325f237ab329cb3f1d3db4da40ed19f68d6daa2a5902c71be3f0d3cfcadd503_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:bf39728adabe9f4c9b50eed0af81d3524ed655718a0e3f86fa1f77aa6ccdb4d2_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c571ca5630d65b34f08776d61f6be269a5e819dd870a99530993adc50c19e43e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:ecd314ed5a994812d976dbccf0d3c4db54fadf5c1cba46d1fa0b2f0a1fd0e921_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:60f49f5b8bf2a681ee8fc8b5cd1351f70c1fe9a0052b4ec4806f6f5e996c14ad_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9ed8cbcf7d72efc99c619dbebb4f0dc548ac574d76f321efd5bc077ab35051c7_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:e856a58e6720d1fb05988d53f5b5868f10407551f8dfffd8b27e30d683b79920_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:edb5ff30f3984733c7c778e06a05fedf562790e9b2baf7f91f23b84e3db1228f_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:224d90fd4efbf139fa0a8f37705af8556c89128d9fe9911de8a421877e920746_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:91606367539bd6d36ad256a49a14f94eb534de2ad28e894d18288d97612fda7c_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d287d7b9594acfc6c2a49e9734c4699a7f641a24c136af2a984ce91ea2c3bdb1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:fe7eac5ba8577d0f36408c3f8be773c4e95ef57ded868a47cf80f669c51dca98_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:064b805df36b0ce427e9aa04177bce9334b1f691f2d3f15e469b9b969ce34bd4_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:3a2e53f6ac97df7e08ea40464916bbb50edb2bbfd5623b1037a04a8cd7f80ee6_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:d19e8224bbbc5b8a5c4c4ce7e3f7406d93c7e8de87de638f20cd806bcb8049c0_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:f31fe74f9dfb4a181358d4513573690c60fee2b3658472269239189374636a11_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2381959"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability related to predictable random number generation has been discovered in the form-data JavaScript library. The library utilizes Math.random() to determine boundary values for multipart form-encoded data.\n\nThis presents a security risk if an attacker can observe other values generated by Math.random() within the target application and simultaneously control at least one field of a request made using form-data. Under these conditions, the attacker could potentially predict or determine the boundary values. This predictability could be leveraged to bypass security controls, manipulate form data, or potentially lead to data integrity issues or other forms of exploitation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "form-data: Unsafe random function in form-data",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw does not affect host systems. The impact of this vulnerability is limited to specific applications which integrate the `form-data` library. As a result the impact of this CVE is limited on RedHat systems.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:1dc2620596822eb28fb997bc51ad2ecb352011e63f4c54fb650bc3e4c8009c4e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:25ba51881b0dbabd2911ec309a1aa881cfb8075605a6d50dac63751482a55d62_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b219c4478e43d68d1a3f2bb9aa0ec16cd30d11587d48ab5952ac09b03771c396_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:eca201d07c2a36e80e38d331ac5daf176ae85b6f36884bb6cb22df27dc14eb63_ppc64le"
],
"known_not_affected": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5eb26c2ee619ea24d5fa836b1d34e18fcaf83ce5202f9cb5e57adc4c1860cedb_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:72e2a67c8f707d8c4c0657b2d69e47e3d426db857e8270330fcff59f7145f362_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:ad1d4a09a47b2770be8feffed6cf0b8da2305b0472515ebbb08ebda65d608e79_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f00d96629947fa7b290d75ed751bc3e6a514cee8545307f1685d05662b3257cb_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:2325f237ab329cb3f1d3db4da40ed19f68d6daa2a5902c71be3f0d3cfcadd503_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:bf39728adabe9f4c9b50eed0af81d3524ed655718a0e3f86fa1f77aa6ccdb4d2_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c571ca5630d65b34f08776d61f6be269a5e819dd870a99530993adc50c19e43e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:ecd314ed5a994812d976dbccf0d3c4db54fadf5c1cba46d1fa0b2f0a1fd0e921_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:60f49f5b8bf2a681ee8fc8b5cd1351f70c1fe9a0052b4ec4806f6f5e996c14ad_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9ed8cbcf7d72efc99c619dbebb4f0dc548ac574d76f321efd5bc077ab35051c7_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:e856a58e6720d1fb05988d53f5b5868f10407551f8dfffd8b27e30d683b79920_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:edb5ff30f3984733c7c778e06a05fedf562790e9b2baf7f91f23b84e3db1228f_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:224d90fd4efbf139fa0a8f37705af8556c89128d9fe9911de8a421877e920746_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:91606367539bd6d36ad256a49a14f94eb534de2ad28e894d18288d97612fda7c_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d287d7b9594acfc6c2a49e9734c4699a7f641a24c136af2a984ce91ea2c3bdb1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:fe7eac5ba8577d0f36408c3f8be773c4e95ef57ded868a47cf80f669c51dca98_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:064b805df36b0ce427e9aa04177bce9334b1f691f2d3f15e469b9b969ce34bd4_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:3a2e53f6ac97df7e08ea40464916bbb50edb2bbfd5623b1037a04a8cd7f80ee6_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:d19e8224bbbc5b8a5c4c4ce7e3f7406d93c7e8de87de638f20cd806bcb8049c0_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:f31fe74f9dfb4a181358d4513573690c60fee2b3658472269239189374636a11_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-7783"
},
{
"category": "external",
"summary": "RHBZ#2381959",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2381959"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-7783",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7783"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-7783",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-7783"
},
{
"category": "external",
"summary": "https://github.com/form-data/form-data/commit/3d1723080e6577a66f17f163ecd345a21d8d0fd0",
"url": "https://github.com/form-data/form-data/commit/3d1723080e6577a66f17f163ecd345a21d8d0fd0"
},
{
"category": "external",
"summary": "https://github.com/form-data/form-data/security/advisories/GHSA-fjxv-7rqg-78g4",
"url": "https://github.com/form-data/form-data/security/advisories/GHSA-fjxv-7rqg-78g4"
}
],
"release_date": "2025-07-18T16:34:44.889000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T12:56:05+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:1dc2620596822eb28fb997bc51ad2ecb352011e63f4c54fb650bc3e4c8009c4e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:25ba51881b0dbabd2911ec309a1aa881cfb8075605a6d50dac63751482a55d62_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b219c4478e43d68d1a3f2bb9aa0ec16cd30d11587d48ab5952ac09b03771c396_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:eca201d07c2a36e80e38d331ac5daf176ae85b6f36884bb6cb22df27dc14eb63_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2737"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:1dc2620596822eb28fb997bc51ad2ecb352011e63f4c54fb650bc3e4c8009c4e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:25ba51881b0dbabd2911ec309a1aa881cfb8075605a6d50dac63751482a55d62_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b219c4478e43d68d1a3f2bb9aa0ec16cd30d11587d48ab5952ac09b03771c396_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:eca201d07c2a36e80e38d331ac5daf176ae85b6f36884bb6cb22df27dc14eb63_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5eb26c2ee619ea24d5fa836b1d34e18fcaf83ce5202f9cb5e57adc4c1860cedb_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:72e2a67c8f707d8c4c0657b2d69e47e3d426db857e8270330fcff59f7145f362_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:ad1d4a09a47b2770be8feffed6cf0b8da2305b0472515ebbb08ebda65d608e79_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f00d96629947fa7b290d75ed751bc3e6a514cee8545307f1685d05662b3257cb_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:2325f237ab329cb3f1d3db4da40ed19f68d6daa2a5902c71be3f0d3cfcadd503_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:bf39728adabe9f4c9b50eed0af81d3524ed655718a0e3f86fa1f77aa6ccdb4d2_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c571ca5630d65b34f08776d61f6be269a5e819dd870a99530993adc50c19e43e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:ecd314ed5a994812d976dbccf0d3c4db54fadf5c1cba46d1fa0b2f0a1fd0e921_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:60f49f5b8bf2a681ee8fc8b5cd1351f70c1fe9a0052b4ec4806f6f5e996c14ad_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9ed8cbcf7d72efc99c619dbebb4f0dc548ac574d76f321efd5bc077ab35051c7_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:e856a58e6720d1fb05988d53f5b5868f10407551f8dfffd8b27e30d683b79920_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:edb5ff30f3984733c7c778e06a05fedf562790e9b2baf7f91f23b84e3db1228f_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:224d90fd4efbf139fa0a8f37705af8556c89128d9fe9911de8a421877e920746_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:91606367539bd6d36ad256a49a14f94eb534de2ad28e894d18288d97612fda7c_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d287d7b9594acfc6c2a49e9734c4699a7f641a24c136af2a984ce91ea2c3bdb1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:fe7eac5ba8577d0f36408c3f8be773c4e95ef57ded868a47cf80f669c51dca98_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:064b805df36b0ce427e9aa04177bce9334b1f691f2d3f15e469b9b969ce34bd4_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:3a2e53f6ac97df7e08ea40464916bbb50edb2bbfd5623b1037a04a8cd7f80ee6_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:d19e8224bbbc5b8a5c4c4ce7e3f7406d93c7e8de87de638f20cd806bcb8049c0_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:f31fe74f9dfb4a181358d4513573690c60fee2b3658472269239189374636a11_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:1dc2620596822eb28fb997bc51ad2ecb352011e63f4c54fb650bc3e4c8009c4e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:25ba51881b0dbabd2911ec309a1aa881cfb8075605a6d50dac63751482a55d62_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b219c4478e43d68d1a3f2bb9aa0ec16cd30d11587d48ab5952ac09b03771c396_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:eca201d07c2a36e80e38d331ac5daf176ae85b6f36884bb6cb22df27dc14eb63_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5eb26c2ee619ea24d5fa836b1d34e18fcaf83ce5202f9cb5e57adc4c1860cedb_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:72e2a67c8f707d8c4c0657b2d69e47e3d426db857e8270330fcff59f7145f362_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:ad1d4a09a47b2770be8feffed6cf0b8da2305b0472515ebbb08ebda65d608e79_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f00d96629947fa7b290d75ed751bc3e6a514cee8545307f1685d05662b3257cb_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:2325f237ab329cb3f1d3db4da40ed19f68d6daa2a5902c71be3f0d3cfcadd503_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:bf39728adabe9f4c9b50eed0af81d3524ed655718a0e3f86fa1f77aa6ccdb4d2_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c571ca5630d65b34f08776d61f6be269a5e819dd870a99530993adc50c19e43e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:ecd314ed5a994812d976dbccf0d3c4db54fadf5c1cba46d1fa0b2f0a1fd0e921_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:60f49f5b8bf2a681ee8fc8b5cd1351f70c1fe9a0052b4ec4806f6f5e996c14ad_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9ed8cbcf7d72efc99c619dbebb4f0dc548ac574d76f321efd5bc077ab35051c7_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:e856a58e6720d1fb05988d53f5b5868f10407551f8dfffd8b27e30d683b79920_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:edb5ff30f3984733c7c778e06a05fedf562790e9b2baf7f91f23b84e3db1228f_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:224d90fd4efbf139fa0a8f37705af8556c89128d9fe9911de8a421877e920746_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:91606367539bd6d36ad256a49a14f94eb534de2ad28e894d18288d97612fda7c_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d287d7b9594acfc6c2a49e9734c4699a7f641a24c136af2a984ce91ea2c3bdb1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:fe7eac5ba8577d0f36408c3f8be773c4e95ef57ded868a47cf80f669c51dca98_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:064b805df36b0ce427e9aa04177bce9334b1f691f2d3f15e469b9b969ce34bd4_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:3a2e53f6ac97df7e08ea40464916bbb50edb2bbfd5623b1037a04a8cd7f80ee6_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:d19e8224bbbc5b8a5c4c4ce7e3f7406d93c7e8de87de638f20cd806bcb8049c0_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:f31fe74f9dfb4a181358d4513573690c60fee2b3658472269239189374636a11_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "form-data: Unsafe random function in form-data"
},
{
"cve": "CVE-2025-12816",
"cwe": {
"id": "CWE-179",
"name": "Incorrect Behavior Order: Early Validation"
},
"discovery_date": "2025-11-25T20:01:05.875196+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5eb26c2ee619ea24d5fa836b1d34e18fcaf83ce5202f9cb5e57adc4c1860cedb_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:72e2a67c8f707d8c4c0657b2d69e47e3d426db857e8270330fcff59f7145f362_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:ad1d4a09a47b2770be8feffed6cf0b8da2305b0472515ebbb08ebda65d608e79_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f00d96629947fa7b290d75ed751bc3e6a514cee8545307f1685d05662b3257cb_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:2325f237ab329cb3f1d3db4da40ed19f68d6daa2a5902c71be3f0d3cfcadd503_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:bf39728adabe9f4c9b50eed0af81d3524ed655718a0e3f86fa1f77aa6ccdb4d2_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c571ca5630d65b34f08776d61f6be269a5e819dd870a99530993adc50c19e43e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:ecd314ed5a994812d976dbccf0d3c4db54fadf5c1cba46d1fa0b2f0a1fd0e921_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:60f49f5b8bf2a681ee8fc8b5cd1351f70c1fe9a0052b4ec4806f6f5e996c14ad_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9ed8cbcf7d72efc99c619dbebb4f0dc548ac574d76f321efd5bc077ab35051c7_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:e856a58e6720d1fb05988d53f5b5868f10407551f8dfffd8b27e30d683b79920_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:edb5ff30f3984733c7c778e06a05fedf562790e9b2baf7f91f23b84e3db1228f_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:224d90fd4efbf139fa0a8f37705af8556c89128d9fe9911de8a421877e920746_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:91606367539bd6d36ad256a49a14f94eb534de2ad28e894d18288d97612fda7c_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d287d7b9594acfc6c2a49e9734c4699a7f641a24c136af2a984ce91ea2c3bdb1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:fe7eac5ba8577d0f36408c3f8be773c4e95ef57ded868a47cf80f669c51dca98_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:064b805df36b0ce427e9aa04177bce9334b1f691f2d3f15e469b9b969ce34bd4_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:3a2e53f6ac97df7e08ea40464916bbb50edb2bbfd5623b1037a04a8cd7f80ee6_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:d19e8224bbbc5b8a5c4c4ce7e3f7406d93c7e8de87de638f20cd806bcb8049c0_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:f31fe74f9dfb4a181358d4513573690c60fee2b3658472269239189374636a11_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2417097"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in node-forge. This vulnerability allows unauthenticated attackers to bypass downstream cryptographic verifications and security decisions via crafting ASN.1 (Abstract Syntax Notation One) structures to desynchronize schema validations, yielding a semantic divergence.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: node-forge: Interpretation conflict vulnerability allows bypassing cryptographic verifications",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products due to an interpretation conflict in the node-forge library. An unauthenticated attacker could exploit this flaw by crafting malicious ASN.1 structures, leading to a bypass of cryptographic verifications and security decisions in affected applications. This impacts various Red Hat products that utilize node-forge for cryptographic operations.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:1dc2620596822eb28fb997bc51ad2ecb352011e63f4c54fb650bc3e4c8009c4e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:25ba51881b0dbabd2911ec309a1aa881cfb8075605a6d50dac63751482a55d62_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b219c4478e43d68d1a3f2bb9aa0ec16cd30d11587d48ab5952ac09b03771c396_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:eca201d07c2a36e80e38d331ac5daf176ae85b6f36884bb6cb22df27dc14eb63_ppc64le"
],
"known_not_affected": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5eb26c2ee619ea24d5fa836b1d34e18fcaf83ce5202f9cb5e57adc4c1860cedb_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:72e2a67c8f707d8c4c0657b2d69e47e3d426db857e8270330fcff59f7145f362_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:ad1d4a09a47b2770be8feffed6cf0b8da2305b0472515ebbb08ebda65d608e79_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f00d96629947fa7b290d75ed751bc3e6a514cee8545307f1685d05662b3257cb_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:2325f237ab329cb3f1d3db4da40ed19f68d6daa2a5902c71be3f0d3cfcadd503_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:bf39728adabe9f4c9b50eed0af81d3524ed655718a0e3f86fa1f77aa6ccdb4d2_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c571ca5630d65b34f08776d61f6be269a5e819dd870a99530993adc50c19e43e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:ecd314ed5a994812d976dbccf0d3c4db54fadf5c1cba46d1fa0b2f0a1fd0e921_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:60f49f5b8bf2a681ee8fc8b5cd1351f70c1fe9a0052b4ec4806f6f5e996c14ad_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9ed8cbcf7d72efc99c619dbebb4f0dc548ac574d76f321efd5bc077ab35051c7_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:e856a58e6720d1fb05988d53f5b5868f10407551f8dfffd8b27e30d683b79920_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:edb5ff30f3984733c7c778e06a05fedf562790e9b2baf7f91f23b84e3db1228f_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:224d90fd4efbf139fa0a8f37705af8556c89128d9fe9911de8a421877e920746_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:91606367539bd6d36ad256a49a14f94eb534de2ad28e894d18288d97612fda7c_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d287d7b9594acfc6c2a49e9734c4699a7f641a24c136af2a984ce91ea2c3bdb1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:fe7eac5ba8577d0f36408c3f8be773c4e95ef57ded868a47cf80f669c51dca98_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:064b805df36b0ce427e9aa04177bce9334b1f691f2d3f15e469b9b969ce34bd4_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:3a2e53f6ac97df7e08ea40464916bbb50edb2bbfd5623b1037a04a8cd7f80ee6_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:d19e8224bbbc5b8a5c4c4ce7e3f7406d93c7e8de87de638f20cd806bcb8049c0_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:f31fe74f9dfb4a181358d4513573690c60fee2b3658472269239189374636a11_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-12816"
},
{
"category": "external",
"summary": "RHBZ#2417097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-12816",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12816"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-12816",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12816"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge",
"url": "https://github.com/digitalbazaar/forge"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/pull/1124",
"url": "https://github.com/digitalbazaar/forge/pull/1124"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5gfm-wpxj-wjgq",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5gfm-wpxj-wjgq"
},
{
"category": "external",
"summary": "https://kb.cert.org/vuls/id/521113",
"url": "https://kb.cert.org/vuls/id/521113"
},
{
"category": "external",
"summary": "https://www.npmjs.com/package/node-forge",
"url": "https://www.npmjs.com/package/node-forge"
}
],
"release_date": "2025-11-25T19:15:50.243000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T12:56:05+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:1dc2620596822eb28fb997bc51ad2ecb352011e63f4c54fb650bc3e4c8009c4e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:25ba51881b0dbabd2911ec309a1aa881cfb8075605a6d50dac63751482a55d62_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b219c4478e43d68d1a3f2bb9aa0ec16cd30d11587d48ab5952ac09b03771c396_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:eca201d07c2a36e80e38d331ac5daf176ae85b6f36884bb6cb22df27dc14eb63_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2737"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:1dc2620596822eb28fb997bc51ad2ecb352011e63f4c54fb650bc3e4c8009c4e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:25ba51881b0dbabd2911ec309a1aa881cfb8075605a6d50dac63751482a55d62_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b219c4478e43d68d1a3f2bb9aa0ec16cd30d11587d48ab5952ac09b03771c396_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:eca201d07c2a36e80e38d331ac5daf176ae85b6f36884bb6cb22df27dc14eb63_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5eb26c2ee619ea24d5fa836b1d34e18fcaf83ce5202f9cb5e57adc4c1860cedb_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:72e2a67c8f707d8c4c0657b2d69e47e3d426db857e8270330fcff59f7145f362_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:ad1d4a09a47b2770be8feffed6cf0b8da2305b0472515ebbb08ebda65d608e79_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f00d96629947fa7b290d75ed751bc3e6a514cee8545307f1685d05662b3257cb_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:2325f237ab329cb3f1d3db4da40ed19f68d6daa2a5902c71be3f0d3cfcadd503_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:bf39728adabe9f4c9b50eed0af81d3524ed655718a0e3f86fa1f77aa6ccdb4d2_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c571ca5630d65b34f08776d61f6be269a5e819dd870a99530993adc50c19e43e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:ecd314ed5a994812d976dbccf0d3c4db54fadf5c1cba46d1fa0b2f0a1fd0e921_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:60f49f5b8bf2a681ee8fc8b5cd1351f70c1fe9a0052b4ec4806f6f5e996c14ad_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9ed8cbcf7d72efc99c619dbebb4f0dc548ac574d76f321efd5bc077ab35051c7_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:e856a58e6720d1fb05988d53f5b5868f10407551f8dfffd8b27e30d683b79920_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:edb5ff30f3984733c7c778e06a05fedf562790e9b2baf7f91f23b84e3db1228f_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:224d90fd4efbf139fa0a8f37705af8556c89128d9fe9911de8a421877e920746_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:91606367539bd6d36ad256a49a14f94eb534de2ad28e894d18288d97612fda7c_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d287d7b9594acfc6c2a49e9734c4699a7f641a24c136af2a984ce91ea2c3bdb1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:fe7eac5ba8577d0f36408c3f8be773c4e95ef57ded868a47cf80f669c51dca98_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:064b805df36b0ce427e9aa04177bce9334b1f691f2d3f15e469b9b969ce34bd4_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:3a2e53f6ac97df7e08ea40464916bbb50edb2bbfd5623b1037a04a8cd7f80ee6_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:d19e8224bbbc5b8a5c4c4ce7e3f7406d93c7e8de87de638f20cd806bcb8049c0_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:f31fe74f9dfb4a181358d4513573690c60fee2b3658472269239189374636a11_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:1dc2620596822eb28fb997bc51ad2ecb352011e63f4c54fb650bc3e4c8009c4e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:25ba51881b0dbabd2911ec309a1aa881cfb8075605a6d50dac63751482a55d62_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b219c4478e43d68d1a3f2bb9aa0ec16cd30d11587d48ab5952ac09b03771c396_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:eca201d07c2a36e80e38d331ac5daf176ae85b6f36884bb6cb22df27dc14eb63_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5eb26c2ee619ea24d5fa836b1d34e18fcaf83ce5202f9cb5e57adc4c1860cedb_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:72e2a67c8f707d8c4c0657b2d69e47e3d426db857e8270330fcff59f7145f362_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:ad1d4a09a47b2770be8feffed6cf0b8da2305b0472515ebbb08ebda65d608e79_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f00d96629947fa7b290d75ed751bc3e6a514cee8545307f1685d05662b3257cb_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:2325f237ab329cb3f1d3db4da40ed19f68d6daa2a5902c71be3f0d3cfcadd503_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:bf39728adabe9f4c9b50eed0af81d3524ed655718a0e3f86fa1f77aa6ccdb4d2_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c571ca5630d65b34f08776d61f6be269a5e819dd870a99530993adc50c19e43e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:ecd314ed5a994812d976dbccf0d3c4db54fadf5c1cba46d1fa0b2f0a1fd0e921_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:60f49f5b8bf2a681ee8fc8b5cd1351f70c1fe9a0052b4ec4806f6f5e996c14ad_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9ed8cbcf7d72efc99c619dbebb4f0dc548ac574d76f321efd5bc077ab35051c7_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:e856a58e6720d1fb05988d53f5b5868f10407551f8dfffd8b27e30d683b79920_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:edb5ff30f3984733c7c778e06a05fedf562790e9b2baf7f91f23b84e3db1228f_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:224d90fd4efbf139fa0a8f37705af8556c89128d9fe9911de8a421877e920746_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:91606367539bd6d36ad256a49a14f94eb534de2ad28e894d18288d97612fda7c_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d287d7b9594acfc6c2a49e9734c4699a7f641a24c136af2a984ce91ea2c3bdb1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:fe7eac5ba8577d0f36408c3f8be773c4e95ef57ded868a47cf80f669c51dca98_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:064b805df36b0ce427e9aa04177bce9334b1f691f2d3f15e469b9b969ce34bd4_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:3a2e53f6ac97df7e08ea40464916bbb50edb2bbfd5623b1037a04a8cd7f80ee6_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:d19e8224bbbc5b8a5c4c4ce7e3f7406d93c7e8de87de638f20cd806bcb8049c0_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:f31fe74f9dfb4a181358d4513573690c60fee2b3658472269239189374636a11_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "node-forge: node-forge: Interpretation conflict vulnerability allows bypassing cryptographic verifications"
},
{
"cve": "CVE-2025-14104",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2025-12-05T14:16:36.004000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:1dc2620596822eb28fb997bc51ad2ecb352011e63f4c54fb650bc3e4c8009c4e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:25ba51881b0dbabd2911ec309a1aa881cfb8075605a6d50dac63751482a55d62_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b219c4478e43d68d1a3f2bb9aa0ec16cd30d11587d48ab5952ac09b03771c396_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:eca201d07c2a36e80e38d331ac5daf176ae85b6f36884bb6cb22df27dc14eb63_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5eb26c2ee619ea24d5fa836b1d34e18fcaf83ce5202f9cb5e57adc4c1860cedb_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:72e2a67c8f707d8c4c0657b2d69e47e3d426db857e8270330fcff59f7145f362_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:ad1d4a09a47b2770be8feffed6cf0b8da2305b0472515ebbb08ebda65d608e79_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f00d96629947fa7b290d75ed751bc3e6a514cee8545307f1685d05662b3257cb_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:60f49f5b8bf2a681ee8fc8b5cd1351f70c1fe9a0052b4ec4806f6f5e996c14ad_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9ed8cbcf7d72efc99c619dbebb4f0dc548ac574d76f321efd5bc077ab35051c7_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:e856a58e6720d1fb05988d53f5b5868f10407551f8dfffd8b27e30d683b79920_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:edb5ff30f3984733c7c778e06a05fedf562790e9b2baf7f91f23b84e3db1228f_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:224d90fd4efbf139fa0a8f37705af8556c89128d9fe9911de8a421877e920746_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:91606367539bd6d36ad256a49a14f94eb534de2ad28e894d18288d97612fda7c_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d287d7b9594acfc6c2a49e9734c4699a7f641a24c136af2a984ce91ea2c3bdb1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:fe7eac5ba8577d0f36408c3f8be773c4e95ef57ded868a47cf80f669c51dca98_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:064b805df36b0ce427e9aa04177bce9334b1f691f2d3f15e469b9b969ce34bd4_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:3a2e53f6ac97df7e08ea40464916bbb50edb2bbfd5623b1037a04a8cd7f80ee6_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:d19e8224bbbc5b8a5c4c4ce7e3f7406d93c7e8de87de638f20cd806bcb8049c0_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:f31fe74f9dfb4a181358d4513573690c60fee2b3658472269239189374636a11_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419369"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in util-linux. This vulnerability allows a heap buffer overread when processing 256-byte usernames, specifically within the `setpwnam()` function, affecting SUID (Set User ID) login-utils utilities writing to the password database.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "util-linux: util-linux: Heap buffer overread in setpwnam() when processing 256-byte usernames",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:2325f237ab329cb3f1d3db4da40ed19f68d6daa2a5902c71be3f0d3cfcadd503_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:bf39728adabe9f4c9b50eed0af81d3524ed655718a0e3f86fa1f77aa6ccdb4d2_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c571ca5630d65b34f08776d61f6be269a5e819dd870a99530993adc50c19e43e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:ecd314ed5a994812d976dbccf0d3c4db54fadf5c1cba46d1fa0b2f0a1fd0e921_ppc64le"
],
"known_not_affected": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:1dc2620596822eb28fb997bc51ad2ecb352011e63f4c54fb650bc3e4c8009c4e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:25ba51881b0dbabd2911ec309a1aa881cfb8075605a6d50dac63751482a55d62_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b219c4478e43d68d1a3f2bb9aa0ec16cd30d11587d48ab5952ac09b03771c396_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:eca201d07c2a36e80e38d331ac5daf176ae85b6f36884bb6cb22df27dc14eb63_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5eb26c2ee619ea24d5fa836b1d34e18fcaf83ce5202f9cb5e57adc4c1860cedb_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:72e2a67c8f707d8c4c0657b2d69e47e3d426db857e8270330fcff59f7145f362_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:ad1d4a09a47b2770be8feffed6cf0b8da2305b0472515ebbb08ebda65d608e79_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f00d96629947fa7b290d75ed751bc3e6a514cee8545307f1685d05662b3257cb_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:60f49f5b8bf2a681ee8fc8b5cd1351f70c1fe9a0052b4ec4806f6f5e996c14ad_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9ed8cbcf7d72efc99c619dbebb4f0dc548ac574d76f321efd5bc077ab35051c7_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:e856a58e6720d1fb05988d53f5b5868f10407551f8dfffd8b27e30d683b79920_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:edb5ff30f3984733c7c778e06a05fedf562790e9b2baf7f91f23b84e3db1228f_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:224d90fd4efbf139fa0a8f37705af8556c89128d9fe9911de8a421877e920746_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:91606367539bd6d36ad256a49a14f94eb534de2ad28e894d18288d97612fda7c_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d287d7b9594acfc6c2a49e9734c4699a7f641a24c136af2a984ce91ea2c3bdb1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:fe7eac5ba8577d0f36408c3f8be773c4e95ef57ded868a47cf80f669c51dca98_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:064b805df36b0ce427e9aa04177bce9334b1f691f2d3f15e469b9b969ce34bd4_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:3a2e53f6ac97df7e08ea40464916bbb50edb2bbfd5623b1037a04a8cd7f80ee6_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:d19e8224bbbc5b8a5c4c4ce7e3f7406d93c7e8de87de638f20cd806bcb8049c0_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:f31fe74f9dfb4a181358d4513573690c60fee2b3658472269239189374636a11_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-14104"
},
{
"category": "external",
"summary": "RHBZ#2419369",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419369"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-14104",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-14104"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-14104",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-14104"
}
],
"release_date": "2025-12-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T12:56:05+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:2325f237ab329cb3f1d3db4da40ed19f68d6daa2a5902c71be3f0d3cfcadd503_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:bf39728adabe9f4c9b50eed0af81d3524ed655718a0e3f86fa1f77aa6ccdb4d2_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c571ca5630d65b34f08776d61f6be269a5e819dd870a99530993adc50c19e43e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:ecd314ed5a994812d976dbccf0d3c4db54fadf5c1cba46d1fa0b2f0a1fd0e921_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2737"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:1dc2620596822eb28fb997bc51ad2ecb352011e63f4c54fb650bc3e4c8009c4e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:25ba51881b0dbabd2911ec309a1aa881cfb8075605a6d50dac63751482a55d62_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b219c4478e43d68d1a3f2bb9aa0ec16cd30d11587d48ab5952ac09b03771c396_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:eca201d07c2a36e80e38d331ac5daf176ae85b6f36884bb6cb22df27dc14eb63_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5eb26c2ee619ea24d5fa836b1d34e18fcaf83ce5202f9cb5e57adc4c1860cedb_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:72e2a67c8f707d8c4c0657b2d69e47e3d426db857e8270330fcff59f7145f362_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:ad1d4a09a47b2770be8feffed6cf0b8da2305b0472515ebbb08ebda65d608e79_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f00d96629947fa7b290d75ed751bc3e6a514cee8545307f1685d05662b3257cb_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:2325f237ab329cb3f1d3db4da40ed19f68d6daa2a5902c71be3f0d3cfcadd503_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:bf39728adabe9f4c9b50eed0af81d3524ed655718a0e3f86fa1f77aa6ccdb4d2_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c571ca5630d65b34f08776d61f6be269a5e819dd870a99530993adc50c19e43e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:ecd314ed5a994812d976dbccf0d3c4db54fadf5c1cba46d1fa0b2f0a1fd0e921_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:60f49f5b8bf2a681ee8fc8b5cd1351f70c1fe9a0052b4ec4806f6f5e996c14ad_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9ed8cbcf7d72efc99c619dbebb4f0dc548ac574d76f321efd5bc077ab35051c7_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:e856a58e6720d1fb05988d53f5b5868f10407551f8dfffd8b27e30d683b79920_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:edb5ff30f3984733c7c778e06a05fedf562790e9b2baf7f91f23b84e3db1228f_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:224d90fd4efbf139fa0a8f37705af8556c89128d9fe9911de8a421877e920746_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:91606367539bd6d36ad256a49a14f94eb534de2ad28e894d18288d97612fda7c_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d287d7b9594acfc6c2a49e9734c4699a7f641a24c136af2a984ce91ea2c3bdb1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:fe7eac5ba8577d0f36408c3f8be773c4e95ef57ded868a47cf80f669c51dca98_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:064b805df36b0ce427e9aa04177bce9334b1f691f2d3f15e469b9b969ce34bd4_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:3a2e53f6ac97df7e08ea40464916bbb50edb2bbfd5623b1037a04a8cd7f80ee6_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:d19e8224bbbc5b8a5c4c4ce7e3f7406d93c7e8de87de638f20cd806bcb8049c0_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:f31fe74f9dfb4a181358d4513573690c60fee2b3658472269239189374636a11_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:1dc2620596822eb28fb997bc51ad2ecb352011e63f4c54fb650bc3e4c8009c4e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:25ba51881b0dbabd2911ec309a1aa881cfb8075605a6d50dac63751482a55d62_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b219c4478e43d68d1a3f2bb9aa0ec16cd30d11587d48ab5952ac09b03771c396_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:eca201d07c2a36e80e38d331ac5daf176ae85b6f36884bb6cb22df27dc14eb63_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5eb26c2ee619ea24d5fa836b1d34e18fcaf83ce5202f9cb5e57adc4c1860cedb_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:72e2a67c8f707d8c4c0657b2d69e47e3d426db857e8270330fcff59f7145f362_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:ad1d4a09a47b2770be8feffed6cf0b8da2305b0472515ebbb08ebda65d608e79_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f00d96629947fa7b290d75ed751bc3e6a514cee8545307f1685d05662b3257cb_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:2325f237ab329cb3f1d3db4da40ed19f68d6daa2a5902c71be3f0d3cfcadd503_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:bf39728adabe9f4c9b50eed0af81d3524ed655718a0e3f86fa1f77aa6ccdb4d2_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c571ca5630d65b34f08776d61f6be269a5e819dd870a99530993adc50c19e43e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:ecd314ed5a994812d976dbccf0d3c4db54fadf5c1cba46d1fa0b2f0a1fd0e921_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:60f49f5b8bf2a681ee8fc8b5cd1351f70c1fe9a0052b4ec4806f6f5e996c14ad_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9ed8cbcf7d72efc99c619dbebb4f0dc548ac574d76f321efd5bc077ab35051c7_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:e856a58e6720d1fb05988d53f5b5868f10407551f8dfffd8b27e30d683b79920_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:edb5ff30f3984733c7c778e06a05fedf562790e9b2baf7f91f23b84e3db1228f_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:224d90fd4efbf139fa0a8f37705af8556c89128d9fe9911de8a421877e920746_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:91606367539bd6d36ad256a49a14f94eb534de2ad28e894d18288d97612fda7c_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d287d7b9594acfc6c2a49e9734c4699a7f641a24c136af2a984ce91ea2c3bdb1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:fe7eac5ba8577d0f36408c3f8be773c4e95ef57ded868a47cf80f669c51dca98_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:064b805df36b0ce427e9aa04177bce9334b1f691f2d3f15e469b9b969ce34bd4_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:3a2e53f6ac97df7e08ea40464916bbb50edb2bbfd5623b1037a04a8cd7f80ee6_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:d19e8224bbbc5b8a5c4c4ce7e3f7406d93c7e8de87de638f20cd806bcb8049c0_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:f31fe74f9dfb4a181358d4513573690c60fee2b3658472269239189374636a11_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "util-linux: util-linux: Heap buffer overread in setpwnam() when processing 256-byte usernames"
},
{
"cve": "CVE-2025-26791",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2025-02-14T09:00:45.578144+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5eb26c2ee619ea24d5fa836b1d34e18fcaf83ce5202f9cb5e57adc4c1860cedb_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:72e2a67c8f707d8c4c0657b2d69e47e3d426db857e8270330fcff59f7145f362_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:ad1d4a09a47b2770be8feffed6cf0b8da2305b0472515ebbb08ebda65d608e79_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f00d96629947fa7b290d75ed751bc3e6a514cee8545307f1685d05662b3257cb_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:2325f237ab329cb3f1d3db4da40ed19f68d6daa2a5902c71be3f0d3cfcadd503_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:bf39728adabe9f4c9b50eed0af81d3524ed655718a0e3f86fa1f77aa6ccdb4d2_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c571ca5630d65b34f08776d61f6be269a5e819dd870a99530993adc50c19e43e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:ecd314ed5a994812d976dbccf0d3c4db54fadf5c1cba46d1fa0b2f0a1fd0e921_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:60f49f5b8bf2a681ee8fc8b5cd1351f70c1fe9a0052b4ec4806f6f5e996c14ad_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9ed8cbcf7d72efc99c619dbebb4f0dc548ac574d76f321efd5bc077ab35051c7_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:e856a58e6720d1fb05988d53f5b5868f10407551f8dfffd8b27e30d683b79920_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:edb5ff30f3984733c7c778e06a05fedf562790e9b2baf7f91f23b84e3db1228f_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:224d90fd4efbf139fa0a8f37705af8556c89128d9fe9911de8a421877e920746_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:91606367539bd6d36ad256a49a14f94eb534de2ad28e894d18288d97612fda7c_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d287d7b9594acfc6c2a49e9734c4699a7f641a24c136af2a984ce91ea2c3bdb1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:fe7eac5ba8577d0f36408c3f8be773c4e95ef57ded868a47cf80f669c51dca98_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:064b805df36b0ce427e9aa04177bce9334b1f691f2d3f15e469b9b969ce34bd4_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:3a2e53f6ac97df7e08ea40464916bbb50edb2bbfd5623b1037a04a8cd7f80ee6_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:d19e8224bbbc5b8a5c4c4ce7e3f7406d93c7e8de87de638f20cd806bcb8049c0_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:f31fe74f9dfb4a181358d4513573690c60fee2b3658472269239189374636a11_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2345695"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in DOMPurify. This vulnerability allows attackers to execute mutation-based Cross-site scripting (mXSS) via an incorrect template literal regular expression.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "dompurify: Mutation XSS in DOMPurify Due to Improper Template Literal Handling",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:1dc2620596822eb28fb997bc51ad2ecb352011e63f4c54fb650bc3e4c8009c4e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:25ba51881b0dbabd2911ec309a1aa881cfb8075605a6d50dac63751482a55d62_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b219c4478e43d68d1a3f2bb9aa0ec16cd30d11587d48ab5952ac09b03771c396_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:eca201d07c2a36e80e38d331ac5daf176ae85b6f36884bb6cb22df27dc14eb63_ppc64le"
],
"known_not_affected": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5eb26c2ee619ea24d5fa836b1d34e18fcaf83ce5202f9cb5e57adc4c1860cedb_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:72e2a67c8f707d8c4c0657b2d69e47e3d426db857e8270330fcff59f7145f362_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:ad1d4a09a47b2770be8feffed6cf0b8da2305b0472515ebbb08ebda65d608e79_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f00d96629947fa7b290d75ed751bc3e6a514cee8545307f1685d05662b3257cb_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:2325f237ab329cb3f1d3db4da40ed19f68d6daa2a5902c71be3f0d3cfcadd503_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:bf39728adabe9f4c9b50eed0af81d3524ed655718a0e3f86fa1f77aa6ccdb4d2_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c571ca5630d65b34f08776d61f6be269a5e819dd870a99530993adc50c19e43e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:ecd314ed5a994812d976dbccf0d3c4db54fadf5c1cba46d1fa0b2f0a1fd0e921_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:60f49f5b8bf2a681ee8fc8b5cd1351f70c1fe9a0052b4ec4806f6f5e996c14ad_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9ed8cbcf7d72efc99c619dbebb4f0dc548ac574d76f321efd5bc077ab35051c7_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:e856a58e6720d1fb05988d53f5b5868f10407551f8dfffd8b27e30d683b79920_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:edb5ff30f3984733c7c778e06a05fedf562790e9b2baf7f91f23b84e3db1228f_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:224d90fd4efbf139fa0a8f37705af8556c89128d9fe9911de8a421877e920746_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:91606367539bd6d36ad256a49a14f94eb534de2ad28e894d18288d97612fda7c_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d287d7b9594acfc6c2a49e9734c4699a7f641a24c136af2a984ce91ea2c3bdb1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:fe7eac5ba8577d0f36408c3f8be773c4e95ef57ded868a47cf80f669c51dca98_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:064b805df36b0ce427e9aa04177bce9334b1f691f2d3f15e469b9b969ce34bd4_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:3a2e53f6ac97df7e08ea40464916bbb50edb2bbfd5623b1037a04a8cd7f80ee6_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:d19e8224bbbc5b8a5c4c4ce7e3f7406d93c7e8de87de638f20cd806bcb8049c0_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:f31fe74f9dfb4a181358d4513573690c60fee2b3658472269239189374636a11_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-26791"
},
{
"category": "external",
"summary": "RHBZ#2345695",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2345695"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-26791",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-26791"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-26791",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-26791"
},
{
"category": "external",
"summary": "https://ensy.zip/posts/dompurify-323-bypass/",
"url": "https://ensy.zip/posts/dompurify-323-bypass/"
},
{
"category": "external",
"summary": "https://github.com/cure53/DOMPurify/commit/d18ffcb554e0001748865da03ac75dd7829f0f02",
"url": "https://github.com/cure53/DOMPurify/commit/d18ffcb554e0001748865da03ac75dd7829f0f02"
},
{
"category": "external",
"summary": "https://github.com/cure53/DOMPurify/releases/tag/3.2.4",
"url": "https://github.com/cure53/DOMPurify/releases/tag/3.2.4"
},
{
"category": "external",
"summary": "https://nsysean.github.io/posts/dompurify-323-bypass/",
"url": "https://nsysean.github.io/posts/dompurify-323-bypass/"
}
],
"release_date": "2025-02-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T12:56:05+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:1dc2620596822eb28fb997bc51ad2ecb352011e63f4c54fb650bc3e4c8009c4e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:25ba51881b0dbabd2911ec309a1aa881cfb8075605a6d50dac63751482a55d62_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b219c4478e43d68d1a3f2bb9aa0ec16cd30d11587d48ab5952ac09b03771c396_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:eca201d07c2a36e80e38d331ac5daf176ae85b6f36884bb6cb22df27dc14eb63_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2737"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:1dc2620596822eb28fb997bc51ad2ecb352011e63f4c54fb650bc3e4c8009c4e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:25ba51881b0dbabd2911ec309a1aa881cfb8075605a6d50dac63751482a55d62_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b219c4478e43d68d1a3f2bb9aa0ec16cd30d11587d48ab5952ac09b03771c396_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:eca201d07c2a36e80e38d331ac5daf176ae85b6f36884bb6cb22df27dc14eb63_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5eb26c2ee619ea24d5fa836b1d34e18fcaf83ce5202f9cb5e57adc4c1860cedb_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:72e2a67c8f707d8c4c0657b2d69e47e3d426db857e8270330fcff59f7145f362_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:ad1d4a09a47b2770be8feffed6cf0b8da2305b0472515ebbb08ebda65d608e79_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f00d96629947fa7b290d75ed751bc3e6a514cee8545307f1685d05662b3257cb_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:2325f237ab329cb3f1d3db4da40ed19f68d6daa2a5902c71be3f0d3cfcadd503_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:bf39728adabe9f4c9b50eed0af81d3524ed655718a0e3f86fa1f77aa6ccdb4d2_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c571ca5630d65b34f08776d61f6be269a5e819dd870a99530993adc50c19e43e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:ecd314ed5a994812d976dbccf0d3c4db54fadf5c1cba46d1fa0b2f0a1fd0e921_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:60f49f5b8bf2a681ee8fc8b5cd1351f70c1fe9a0052b4ec4806f6f5e996c14ad_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9ed8cbcf7d72efc99c619dbebb4f0dc548ac574d76f321efd5bc077ab35051c7_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:e856a58e6720d1fb05988d53f5b5868f10407551f8dfffd8b27e30d683b79920_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:edb5ff30f3984733c7c778e06a05fedf562790e9b2baf7f91f23b84e3db1228f_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:224d90fd4efbf139fa0a8f37705af8556c89128d9fe9911de8a421877e920746_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:91606367539bd6d36ad256a49a14f94eb534de2ad28e894d18288d97612fda7c_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d287d7b9594acfc6c2a49e9734c4699a7f641a24c136af2a984ce91ea2c3bdb1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:fe7eac5ba8577d0f36408c3f8be773c4e95ef57ded868a47cf80f669c51dca98_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:064b805df36b0ce427e9aa04177bce9334b1f691f2d3f15e469b9b969ce34bd4_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:3a2e53f6ac97df7e08ea40464916bbb50edb2bbfd5623b1037a04a8cd7f80ee6_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:d19e8224bbbc5b8a5c4c4ce7e3f7406d93c7e8de87de638f20cd806bcb8049c0_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:f31fe74f9dfb4a181358d4513573690c60fee2b3658472269239189374636a11_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "dompurify: Mutation XSS in DOMPurify Due to Improper Template Literal Handling"
},
{
"cve": "CVE-2025-47907",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"discovery_date": "2025-08-07T16:01:06.247481+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5eb26c2ee619ea24d5fa836b1d34e18fcaf83ce5202f9cb5e57adc4c1860cedb_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:72e2a67c8f707d8c4c0657b2d69e47e3d426db857e8270330fcff59f7145f362_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:ad1d4a09a47b2770be8feffed6cf0b8da2305b0472515ebbb08ebda65d608e79_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f00d96629947fa7b290d75ed751bc3e6a514cee8545307f1685d05662b3257cb_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:2325f237ab329cb3f1d3db4da40ed19f68d6daa2a5902c71be3f0d3cfcadd503_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:bf39728adabe9f4c9b50eed0af81d3524ed655718a0e3f86fa1f77aa6ccdb4d2_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c571ca5630d65b34f08776d61f6be269a5e819dd870a99530993adc50c19e43e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:ecd314ed5a994812d976dbccf0d3c4db54fadf5c1cba46d1fa0b2f0a1fd0e921_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:60f49f5b8bf2a681ee8fc8b5cd1351f70c1fe9a0052b4ec4806f6f5e996c14ad_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9ed8cbcf7d72efc99c619dbebb4f0dc548ac574d76f321efd5bc077ab35051c7_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:e856a58e6720d1fb05988d53f5b5868f10407551f8dfffd8b27e30d683b79920_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:edb5ff30f3984733c7c778e06a05fedf562790e9b2baf7f91f23b84e3db1228f_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:224d90fd4efbf139fa0a8f37705af8556c89128d9fe9911de8a421877e920746_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:91606367539bd6d36ad256a49a14f94eb534de2ad28e894d18288d97612fda7c_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d287d7b9594acfc6c2a49e9734c4699a7f641a24c136af2a984ce91ea2c3bdb1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:fe7eac5ba8577d0f36408c3f8be773c4e95ef57ded868a47cf80f669c51dca98_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:064b805df36b0ce427e9aa04177bce9334b1f691f2d3f15e469b9b969ce34bd4_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:3a2e53f6ac97df7e08ea40464916bbb50edb2bbfd5623b1037a04a8cd7f80ee6_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:d19e8224bbbc5b8a5c4c4ce7e3f7406d93c7e8de87de638f20cd806bcb8049c0_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:f31fe74f9dfb4a181358d4513573690c60fee2b3658472269239189374636a11_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2387083"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in database/sql. Concurrent queries can produce unexpected results when a query is cancelled during a Scan method call on returned Rows, creating a race condition. This vulnerability allows an attacker who can initiate and cancel queries to trigger this condition, possibly leading to inconsistent data being returned to the application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "database/sql: Postgres Scan Race Condition",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability marked as Moderate severity issues rather than Important. The os/exec LookPath flaw requires a misconfigured PATH to be exploitable, and the database/sql race condition primarily impacts applications that cancel queries while running multiple queries concurrently. Both can cause unexpected behavior, but the exploitation scope is limited and unlikely to result in direct compromise in most typical deployments.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:1dc2620596822eb28fb997bc51ad2ecb352011e63f4c54fb650bc3e4c8009c4e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:25ba51881b0dbabd2911ec309a1aa881cfb8075605a6d50dac63751482a55d62_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b219c4478e43d68d1a3f2bb9aa0ec16cd30d11587d48ab5952ac09b03771c396_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:eca201d07c2a36e80e38d331ac5daf176ae85b6f36884bb6cb22df27dc14eb63_ppc64le"
],
"known_not_affected": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5eb26c2ee619ea24d5fa836b1d34e18fcaf83ce5202f9cb5e57adc4c1860cedb_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:72e2a67c8f707d8c4c0657b2d69e47e3d426db857e8270330fcff59f7145f362_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:ad1d4a09a47b2770be8feffed6cf0b8da2305b0472515ebbb08ebda65d608e79_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f00d96629947fa7b290d75ed751bc3e6a514cee8545307f1685d05662b3257cb_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:2325f237ab329cb3f1d3db4da40ed19f68d6daa2a5902c71be3f0d3cfcadd503_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:bf39728adabe9f4c9b50eed0af81d3524ed655718a0e3f86fa1f77aa6ccdb4d2_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c571ca5630d65b34f08776d61f6be269a5e819dd870a99530993adc50c19e43e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:ecd314ed5a994812d976dbccf0d3c4db54fadf5c1cba46d1fa0b2f0a1fd0e921_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:60f49f5b8bf2a681ee8fc8b5cd1351f70c1fe9a0052b4ec4806f6f5e996c14ad_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9ed8cbcf7d72efc99c619dbebb4f0dc548ac574d76f321efd5bc077ab35051c7_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:e856a58e6720d1fb05988d53f5b5868f10407551f8dfffd8b27e30d683b79920_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:edb5ff30f3984733c7c778e06a05fedf562790e9b2baf7f91f23b84e3db1228f_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:224d90fd4efbf139fa0a8f37705af8556c89128d9fe9911de8a421877e920746_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:91606367539bd6d36ad256a49a14f94eb534de2ad28e894d18288d97612fda7c_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d287d7b9594acfc6c2a49e9734c4699a7f641a24c136af2a984ce91ea2c3bdb1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:fe7eac5ba8577d0f36408c3f8be773c4e95ef57ded868a47cf80f669c51dca98_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:064b805df36b0ce427e9aa04177bce9334b1f691f2d3f15e469b9b969ce34bd4_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:3a2e53f6ac97df7e08ea40464916bbb50edb2bbfd5623b1037a04a8cd7f80ee6_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:d19e8224bbbc5b8a5c4c4ce7e3f7406d93c7e8de87de638f20cd806bcb8049c0_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:f31fe74f9dfb4a181358d4513573690c60fee2b3658472269239189374636a11_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-47907"
},
{
"category": "external",
"summary": "RHBZ#2387083",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2387083"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-47907",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47907"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-47907",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47907"
},
{
"category": "external",
"summary": "https://go.dev/cl/693735",
"url": "https://go.dev/cl/693735"
},
{
"category": "external",
"summary": "https://go.dev/issue/74831",
"url": "https://go.dev/issue/74831"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/x5MKroML2yM",
"url": "https://groups.google.com/g/golang-announce/c/x5MKroML2yM"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3849",
"url": "https://pkg.go.dev/vuln/GO-2025-3849"
}
],
"release_date": "2025-08-07T15:25:30.704000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T12:56:05+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:1dc2620596822eb28fb997bc51ad2ecb352011e63f4c54fb650bc3e4c8009c4e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:25ba51881b0dbabd2911ec309a1aa881cfb8075605a6d50dac63751482a55d62_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b219c4478e43d68d1a3f2bb9aa0ec16cd30d11587d48ab5952ac09b03771c396_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:eca201d07c2a36e80e38d331ac5daf176ae85b6f36884bb6cb22df27dc14eb63_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2737"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:1dc2620596822eb28fb997bc51ad2ecb352011e63f4c54fb650bc3e4c8009c4e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:25ba51881b0dbabd2911ec309a1aa881cfb8075605a6d50dac63751482a55d62_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b219c4478e43d68d1a3f2bb9aa0ec16cd30d11587d48ab5952ac09b03771c396_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:eca201d07c2a36e80e38d331ac5daf176ae85b6f36884bb6cb22df27dc14eb63_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5eb26c2ee619ea24d5fa836b1d34e18fcaf83ce5202f9cb5e57adc4c1860cedb_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:72e2a67c8f707d8c4c0657b2d69e47e3d426db857e8270330fcff59f7145f362_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:ad1d4a09a47b2770be8feffed6cf0b8da2305b0472515ebbb08ebda65d608e79_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f00d96629947fa7b290d75ed751bc3e6a514cee8545307f1685d05662b3257cb_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:2325f237ab329cb3f1d3db4da40ed19f68d6daa2a5902c71be3f0d3cfcadd503_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:bf39728adabe9f4c9b50eed0af81d3524ed655718a0e3f86fa1f77aa6ccdb4d2_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c571ca5630d65b34f08776d61f6be269a5e819dd870a99530993adc50c19e43e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:ecd314ed5a994812d976dbccf0d3c4db54fadf5c1cba46d1fa0b2f0a1fd0e921_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:60f49f5b8bf2a681ee8fc8b5cd1351f70c1fe9a0052b4ec4806f6f5e996c14ad_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9ed8cbcf7d72efc99c619dbebb4f0dc548ac574d76f321efd5bc077ab35051c7_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:e856a58e6720d1fb05988d53f5b5868f10407551f8dfffd8b27e30d683b79920_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:edb5ff30f3984733c7c778e06a05fedf562790e9b2baf7f91f23b84e3db1228f_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:224d90fd4efbf139fa0a8f37705af8556c89128d9fe9911de8a421877e920746_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:91606367539bd6d36ad256a49a14f94eb534de2ad28e894d18288d97612fda7c_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d287d7b9594acfc6c2a49e9734c4699a7f641a24c136af2a984ce91ea2c3bdb1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:fe7eac5ba8577d0f36408c3f8be773c4e95ef57ded868a47cf80f669c51dca98_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:064b805df36b0ce427e9aa04177bce9334b1f691f2d3f15e469b9b969ce34bd4_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:3a2e53f6ac97df7e08ea40464916bbb50edb2bbfd5623b1037a04a8cd7f80ee6_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:d19e8224bbbc5b8a5c4c4ce7e3f7406d93c7e8de87de638f20cd806bcb8049c0_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:f31fe74f9dfb4a181358d4513573690c60fee2b3658472269239189374636a11_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "database/sql: Postgres Scan Race Condition"
},
{
"cve": "CVE-2025-47913",
"discovery_date": "2025-11-13T22:01:26.092452+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5eb26c2ee619ea24d5fa836b1d34e18fcaf83ce5202f9cb5e57adc4c1860cedb_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:72e2a67c8f707d8c4c0657b2d69e47e3d426db857e8270330fcff59f7145f362_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:ad1d4a09a47b2770be8feffed6cf0b8da2305b0472515ebbb08ebda65d608e79_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f00d96629947fa7b290d75ed751bc3e6a514cee8545307f1685d05662b3257cb_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:2325f237ab329cb3f1d3db4da40ed19f68d6daa2a5902c71be3f0d3cfcadd503_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:bf39728adabe9f4c9b50eed0af81d3524ed655718a0e3f86fa1f77aa6ccdb4d2_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c571ca5630d65b34f08776d61f6be269a5e819dd870a99530993adc50c19e43e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:ecd314ed5a994812d976dbccf0d3c4db54fadf5c1cba46d1fa0b2f0a1fd0e921_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:60f49f5b8bf2a681ee8fc8b5cd1351f70c1fe9a0052b4ec4806f6f5e996c14ad_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9ed8cbcf7d72efc99c619dbebb4f0dc548ac574d76f321efd5bc077ab35051c7_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:e856a58e6720d1fb05988d53f5b5868f10407551f8dfffd8b27e30d683b79920_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:edb5ff30f3984733c7c778e06a05fedf562790e9b2baf7f91f23b84e3db1228f_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:224d90fd4efbf139fa0a8f37705af8556c89128d9fe9911de8a421877e920746_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:91606367539bd6d36ad256a49a14f94eb534de2ad28e894d18288d97612fda7c_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d287d7b9594acfc6c2a49e9734c4699a7f641a24c136af2a984ce91ea2c3bdb1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:fe7eac5ba8577d0f36408c3f8be773c4e95ef57ded868a47cf80f669c51dca98_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:064b805df36b0ce427e9aa04177bce9334b1f691f2d3f15e469b9b969ce34bd4_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:3a2e53f6ac97df7e08ea40464916bbb50edb2bbfd5623b1037a04a8cd7f80ee6_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:d19e8224bbbc5b8a5c4c4ce7e3f7406d93c7e8de87de638f20cd806bcb8049c0_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:f31fe74f9dfb4a181358d4513573690c60fee2b3658472269239189374636a11_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2414943"
}
],
"notes": [
{
"category": "description",
"text": "A flaw in golang.org/x/crypto/ssh/agent causes the SSH agent client to panic when a peer responds with the generic SSH_AGENT_SUCCESS (0x06) message to requests expecting typed replies (e.g., List, Sign). The unmarshal layer produces an unexpected message type, which the client code does not handle, leading to panic(\"unreachable\") or a nil-pointer dereference. A malicious agent or forwarded connection can exploit this to terminate the client process.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability was marked as Important because it allows any malicious or misbehaving SSH agent to force a crash in the client process using a single valid protocol byte. The panic occurs before the client has a chance to validate message structure or recover, which means an attacker controlling\u2014or intercepting\u2014SSH agent traffic can reliably terminate processes that rely on agent interactions. In environments where SSH agents operate over forwarded sockets, shared workspaces, or CI/CD runners, this turns into a reliable, unauthenticated remote denial of service against critical automation or developer tooling. The flaw also stems from unsafe assumptions in the unmarshalling logic, where unexpected but protocol-legal message types drop into \u201cunreachable\u201d code paths instead of being handled gracefully\u2014making it a design-level reliability break rather than a simple error-handling bug. For this reason, it is rated as an important availability-impacting vulnerability rather than a moderate issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:1dc2620596822eb28fb997bc51ad2ecb352011e63f4c54fb650bc3e4c8009c4e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:25ba51881b0dbabd2911ec309a1aa881cfb8075605a6d50dac63751482a55d62_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b219c4478e43d68d1a3f2bb9aa0ec16cd30d11587d48ab5952ac09b03771c396_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:eca201d07c2a36e80e38d331ac5daf176ae85b6f36884bb6cb22df27dc14eb63_ppc64le"
],
"known_not_affected": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5eb26c2ee619ea24d5fa836b1d34e18fcaf83ce5202f9cb5e57adc4c1860cedb_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:72e2a67c8f707d8c4c0657b2d69e47e3d426db857e8270330fcff59f7145f362_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:ad1d4a09a47b2770be8feffed6cf0b8da2305b0472515ebbb08ebda65d608e79_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f00d96629947fa7b290d75ed751bc3e6a514cee8545307f1685d05662b3257cb_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:2325f237ab329cb3f1d3db4da40ed19f68d6daa2a5902c71be3f0d3cfcadd503_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:bf39728adabe9f4c9b50eed0af81d3524ed655718a0e3f86fa1f77aa6ccdb4d2_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c571ca5630d65b34f08776d61f6be269a5e819dd870a99530993adc50c19e43e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:ecd314ed5a994812d976dbccf0d3c4db54fadf5c1cba46d1fa0b2f0a1fd0e921_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:60f49f5b8bf2a681ee8fc8b5cd1351f70c1fe9a0052b4ec4806f6f5e996c14ad_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9ed8cbcf7d72efc99c619dbebb4f0dc548ac574d76f321efd5bc077ab35051c7_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:e856a58e6720d1fb05988d53f5b5868f10407551f8dfffd8b27e30d683b79920_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:edb5ff30f3984733c7c778e06a05fedf562790e9b2baf7f91f23b84e3db1228f_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:224d90fd4efbf139fa0a8f37705af8556c89128d9fe9911de8a421877e920746_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:91606367539bd6d36ad256a49a14f94eb534de2ad28e894d18288d97612fda7c_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d287d7b9594acfc6c2a49e9734c4699a7f641a24c136af2a984ce91ea2c3bdb1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:fe7eac5ba8577d0f36408c3f8be773c4e95ef57ded868a47cf80f669c51dca98_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:064b805df36b0ce427e9aa04177bce9334b1f691f2d3f15e469b9b969ce34bd4_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:3a2e53f6ac97df7e08ea40464916bbb50edb2bbfd5623b1037a04a8cd7f80ee6_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:d19e8224bbbc5b8a5c4c4ce7e3f7406d93c7e8de87de638f20cd806bcb8049c0_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:f31fe74f9dfb4a181358d4513573690c60fee2b3658472269239189374636a11_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-47913"
},
{
"category": "external",
"summary": "RHBZ#2414943",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414943"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-47913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47913"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-hcg3-q754-cr77",
"url": "https://github.com/advisories/GHSA-hcg3-q754-cr77"
},
{
"category": "external",
"summary": "https://go.dev/cl/700295",
"url": "https://go.dev/cl/700295"
},
{
"category": "external",
"summary": "https://go.dev/issue/75178",
"url": "https://go.dev/issue/75178"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4116",
"url": "https://pkg.go.dev/vuln/GO-2025-4116"
}
],
"release_date": "2025-11-13T21:29:39.907000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T12:56:05+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:1dc2620596822eb28fb997bc51ad2ecb352011e63f4c54fb650bc3e4c8009c4e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:25ba51881b0dbabd2911ec309a1aa881cfb8075605a6d50dac63751482a55d62_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b219c4478e43d68d1a3f2bb9aa0ec16cd30d11587d48ab5952ac09b03771c396_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:eca201d07c2a36e80e38d331ac5daf176ae85b6f36884bb6cb22df27dc14eb63_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2737"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:1dc2620596822eb28fb997bc51ad2ecb352011e63f4c54fb650bc3e4c8009c4e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:25ba51881b0dbabd2911ec309a1aa881cfb8075605a6d50dac63751482a55d62_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b219c4478e43d68d1a3f2bb9aa0ec16cd30d11587d48ab5952ac09b03771c396_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:eca201d07c2a36e80e38d331ac5daf176ae85b6f36884bb6cb22df27dc14eb63_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5eb26c2ee619ea24d5fa836b1d34e18fcaf83ce5202f9cb5e57adc4c1860cedb_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:72e2a67c8f707d8c4c0657b2d69e47e3d426db857e8270330fcff59f7145f362_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:ad1d4a09a47b2770be8feffed6cf0b8da2305b0472515ebbb08ebda65d608e79_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f00d96629947fa7b290d75ed751bc3e6a514cee8545307f1685d05662b3257cb_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:2325f237ab329cb3f1d3db4da40ed19f68d6daa2a5902c71be3f0d3cfcadd503_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:bf39728adabe9f4c9b50eed0af81d3524ed655718a0e3f86fa1f77aa6ccdb4d2_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c571ca5630d65b34f08776d61f6be269a5e819dd870a99530993adc50c19e43e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:ecd314ed5a994812d976dbccf0d3c4db54fadf5c1cba46d1fa0b2f0a1fd0e921_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:60f49f5b8bf2a681ee8fc8b5cd1351f70c1fe9a0052b4ec4806f6f5e996c14ad_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9ed8cbcf7d72efc99c619dbebb4f0dc548ac574d76f321efd5bc077ab35051c7_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:e856a58e6720d1fb05988d53f5b5868f10407551f8dfffd8b27e30d683b79920_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:edb5ff30f3984733c7c778e06a05fedf562790e9b2baf7f91f23b84e3db1228f_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:224d90fd4efbf139fa0a8f37705af8556c89128d9fe9911de8a421877e920746_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:91606367539bd6d36ad256a49a14f94eb534de2ad28e894d18288d97612fda7c_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d287d7b9594acfc6c2a49e9734c4699a7f641a24c136af2a984ce91ea2c3bdb1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:fe7eac5ba8577d0f36408c3f8be773c4e95ef57ded868a47cf80f669c51dca98_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:064b805df36b0ce427e9aa04177bce9334b1f691f2d3f15e469b9b969ce34bd4_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:3a2e53f6ac97df7e08ea40464916bbb50edb2bbfd5623b1037a04a8cd7f80ee6_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:d19e8224bbbc5b8a5c4c4ce7e3f7406d93c7e8de87de638f20cd806bcb8049c0_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:f31fe74f9dfb4a181358d4513573690c60fee2b3658472269239189374636a11_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:1dc2620596822eb28fb997bc51ad2ecb352011e63f4c54fb650bc3e4c8009c4e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:25ba51881b0dbabd2911ec309a1aa881cfb8075605a6d50dac63751482a55d62_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b219c4478e43d68d1a3f2bb9aa0ec16cd30d11587d48ab5952ac09b03771c396_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:eca201d07c2a36e80e38d331ac5daf176ae85b6f36884bb6cb22df27dc14eb63_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5eb26c2ee619ea24d5fa836b1d34e18fcaf83ce5202f9cb5e57adc4c1860cedb_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:72e2a67c8f707d8c4c0657b2d69e47e3d426db857e8270330fcff59f7145f362_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:ad1d4a09a47b2770be8feffed6cf0b8da2305b0472515ebbb08ebda65d608e79_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f00d96629947fa7b290d75ed751bc3e6a514cee8545307f1685d05662b3257cb_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:2325f237ab329cb3f1d3db4da40ed19f68d6daa2a5902c71be3f0d3cfcadd503_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:bf39728adabe9f4c9b50eed0af81d3524ed655718a0e3f86fa1f77aa6ccdb4d2_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c571ca5630d65b34f08776d61f6be269a5e819dd870a99530993adc50c19e43e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:ecd314ed5a994812d976dbccf0d3c4db54fadf5c1cba46d1fa0b2f0a1fd0e921_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:60f49f5b8bf2a681ee8fc8b5cd1351f70c1fe9a0052b4ec4806f6f5e996c14ad_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9ed8cbcf7d72efc99c619dbebb4f0dc548ac574d76f321efd5bc077ab35051c7_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:e856a58e6720d1fb05988d53f5b5868f10407551f8dfffd8b27e30d683b79920_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:edb5ff30f3984733c7c778e06a05fedf562790e9b2baf7f91f23b84e3db1228f_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:224d90fd4efbf139fa0a8f37705af8556c89128d9fe9911de8a421877e920746_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:91606367539bd6d36ad256a49a14f94eb534de2ad28e894d18288d97612fda7c_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d287d7b9594acfc6c2a49e9734c4699a7f641a24c136af2a984ce91ea2c3bdb1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:fe7eac5ba8577d0f36408c3f8be773c4e95ef57ded868a47cf80f669c51dca98_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:064b805df36b0ce427e9aa04177bce9334b1f691f2d3f15e469b9b969ce34bd4_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:3a2e53f6ac97df7e08ea40464916bbb50edb2bbfd5623b1037a04a8cd7f80ee6_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:d19e8224bbbc5b8a5c4c4ce7e3f7406d93c7e8de87de638f20cd806bcb8049c0_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:f31fe74f9dfb4a181358d4513573690c60fee2b3658472269239189374636a11_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS"
},
{
"cve": "CVE-2025-58183",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-10-29T23:01:50.573951+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5eb26c2ee619ea24d5fa836b1d34e18fcaf83ce5202f9cb5e57adc4c1860cedb_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:72e2a67c8f707d8c4c0657b2d69e47e3d426db857e8270330fcff59f7145f362_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:ad1d4a09a47b2770be8feffed6cf0b8da2305b0472515ebbb08ebda65d608e79_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f00d96629947fa7b290d75ed751bc3e6a514cee8545307f1685d05662b3257cb_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:2325f237ab329cb3f1d3db4da40ed19f68d6daa2a5902c71be3f0d3cfcadd503_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:bf39728adabe9f4c9b50eed0af81d3524ed655718a0e3f86fa1f77aa6ccdb4d2_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c571ca5630d65b34f08776d61f6be269a5e819dd870a99530993adc50c19e43e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:ecd314ed5a994812d976dbccf0d3c4db54fadf5c1cba46d1fa0b2f0a1fd0e921_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:60f49f5b8bf2a681ee8fc8b5cd1351f70c1fe9a0052b4ec4806f6f5e996c14ad_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9ed8cbcf7d72efc99c619dbebb4f0dc548ac574d76f321efd5bc077ab35051c7_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:e856a58e6720d1fb05988d53f5b5868f10407551f8dfffd8b27e30d683b79920_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:edb5ff30f3984733c7c778e06a05fedf562790e9b2baf7f91f23b84e3db1228f_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:224d90fd4efbf139fa0a8f37705af8556c89128d9fe9911de8a421877e920746_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:91606367539bd6d36ad256a49a14f94eb534de2ad28e894d18288d97612fda7c_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d287d7b9594acfc6c2a49e9734c4699a7f641a24c136af2a984ce91ea2c3bdb1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:fe7eac5ba8577d0f36408c3f8be773c4e95ef57ded868a47cf80f669c51dca98_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:064b805df36b0ce427e9aa04177bce9334b1f691f2d3f15e469b9b969ce34bd4_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:3a2e53f6ac97df7e08ea40464916bbb50edb2bbfd5623b1037a04a8cd7f80ee6_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:d19e8224bbbc5b8a5c4c4ce7e3f7406d93c7e8de87de638f20cd806bcb8049c0_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:f31fe74f9dfb4a181358d4513573690c60fee2b3658472269239189374636a11_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2407258"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the archive/tar package in the Go standard library. tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A specially crafted tar archive with a pax header indicating a big number of sparse regions can cause a Go program to try to allocate a large amount of memory, causing an out-of-memory condition and resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: archive/tar: Unbounded allocation when parsing GNU sparse map",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, an attacker needs to be able to process a specially crafted GNU tar pax 1.0 archive with the application using the archive/tar package. Additionally, this issue can cause the Go application to allocate a large amount of memory, eventually leading to an out-of-memory condition and resulting in a denial of service with no other security impact. Due to these reasons, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:1dc2620596822eb28fb997bc51ad2ecb352011e63f4c54fb650bc3e4c8009c4e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:25ba51881b0dbabd2911ec309a1aa881cfb8075605a6d50dac63751482a55d62_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b219c4478e43d68d1a3f2bb9aa0ec16cd30d11587d48ab5952ac09b03771c396_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:eca201d07c2a36e80e38d331ac5daf176ae85b6f36884bb6cb22df27dc14eb63_ppc64le"
],
"known_not_affected": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5eb26c2ee619ea24d5fa836b1d34e18fcaf83ce5202f9cb5e57adc4c1860cedb_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:72e2a67c8f707d8c4c0657b2d69e47e3d426db857e8270330fcff59f7145f362_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:ad1d4a09a47b2770be8feffed6cf0b8da2305b0472515ebbb08ebda65d608e79_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f00d96629947fa7b290d75ed751bc3e6a514cee8545307f1685d05662b3257cb_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:2325f237ab329cb3f1d3db4da40ed19f68d6daa2a5902c71be3f0d3cfcadd503_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:bf39728adabe9f4c9b50eed0af81d3524ed655718a0e3f86fa1f77aa6ccdb4d2_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c571ca5630d65b34f08776d61f6be269a5e819dd870a99530993adc50c19e43e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:ecd314ed5a994812d976dbccf0d3c4db54fadf5c1cba46d1fa0b2f0a1fd0e921_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:60f49f5b8bf2a681ee8fc8b5cd1351f70c1fe9a0052b4ec4806f6f5e996c14ad_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9ed8cbcf7d72efc99c619dbebb4f0dc548ac574d76f321efd5bc077ab35051c7_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:e856a58e6720d1fb05988d53f5b5868f10407551f8dfffd8b27e30d683b79920_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:edb5ff30f3984733c7c778e06a05fedf562790e9b2baf7f91f23b84e3db1228f_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:224d90fd4efbf139fa0a8f37705af8556c89128d9fe9911de8a421877e920746_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:91606367539bd6d36ad256a49a14f94eb534de2ad28e894d18288d97612fda7c_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d287d7b9594acfc6c2a49e9734c4699a7f641a24c136af2a984ce91ea2c3bdb1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:fe7eac5ba8577d0f36408c3f8be773c4e95ef57ded868a47cf80f669c51dca98_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:064b805df36b0ce427e9aa04177bce9334b1f691f2d3f15e469b9b969ce34bd4_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:3a2e53f6ac97df7e08ea40464916bbb50edb2bbfd5623b1037a04a8cd7f80ee6_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:d19e8224bbbc5b8a5c4c4ce7e3f7406d93c7e8de87de638f20cd806bcb8049c0_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:f31fe74f9dfb4a181358d4513573690c60fee2b3658472269239189374636a11_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-58183"
},
{
"category": "external",
"summary": "RHBZ#2407258",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2407258"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-58183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58183"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"category": "external",
"summary": "https://go.dev/cl/709861",
"url": "https://go.dev/cl/709861"
},
{
"category": "external",
"summary": "https://go.dev/issue/75677",
"url": "https://go.dev/issue/75677"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI",
"url": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4014",
"url": "https://pkg.go.dev/vuln/GO-2025-4014"
}
],
"release_date": "2025-10-29T22:10:14.376000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T12:56:05+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:1dc2620596822eb28fb997bc51ad2ecb352011e63f4c54fb650bc3e4c8009c4e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:25ba51881b0dbabd2911ec309a1aa881cfb8075605a6d50dac63751482a55d62_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b219c4478e43d68d1a3f2bb9aa0ec16cd30d11587d48ab5952ac09b03771c396_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:eca201d07c2a36e80e38d331ac5daf176ae85b6f36884bb6cb22df27dc14eb63_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2737"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:1dc2620596822eb28fb997bc51ad2ecb352011e63f4c54fb650bc3e4c8009c4e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:25ba51881b0dbabd2911ec309a1aa881cfb8075605a6d50dac63751482a55d62_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b219c4478e43d68d1a3f2bb9aa0ec16cd30d11587d48ab5952ac09b03771c396_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:eca201d07c2a36e80e38d331ac5daf176ae85b6f36884bb6cb22df27dc14eb63_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5eb26c2ee619ea24d5fa836b1d34e18fcaf83ce5202f9cb5e57adc4c1860cedb_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:72e2a67c8f707d8c4c0657b2d69e47e3d426db857e8270330fcff59f7145f362_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:ad1d4a09a47b2770be8feffed6cf0b8da2305b0472515ebbb08ebda65d608e79_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f00d96629947fa7b290d75ed751bc3e6a514cee8545307f1685d05662b3257cb_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:2325f237ab329cb3f1d3db4da40ed19f68d6daa2a5902c71be3f0d3cfcadd503_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:bf39728adabe9f4c9b50eed0af81d3524ed655718a0e3f86fa1f77aa6ccdb4d2_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c571ca5630d65b34f08776d61f6be269a5e819dd870a99530993adc50c19e43e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:ecd314ed5a994812d976dbccf0d3c4db54fadf5c1cba46d1fa0b2f0a1fd0e921_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:60f49f5b8bf2a681ee8fc8b5cd1351f70c1fe9a0052b4ec4806f6f5e996c14ad_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9ed8cbcf7d72efc99c619dbebb4f0dc548ac574d76f321efd5bc077ab35051c7_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:e856a58e6720d1fb05988d53f5b5868f10407551f8dfffd8b27e30d683b79920_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:edb5ff30f3984733c7c778e06a05fedf562790e9b2baf7f91f23b84e3db1228f_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:224d90fd4efbf139fa0a8f37705af8556c89128d9fe9911de8a421877e920746_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:91606367539bd6d36ad256a49a14f94eb534de2ad28e894d18288d97612fda7c_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d287d7b9594acfc6c2a49e9734c4699a7f641a24c136af2a984ce91ea2c3bdb1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:fe7eac5ba8577d0f36408c3f8be773c4e95ef57ded868a47cf80f669c51dca98_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:064b805df36b0ce427e9aa04177bce9334b1f691f2d3f15e469b9b969ce34bd4_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:3a2e53f6ac97df7e08ea40464916bbb50edb2bbfd5623b1037a04a8cd7f80ee6_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:d19e8224bbbc5b8a5c4c4ce7e3f7406d93c7e8de87de638f20cd806bcb8049c0_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:f31fe74f9dfb4a181358d4513573690c60fee2b3658472269239189374636a11_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:1dc2620596822eb28fb997bc51ad2ecb352011e63f4c54fb650bc3e4c8009c4e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:25ba51881b0dbabd2911ec309a1aa881cfb8075605a6d50dac63751482a55d62_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b219c4478e43d68d1a3f2bb9aa0ec16cd30d11587d48ab5952ac09b03771c396_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:eca201d07c2a36e80e38d331ac5daf176ae85b6f36884bb6cb22df27dc14eb63_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5eb26c2ee619ea24d5fa836b1d34e18fcaf83ce5202f9cb5e57adc4c1860cedb_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:72e2a67c8f707d8c4c0657b2d69e47e3d426db857e8270330fcff59f7145f362_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:ad1d4a09a47b2770be8feffed6cf0b8da2305b0472515ebbb08ebda65d608e79_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f00d96629947fa7b290d75ed751bc3e6a514cee8545307f1685d05662b3257cb_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:2325f237ab329cb3f1d3db4da40ed19f68d6daa2a5902c71be3f0d3cfcadd503_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:bf39728adabe9f4c9b50eed0af81d3524ed655718a0e3f86fa1f77aa6ccdb4d2_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c571ca5630d65b34f08776d61f6be269a5e819dd870a99530993adc50c19e43e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:ecd314ed5a994812d976dbccf0d3c4db54fadf5c1cba46d1fa0b2f0a1fd0e921_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:60f49f5b8bf2a681ee8fc8b5cd1351f70c1fe9a0052b4ec4806f6f5e996c14ad_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9ed8cbcf7d72efc99c619dbebb4f0dc548ac574d76f321efd5bc077ab35051c7_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:e856a58e6720d1fb05988d53f5b5868f10407551f8dfffd8b27e30d683b79920_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:edb5ff30f3984733c7c778e06a05fedf562790e9b2baf7f91f23b84e3db1228f_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:224d90fd4efbf139fa0a8f37705af8556c89128d9fe9911de8a421877e920746_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:91606367539bd6d36ad256a49a14f94eb534de2ad28e894d18288d97612fda7c_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d287d7b9594acfc6c2a49e9734c4699a7f641a24c136af2a984ce91ea2c3bdb1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:fe7eac5ba8577d0f36408c3f8be773c4e95ef57ded868a47cf80f669c51dca98_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:064b805df36b0ce427e9aa04177bce9334b1f691f2d3f15e469b9b969ce34bd4_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:3a2e53f6ac97df7e08ea40464916bbb50edb2bbfd5623b1037a04a8cd7f80ee6_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:d19e8224bbbc5b8a5c4c4ce7e3f7406d93c7e8de87de638f20cd806bcb8049c0_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:f31fe74f9dfb4a181358d4513573690c60fee2b3658472269239189374636a11_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: archive/tar: Unbounded allocation when parsing GNU sparse map"
},
{
"cve": "CVE-2025-66031",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2025-11-26T23:01:36.363253+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5eb26c2ee619ea24d5fa836b1d34e18fcaf83ce5202f9cb5e57adc4c1860cedb_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:72e2a67c8f707d8c4c0657b2d69e47e3d426db857e8270330fcff59f7145f362_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:ad1d4a09a47b2770be8feffed6cf0b8da2305b0472515ebbb08ebda65d608e79_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f00d96629947fa7b290d75ed751bc3e6a514cee8545307f1685d05662b3257cb_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:2325f237ab329cb3f1d3db4da40ed19f68d6daa2a5902c71be3f0d3cfcadd503_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:bf39728adabe9f4c9b50eed0af81d3524ed655718a0e3f86fa1f77aa6ccdb4d2_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c571ca5630d65b34f08776d61f6be269a5e819dd870a99530993adc50c19e43e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:ecd314ed5a994812d976dbccf0d3c4db54fadf5c1cba46d1fa0b2f0a1fd0e921_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:60f49f5b8bf2a681ee8fc8b5cd1351f70c1fe9a0052b4ec4806f6f5e996c14ad_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9ed8cbcf7d72efc99c619dbebb4f0dc548ac574d76f321efd5bc077ab35051c7_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:e856a58e6720d1fb05988d53f5b5868f10407551f8dfffd8b27e30d683b79920_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:edb5ff30f3984733c7c778e06a05fedf562790e9b2baf7f91f23b84e3db1228f_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:224d90fd4efbf139fa0a8f37705af8556c89128d9fe9911de8a421877e920746_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:91606367539bd6d36ad256a49a14f94eb534de2ad28e894d18288d97612fda7c_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d287d7b9594acfc6c2a49e9734c4699a7f641a24c136af2a984ce91ea2c3bdb1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:fe7eac5ba8577d0f36408c3f8be773c4e95ef57ded868a47cf80f669c51dca98_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:064b805df36b0ce427e9aa04177bce9334b1f691f2d3f15e469b9b969ce34bd4_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:3a2e53f6ac97df7e08ea40464916bbb50edb2bbfd5623b1037a04a8cd7f80ee6_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:d19e8224bbbc5b8a5c4c4ce7e3f7406d93c7e8de87de638f20cd806bcb8049c0_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:f31fe74f9dfb4a181358d4513573690c60fee2b3658472269239189374636a11_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2417397"
}
],
"notes": [
{
"category": "description",
"text": "An ASN.1 Denial of Service (Dos) vulnerability exists in the node-forge asn1.fromDer function within forge/lib/asn1.js. The ASN.1 DER parser implementation (_fromDer) recurses for every constructed ASN.1 value (SEQUENCE, SET, etc.) and lacks a guard limiting recursion depth. An attacker can craft a small DER blob containing a very large nesting depth of constructed TLVs which causes the Node.js V8 engine to exhaust its call stack and throw RangeError: Maximum call stack size exceeded, crashing or incapacitating the process handling the parse. This is a remote, low-cost Denial-of-Service against applications that parse untrusted ASN.1 objects.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: node-forge ASN.1 Unbounded Recursion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:1dc2620596822eb28fb997bc51ad2ecb352011e63f4c54fb650bc3e4c8009c4e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:25ba51881b0dbabd2911ec309a1aa881cfb8075605a6d50dac63751482a55d62_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b219c4478e43d68d1a3f2bb9aa0ec16cd30d11587d48ab5952ac09b03771c396_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:eca201d07c2a36e80e38d331ac5daf176ae85b6f36884bb6cb22df27dc14eb63_ppc64le"
],
"known_not_affected": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5eb26c2ee619ea24d5fa836b1d34e18fcaf83ce5202f9cb5e57adc4c1860cedb_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:72e2a67c8f707d8c4c0657b2d69e47e3d426db857e8270330fcff59f7145f362_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:ad1d4a09a47b2770be8feffed6cf0b8da2305b0472515ebbb08ebda65d608e79_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f00d96629947fa7b290d75ed751bc3e6a514cee8545307f1685d05662b3257cb_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:2325f237ab329cb3f1d3db4da40ed19f68d6daa2a5902c71be3f0d3cfcadd503_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:bf39728adabe9f4c9b50eed0af81d3524ed655718a0e3f86fa1f77aa6ccdb4d2_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c571ca5630d65b34f08776d61f6be269a5e819dd870a99530993adc50c19e43e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:ecd314ed5a994812d976dbccf0d3c4db54fadf5c1cba46d1fa0b2f0a1fd0e921_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:60f49f5b8bf2a681ee8fc8b5cd1351f70c1fe9a0052b4ec4806f6f5e996c14ad_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9ed8cbcf7d72efc99c619dbebb4f0dc548ac574d76f321efd5bc077ab35051c7_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:e856a58e6720d1fb05988d53f5b5868f10407551f8dfffd8b27e30d683b79920_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:edb5ff30f3984733c7c778e06a05fedf562790e9b2baf7f91f23b84e3db1228f_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:224d90fd4efbf139fa0a8f37705af8556c89128d9fe9911de8a421877e920746_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:91606367539bd6d36ad256a49a14f94eb534de2ad28e894d18288d97612fda7c_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d287d7b9594acfc6c2a49e9734c4699a7f641a24c136af2a984ce91ea2c3bdb1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:fe7eac5ba8577d0f36408c3f8be773c4e95ef57ded868a47cf80f669c51dca98_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:064b805df36b0ce427e9aa04177bce9334b1f691f2d3f15e469b9b969ce34bd4_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:3a2e53f6ac97df7e08ea40464916bbb50edb2bbfd5623b1037a04a8cd7f80ee6_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:d19e8224bbbc5b8a5c4c4ce7e3f7406d93c7e8de87de638f20cd806bcb8049c0_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:f31fe74f9dfb4a181358d4513573690c60fee2b3658472269239189374636a11_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66031"
},
{
"category": "external",
"summary": "RHBZ#2417397",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417397"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66031",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66031"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66031",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66031"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/commit/260425c6167a38aae038697132483b5517b26451",
"url": "https://github.com/digitalbazaar/forge/commit/260425c6167a38aae038697132483b5517b26451"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-554w-wpv2-vw27",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-554w-wpv2-vw27"
}
],
"release_date": "2025-11-26T22:23:26.013000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T12:56:05+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:1dc2620596822eb28fb997bc51ad2ecb352011e63f4c54fb650bc3e4c8009c4e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:25ba51881b0dbabd2911ec309a1aa881cfb8075605a6d50dac63751482a55d62_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b219c4478e43d68d1a3f2bb9aa0ec16cd30d11587d48ab5952ac09b03771c396_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:eca201d07c2a36e80e38d331ac5daf176ae85b6f36884bb6cb22df27dc14eb63_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2737"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:1dc2620596822eb28fb997bc51ad2ecb352011e63f4c54fb650bc3e4c8009c4e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:25ba51881b0dbabd2911ec309a1aa881cfb8075605a6d50dac63751482a55d62_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b219c4478e43d68d1a3f2bb9aa0ec16cd30d11587d48ab5952ac09b03771c396_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:eca201d07c2a36e80e38d331ac5daf176ae85b6f36884bb6cb22df27dc14eb63_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5eb26c2ee619ea24d5fa836b1d34e18fcaf83ce5202f9cb5e57adc4c1860cedb_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:72e2a67c8f707d8c4c0657b2d69e47e3d426db857e8270330fcff59f7145f362_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:ad1d4a09a47b2770be8feffed6cf0b8da2305b0472515ebbb08ebda65d608e79_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f00d96629947fa7b290d75ed751bc3e6a514cee8545307f1685d05662b3257cb_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:2325f237ab329cb3f1d3db4da40ed19f68d6daa2a5902c71be3f0d3cfcadd503_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:bf39728adabe9f4c9b50eed0af81d3524ed655718a0e3f86fa1f77aa6ccdb4d2_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c571ca5630d65b34f08776d61f6be269a5e819dd870a99530993adc50c19e43e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:ecd314ed5a994812d976dbccf0d3c4db54fadf5c1cba46d1fa0b2f0a1fd0e921_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:60f49f5b8bf2a681ee8fc8b5cd1351f70c1fe9a0052b4ec4806f6f5e996c14ad_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9ed8cbcf7d72efc99c619dbebb4f0dc548ac574d76f321efd5bc077ab35051c7_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:e856a58e6720d1fb05988d53f5b5868f10407551f8dfffd8b27e30d683b79920_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:edb5ff30f3984733c7c778e06a05fedf562790e9b2baf7f91f23b84e3db1228f_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:224d90fd4efbf139fa0a8f37705af8556c89128d9fe9911de8a421877e920746_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:91606367539bd6d36ad256a49a14f94eb534de2ad28e894d18288d97612fda7c_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d287d7b9594acfc6c2a49e9734c4699a7f641a24c136af2a984ce91ea2c3bdb1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:fe7eac5ba8577d0f36408c3f8be773c4e95ef57ded868a47cf80f669c51dca98_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:064b805df36b0ce427e9aa04177bce9334b1f691f2d3f15e469b9b969ce34bd4_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:3a2e53f6ac97df7e08ea40464916bbb50edb2bbfd5623b1037a04a8cd7f80ee6_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:d19e8224bbbc5b8a5c4c4ce7e3f7406d93c7e8de87de638f20cd806bcb8049c0_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:f31fe74f9dfb4a181358d4513573690c60fee2b3658472269239189374636a11_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:1dc2620596822eb28fb997bc51ad2ecb352011e63f4c54fb650bc3e4c8009c4e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:25ba51881b0dbabd2911ec309a1aa881cfb8075605a6d50dac63751482a55d62_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b219c4478e43d68d1a3f2bb9aa0ec16cd30d11587d48ab5952ac09b03771c396_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:eca201d07c2a36e80e38d331ac5daf176ae85b6f36884bb6cb22df27dc14eb63_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5eb26c2ee619ea24d5fa836b1d34e18fcaf83ce5202f9cb5e57adc4c1860cedb_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:72e2a67c8f707d8c4c0657b2d69e47e3d426db857e8270330fcff59f7145f362_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:ad1d4a09a47b2770be8feffed6cf0b8da2305b0472515ebbb08ebda65d608e79_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f00d96629947fa7b290d75ed751bc3e6a514cee8545307f1685d05662b3257cb_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:2325f237ab329cb3f1d3db4da40ed19f68d6daa2a5902c71be3f0d3cfcadd503_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:bf39728adabe9f4c9b50eed0af81d3524ed655718a0e3f86fa1f77aa6ccdb4d2_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c571ca5630d65b34f08776d61f6be269a5e819dd870a99530993adc50c19e43e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:ecd314ed5a994812d976dbccf0d3c4db54fadf5c1cba46d1fa0b2f0a1fd0e921_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:60f49f5b8bf2a681ee8fc8b5cd1351f70c1fe9a0052b4ec4806f6f5e996c14ad_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9ed8cbcf7d72efc99c619dbebb4f0dc548ac574d76f321efd5bc077ab35051c7_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:e856a58e6720d1fb05988d53f5b5868f10407551f8dfffd8b27e30d683b79920_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:edb5ff30f3984733c7c778e06a05fedf562790e9b2baf7f91f23b84e3db1228f_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:224d90fd4efbf139fa0a8f37705af8556c89128d9fe9911de8a421877e920746_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:91606367539bd6d36ad256a49a14f94eb534de2ad28e894d18288d97612fda7c_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d287d7b9594acfc6c2a49e9734c4699a7f641a24c136af2a984ce91ea2c3bdb1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:fe7eac5ba8577d0f36408c3f8be773c4e95ef57ded868a47cf80f669c51dca98_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:064b805df36b0ce427e9aa04177bce9334b1f691f2d3f15e469b9b969ce34bd4_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:3a2e53f6ac97df7e08ea40464916bbb50edb2bbfd5623b1037a04a8cd7f80ee6_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:d19e8224bbbc5b8a5c4c4ce7e3f7406d93c7e8de87de638f20cd806bcb8049c0_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:f31fe74f9dfb4a181358d4513573690c60fee2b3658472269239189374636a11_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "node-forge: node-forge ASN.1 Unbounded Recursion"
},
{
"cve": "CVE-2025-66418",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-12-05T17:01:20.277857+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:1dc2620596822eb28fb997bc51ad2ecb352011e63f4c54fb650bc3e4c8009c4e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:25ba51881b0dbabd2911ec309a1aa881cfb8075605a6d50dac63751482a55d62_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b219c4478e43d68d1a3f2bb9aa0ec16cd30d11587d48ab5952ac09b03771c396_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:eca201d07c2a36e80e38d331ac5daf176ae85b6f36884bb6cb22df27dc14eb63_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5eb26c2ee619ea24d5fa836b1d34e18fcaf83ce5202f9cb5e57adc4c1860cedb_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:72e2a67c8f707d8c4c0657b2d69e47e3d426db857e8270330fcff59f7145f362_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:ad1d4a09a47b2770be8feffed6cf0b8da2305b0472515ebbb08ebda65d608e79_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f00d96629947fa7b290d75ed751bc3e6a514cee8545307f1685d05662b3257cb_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:60f49f5b8bf2a681ee8fc8b5cd1351f70c1fe9a0052b4ec4806f6f5e996c14ad_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9ed8cbcf7d72efc99c619dbebb4f0dc548ac574d76f321efd5bc077ab35051c7_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:e856a58e6720d1fb05988d53f5b5868f10407551f8dfffd8b27e30d683b79920_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:edb5ff30f3984733c7c778e06a05fedf562790e9b2baf7f91f23b84e3db1228f_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:224d90fd4efbf139fa0a8f37705af8556c89128d9fe9911de8a421877e920746_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:91606367539bd6d36ad256a49a14f94eb534de2ad28e894d18288d97612fda7c_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d287d7b9594acfc6c2a49e9734c4699a7f641a24c136af2a984ce91ea2c3bdb1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:fe7eac5ba8577d0f36408c3f8be773c4e95ef57ded868a47cf80f669c51dca98_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:064b805df36b0ce427e9aa04177bce9334b1f691f2d3f15e469b9b969ce34bd4_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:3a2e53f6ac97df7e08ea40464916bbb50edb2bbfd5623b1037a04a8cd7f80ee6_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:d19e8224bbbc5b8a5c4c4ce7e3f7406d93c7e8de87de638f20cd806bcb8049c0_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:f31fe74f9dfb4a181358d4513573690c60fee2b3658472269239189374636a11_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419455"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in urllib3 Python library that could lead to a Denial of Service condition. A remote, malicious server can exploit this flaw by responding to a client request with an HTTP message that uses an excessive number of chained compression algorithms. This unlimited decompression chain causes the client system to consume a virtually unbounded amount of CPU resources and memory. The high resource usage leads to service disruption, making the application unresponsive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:2325f237ab329cb3f1d3db4da40ed19f68d6daa2a5902c71be3f0d3cfcadd503_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:bf39728adabe9f4c9b50eed0af81d3524ed655718a0e3f86fa1f77aa6ccdb4d2_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c571ca5630d65b34f08776d61f6be269a5e819dd870a99530993adc50c19e43e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:ecd314ed5a994812d976dbccf0d3c4db54fadf5c1cba46d1fa0b2f0a1fd0e921_ppc64le"
],
"known_not_affected": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:1dc2620596822eb28fb997bc51ad2ecb352011e63f4c54fb650bc3e4c8009c4e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:25ba51881b0dbabd2911ec309a1aa881cfb8075605a6d50dac63751482a55d62_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b219c4478e43d68d1a3f2bb9aa0ec16cd30d11587d48ab5952ac09b03771c396_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:eca201d07c2a36e80e38d331ac5daf176ae85b6f36884bb6cb22df27dc14eb63_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5eb26c2ee619ea24d5fa836b1d34e18fcaf83ce5202f9cb5e57adc4c1860cedb_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:72e2a67c8f707d8c4c0657b2d69e47e3d426db857e8270330fcff59f7145f362_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:ad1d4a09a47b2770be8feffed6cf0b8da2305b0472515ebbb08ebda65d608e79_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f00d96629947fa7b290d75ed751bc3e6a514cee8545307f1685d05662b3257cb_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:60f49f5b8bf2a681ee8fc8b5cd1351f70c1fe9a0052b4ec4806f6f5e996c14ad_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9ed8cbcf7d72efc99c619dbebb4f0dc548ac574d76f321efd5bc077ab35051c7_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:e856a58e6720d1fb05988d53f5b5868f10407551f8dfffd8b27e30d683b79920_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:edb5ff30f3984733c7c778e06a05fedf562790e9b2baf7f91f23b84e3db1228f_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:224d90fd4efbf139fa0a8f37705af8556c89128d9fe9911de8a421877e920746_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:91606367539bd6d36ad256a49a14f94eb534de2ad28e894d18288d97612fda7c_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d287d7b9594acfc6c2a49e9734c4699a7f641a24c136af2a984ce91ea2c3bdb1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:fe7eac5ba8577d0f36408c3f8be773c4e95ef57ded868a47cf80f669c51dca98_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:064b805df36b0ce427e9aa04177bce9334b1f691f2d3f15e469b9b969ce34bd4_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:3a2e53f6ac97df7e08ea40464916bbb50edb2bbfd5623b1037a04a8cd7f80ee6_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:d19e8224bbbc5b8a5c4c4ce7e3f7406d93c7e8de87de638f20cd806bcb8049c0_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:f31fe74f9dfb4a181358d4513573690c60fee2b3658472269239189374636a11_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66418"
},
{
"category": "external",
"summary": "RHBZ#2419455",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419455"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66418"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66418",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66418"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/24d7b67eac89f94e11003424bcf0d8f7b72222a8",
"url": "https://github.com/urllib3/urllib3/commit/24d7b67eac89f94e11003424bcf0d8f7b72222a8"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53"
}
],
"release_date": "2025-12-05T16:02:15.271000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T12:56:05+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:2325f237ab329cb3f1d3db4da40ed19f68d6daa2a5902c71be3f0d3cfcadd503_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:bf39728adabe9f4c9b50eed0af81d3524ed655718a0e3f86fa1f77aa6ccdb4d2_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c571ca5630d65b34f08776d61f6be269a5e819dd870a99530993adc50c19e43e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:ecd314ed5a994812d976dbccf0d3c4db54fadf5c1cba46d1fa0b2f0a1fd0e921_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2737"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:1dc2620596822eb28fb997bc51ad2ecb352011e63f4c54fb650bc3e4c8009c4e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:25ba51881b0dbabd2911ec309a1aa881cfb8075605a6d50dac63751482a55d62_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b219c4478e43d68d1a3f2bb9aa0ec16cd30d11587d48ab5952ac09b03771c396_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:eca201d07c2a36e80e38d331ac5daf176ae85b6f36884bb6cb22df27dc14eb63_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5eb26c2ee619ea24d5fa836b1d34e18fcaf83ce5202f9cb5e57adc4c1860cedb_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:72e2a67c8f707d8c4c0657b2d69e47e3d426db857e8270330fcff59f7145f362_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:ad1d4a09a47b2770be8feffed6cf0b8da2305b0472515ebbb08ebda65d608e79_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f00d96629947fa7b290d75ed751bc3e6a514cee8545307f1685d05662b3257cb_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:2325f237ab329cb3f1d3db4da40ed19f68d6daa2a5902c71be3f0d3cfcadd503_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:bf39728adabe9f4c9b50eed0af81d3524ed655718a0e3f86fa1f77aa6ccdb4d2_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c571ca5630d65b34f08776d61f6be269a5e819dd870a99530993adc50c19e43e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:ecd314ed5a994812d976dbccf0d3c4db54fadf5c1cba46d1fa0b2f0a1fd0e921_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:60f49f5b8bf2a681ee8fc8b5cd1351f70c1fe9a0052b4ec4806f6f5e996c14ad_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9ed8cbcf7d72efc99c619dbebb4f0dc548ac574d76f321efd5bc077ab35051c7_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:e856a58e6720d1fb05988d53f5b5868f10407551f8dfffd8b27e30d683b79920_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:edb5ff30f3984733c7c778e06a05fedf562790e9b2baf7f91f23b84e3db1228f_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:224d90fd4efbf139fa0a8f37705af8556c89128d9fe9911de8a421877e920746_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:91606367539bd6d36ad256a49a14f94eb534de2ad28e894d18288d97612fda7c_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d287d7b9594acfc6c2a49e9734c4699a7f641a24c136af2a984ce91ea2c3bdb1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:fe7eac5ba8577d0f36408c3f8be773c4e95ef57ded868a47cf80f669c51dca98_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:064b805df36b0ce427e9aa04177bce9334b1f691f2d3f15e469b9b969ce34bd4_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:3a2e53f6ac97df7e08ea40464916bbb50edb2bbfd5623b1037a04a8cd7f80ee6_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:d19e8224bbbc5b8a5c4c4ce7e3f7406d93c7e8de87de638f20cd806bcb8049c0_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:f31fe74f9dfb4a181358d4513573690c60fee2b3658472269239189374636a11_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion"
},
{
"cve": "CVE-2025-66471",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2025-12-05T17:02:21.597728+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:1dc2620596822eb28fb997bc51ad2ecb352011e63f4c54fb650bc3e4c8009c4e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:25ba51881b0dbabd2911ec309a1aa881cfb8075605a6d50dac63751482a55d62_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b219c4478e43d68d1a3f2bb9aa0ec16cd30d11587d48ab5952ac09b03771c396_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:eca201d07c2a36e80e38d331ac5daf176ae85b6f36884bb6cb22df27dc14eb63_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5eb26c2ee619ea24d5fa836b1d34e18fcaf83ce5202f9cb5e57adc4c1860cedb_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:72e2a67c8f707d8c4c0657b2d69e47e3d426db857e8270330fcff59f7145f362_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:ad1d4a09a47b2770be8feffed6cf0b8da2305b0472515ebbb08ebda65d608e79_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f00d96629947fa7b290d75ed751bc3e6a514cee8545307f1685d05662b3257cb_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:60f49f5b8bf2a681ee8fc8b5cd1351f70c1fe9a0052b4ec4806f6f5e996c14ad_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9ed8cbcf7d72efc99c619dbebb4f0dc548ac574d76f321efd5bc077ab35051c7_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:e856a58e6720d1fb05988d53f5b5868f10407551f8dfffd8b27e30d683b79920_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:edb5ff30f3984733c7c778e06a05fedf562790e9b2baf7f91f23b84e3db1228f_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:224d90fd4efbf139fa0a8f37705af8556c89128d9fe9911de8a421877e920746_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:91606367539bd6d36ad256a49a14f94eb534de2ad28e894d18288d97612fda7c_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d287d7b9594acfc6c2a49e9734c4699a7f641a24c136af2a984ce91ea2c3bdb1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:fe7eac5ba8577d0f36408c3f8be773c4e95ef57ded868a47cf80f669c51dca98_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:064b805df36b0ce427e9aa04177bce9334b1f691f2d3f15e469b9b969ce34bd4_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:3a2e53f6ac97df7e08ea40464916bbb50edb2bbfd5623b1037a04a8cd7f80ee6_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:d19e8224bbbc5b8a5c4c4ce7e3f7406d93c7e8de87de638f20cd806bcb8049c0_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:f31fe74f9dfb4a181358d4513573690c60fee2b3658472269239189374636a11_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419467"
}
],
"notes": [
{
"category": "description",
"text": "A decompression handling flaw has been discovered in urllib3. When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header (e.g., gzip, deflate, br, or zstd). The library must read compressed data from the network and decompress it until the requested chunk size is met. Any resulting decompressed data that exceeds the requested amount is held in an internal buffer for the next read operation. The decompression logic could cause urllib3 to fully decode a small amount of highly compressed data in a single operation. This can result in excessive resource consumption (high CPU usage and massive memory allocation for the decompressed data; CWE-409) on the client side, even if the application only requested a small chunk of data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3 Streaming API improperly handles highly compressed data",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:2325f237ab329cb3f1d3db4da40ed19f68d6daa2a5902c71be3f0d3cfcadd503_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:bf39728adabe9f4c9b50eed0af81d3524ed655718a0e3f86fa1f77aa6ccdb4d2_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c571ca5630d65b34f08776d61f6be269a5e819dd870a99530993adc50c19e43e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:ecd314ed5a994812d976dbccf0d3c4db54fadf5c1cba46d1fa0b2f0a1fd0e921_ppc64le"
],
"known_not_affected": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:1dc2620596822eb28fb997bc51ad2ecb352011e63f4c54fb650bc3e4c8009c4e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:25ba51881b0dbabd2911ec309a1aa881cfb8075605a6d50dac63751482a55d62_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b219c4478e43d68d1a3f2bb9aa0ec16cd30d11587d48ab5952ac09b03771c396_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:eca201d07c2a36e80e38d331ac5daf176ae85b6f36884bb6cb22df27dc14eb63_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5eb26c2ee619ea24d5fa836b1d34e18fcaf83ce5202f9cb5e57adc4c1860cedb_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:72e2a67c8f707d8c4c0657b2d69e47e3d426db857e8270330fcff59f7145f362_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:ad1d4a09a47b2770be8feffed6cf0b8da2305b0472515ebbb08ebda65d608e79_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f00d96629947fa7b290d75ed751bc3e6a514cee8545307f1685d05662b3257cb_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:60f49f5b8bf2a681ee8fc8b5cd1351f70c1fe9a0052b4ec4806f6f5e996c14ad_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9ed8cbcf7d72efc99c619dbebb4f0dc548ac574d76f321efd5bc077ab35051c7_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:e856a58e6720d1fb05988d53f5b5868f10407551f8dfffd8b27e30d683b79920_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:edb5ff30f3984733c7c778e06a05fedf562790e9b2baf7f91f23b84e3db1228f_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:224d90fd4efbf139fa0a8f37705af8556c89128d9fe9911de8a421877e920746_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:91606367539bd6d36ad256a49a14f94eb534de2ad28e894d18288d97612fda7c_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d287d7b9594acfc6c2a49e9734c4699a7f641a24c136af2a984ce91ea2c3bdb1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:fe7eac5ba8577d0f36408c3f8be773c4e95ef57ded868a47cf80f669c51dca98_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:064b805df36b0ce427e9aa04177bce9334b1f691f2d3f15e469b9b969ce34bd4_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:3a2e53f6ac97df7e08ea40464916bbb50edb2bbfd5623b1037a04a8cd7f80ee6_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:d19e8224bbbc5b8a5c4c4ce7e3f7406d93c7e8de87de638f20cd806bcb8049c0_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:f31fe74f9dfb4a181358d4513573690c60fee2b3658472269239189374636a11_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66471"
},
{
"category": "external",
"summary": "RHBZ#2419467",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419467"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66471",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66471"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66471",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66471"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/c19571de34c47de3a766541b041637ba5f716ed7",
"url": "https://github.com/urllib3/urllib3/commit/c19571de34c47de3a766541b041637ba5f716ed7"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37"
}
],
"release_date": "2025-12-05T16:06:08.531000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T12:56:05+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:2325f237ab329cb3f1d3db4da40ed19f68d6daa2a5902c71be3f0d3cfcadd503_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:bf39728adabe9f4c9b50eed0af81d3524ed655718a0e3f86fa1f77aa6ccdb4d2_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c571ca5630d65b34f08776d61f6be269a5e819dd870a99530993adc50c19e43e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:ecd314ed5a994812d976dbccf0d3c4db54fadf5c1cba46d1fa0b2f0a1fd0e921_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2737"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:1dc2620596822eb28fb997bc51ad2ecb352011e63f4c54fb650bc3e4c8009c4e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:25ba51881b0dbabd2911ec309a1aa881cfb8075605a6d50dac63751482a55d62_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b219c4478e43d68d1a3f2bb9aa0ec16cd30d11587d48ab5952ac09b03771c396_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:eca201d07c2a36e80e38d331ac5daf176ae85b6f36884bb6cb22df27dc14eb63_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5eb26c2ee619ea24d5fa836b1d34e18fcaf83ce5202f9cb5e57adc4c1860cedb_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:72e2a67c8f707d8c4c0657b2d69e47e3d426db857e8270330fcff59f7145f362_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:ad1d4a09a47b2770be8feffed6cf0b8da2305b0472515ebbb08ebda65d608e79_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f00d96629947fa7b290d75ed751bc3e6a514cee8545307f1685d05662b3257cb_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:2325f237ab329cb3f1d3db4da40ed19f68d6daa2a5902c71be3f0d3cfcadd503_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:bf39728adabe9f4c9b50eed0af81d3524ed655718a0e3f86fa1f77aa6ccdb4d2_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c571ca5630d65b34f08776d61f6be269a5e819dd870a99530993adc50c19e43e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:ecd314ed5a994812d976dbccf0d3c4db54fadf5c1cba46d1fa0b2f0a1fd0e921_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:60f49f5b8bf2a681ee8fc8b5cd1351f70c1fe9a0052b4ec4806f6f5e996c14ad_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9ed8cbcf7d72efc99c619dbebb4f0dc548ac574d76f321efd5bc077ab35051c7_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:e856a58e6720d1fb05988d53f5b5868f10407551f8dfffd8b27e30d683b79920_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:edb5ff30f3984733c7c778e06a05fedf562790e9b2baf7f91f23b84e3db1228f_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:224d90fd4efbf139fa0a8f37705af8556c89128d9fe9911de8a421877e920746_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:91606367539bd6d36ad256a49a14f94eb534de2ad28e894d18288d97612fda7c_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d287d7b9594acfc6c2a49e9734c4699a7f641a24c136af2a984ce91ea2c3bdb1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:fe7eac5ba8577d0f36408c3f8be773c4e95ef57ded868a47cf80f669c51dca98_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:064b805df36b0ce427e9aa04177bce9334b1f691f2d3f15e469b9b969ce34bd4_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:3a2e53f6ac97df7e08ea40464916bbb50edb2bbfd5623b1037a04a8cd7f80ee6_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:d19e8224bbbc5b8a5c4c4ce7e3f7406d93c7e8de87de638f20cd806bcb8049c0_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:f31fe74f9dfb4a181358d4513573690c60fee2b3658472269239189374636a11_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:1dc2620596822eb28fb997bc51ad2ecb352011e63f4c54fb650bc3e4c8009c4e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:25ba51881b0dbabd2911ec309a1aa881cfb8075605a6d50dac63751482a55d62_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b219c4478e43d68d1a3f2bb9aa0ec16cd30d11587d48ab5952ac09b03771c396_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:eca201d07c2a36e80e38d331ac5daf176ae85b6f36884bb6cb22df27dc14eb63_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5eb26c2ee619ea24d5fa836b1d34e18fcaf83ce5202f9cb5e57adc4c1860cedb_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:72e2a67c8f707d8c4c0657b2d69e47e3d426db857e8270330fcff59f7145f362_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:ad1d4a09a47b2770be8feffed6cf0b8da2305b0472515ebbb08ebda65d608e79_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f00d96629947fa7b290d75ed751bc3e6a514cee8545307f1685d05662b3257cb_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:2325f237ab329cb3f1d3db4da40ed19f68d6daa2a5902c71be3f0d3cfcadd503_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:bf39728adabe9f4c9b50eed0af81d3524ed655718a0e3f86fa1f77aa6ccdb4d2_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c571ca5630d65b34f08776d61f6be269a5e819dd870a99530993adc50c19e43e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:ecd314ed5a994812d976dbccf0d3c4db54fadf5c1cba46d1fa0b2f0a1fd0e921_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:60f49f5b8bf2a681ee8fc8b5cd1351f70c1fe9a0052b4ec4806f6f5e996c14ad_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9ed8cbcf7d72efc99c619dbebb4f0dc548ac574d76f321efd5bc077ab35051c7_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:e856a58e6720d1fb05988d53f5b5868f10407551f8dfffd8b27e30d683b79920_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:edb5ff30f3984733c7c778e06a05fedf562790e9b2baf7f91f23b84e3db1228f_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:224d90fd4efbf139fa0a8f37705af8556c89128d9fe9911de8a421877e920746_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:91606367539bd6d36ad256a49a14f94eb534de2ad28e894d18288d97612fda7c_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d287d7b9594acfc6c2a49e9734c4699a7f641a24c136af2a984ce91ea2c3bdb1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:fe7eac5ba8577d0f36408c3f8be773c4e95ef57ded868a47cf80f669c51dca98_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:064b805df36b0ce427e9aa04177bce9334b1f691f2d3f15e469b9b969ce34bd4_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:3a2e53f6ac97df7e08ea40464916bbb50edb2bbfd5623b1037a04a8cd7f80ee6_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:d19e8224bbbc5b8a5c4c4ce7e3f7406d93c7e8de87de638f20cd806bcb8049c0_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:f31fe74f9dfb4a181358d4513573690c60fee2b3658472269239189374636a11_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3 Streaming API improperly handles highly compressed data"
},
{
"cve": "CVE-2025-68429",
"cwe": {
"id": "CWE-538",
"name": "Insertion of Sensitive Information into Externally-Accessible File or Directory"
},
"discovery_date": "2025-12-17T23:03:29.948214+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5eb26c2ee619ea24d5fa836b1d34e18fcaf83ce5202f9cb5e57adc4c1860cedb_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:72e2a67c8f707d8c4c0657b2d69e47e3d426db857e8270330fcff59f7145f362_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:ad1d4a09a47b2770be8feffed6cf0b8da2305b0472515ebbb08ebda65d608e79_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f00d96629947fa7b290d75ed751bc3e6a514cee8545307f1685d05662b3257cb_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:2325f237ab329cb3f1d3db4da40ed19f68d6daa2a5902c71be3f0d3cfcadd503_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:bf39728adabe9f4c9b50eed0af81d3524ed655718a0e3f86fa1f77aa6ccdb4d2_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c571ca5630d65b34f08776d61f6be269a5e819dd870a99530993adc50c19e43e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:ecd314ed5a994812d976dbccf0d3c4db54fadf5c1cba46d1fa0b2f0a1fd0e921_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:60f49f5b8bf2a681ee8fc8b5cd1351f70c1fe9a0052b4ec4806f6f5e996c14ad_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9ed8cbcf7d72efc99c619dbebb4f0dc548ac574d76f321efd5bc077ab35051c7_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:e856a58e6720d1fb05988d53f5b5868f10407551f8dfffd8b27e30d683b79920_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:edb5ff30f3984733c7c778e06a05fedf562790e9b2baf7f91f23b84e3db1228f_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:224d90fd4efbf139fa0a8f37705af8556c89128d9fe9911de8a421877e920746_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:91606367539bd6d36ad256a49a14f94eb534de2ad28e894d18288d97612fda7c_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d287d7b9594acfc6c2a49e9734c4699a7f641a24c136af2a984ce91ea2c3bdb1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:fe7eac5ba8577d0f36408c3f8be773c4e95ef57ded868a47cf80f669c51dca98_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:064b805df36b0ce427e9aa04177bce9334b1f691f2d3f15e469b9b969ce34bd4_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:3a2e53f6ac97df7e08ea40464916bbb50edb2bbfd5623b1037a04a8cd7f80ee6_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:d19e8224bbbc5b8a5c4c4ce7e3f7406d93c7e8de87de638f20cd806bcb8049c0_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:f31fe74f9dfb4a181358d4513573690c60fee2b3658472269239189374636a11_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2423460"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Storybook, a tool for building user interface components. This vulnerability can lead to the unintended exposure of sensitive information. When Storybook is built in a directory containing a `.env` file and then published online, environment variables from that file may be included in the publicly accessible build artifacts. This allows anyone with access to the published Storybook to view these potentially confidential variables.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Storybook: Storybook: Information disclosure via unexpected bundling of environment variables",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat as it can lead to the unintended exposure of sensitive environment variables. This occurs when a Storybook project is built using the `storybook build` command in a directory containing a `.env` file, and the resulting bundle is subsequently published to a web-accessible location. Storybook instances built without `.env` files or run in development mode (`storybook dev`) are not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:1dc2620596822eb28fb997bc51ad2ecb352011e63f4c54fb650bc3e4c8009c4e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:25ba51881b0dbabd2911ec309a1aa881cfb8075605a6d50dac63751482a55d62_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b219c4478e43d68d1a3f2bb9aa0ec16cd30d11587d48ab5952ac09b03771c396_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:eca201d07c2a36e80e38d331ac5daf176ae85b6f36884bb6cb22df27dc14eb63_ppc64le"
],
"known_not_affected": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5eb26c2ee619ea24d5fa836b1d34e18fcaf83ce5202f9cb5e57adc4c1860cedb_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:72e2a67c8f707d8c4c0657b2d69e47e3d426db857e8270330fcff59f7145f362_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:ad1d4a09a47b2770be8feffed6cf0b8da2305b0472515ebbb08ebda65d608e79_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f00d96629947fa7b290d75ed751bc3e6a514cee8545307f1685d05662b3257cb_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:2325f237ab329cb3f1d3db4da40ed19f68d6daa2a5902c71be3f0d3cfcadd503_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:bf39728adabe9f4c9b50eed0af81d3524ed655718a0e3f86fa1f77aa6ccdb4d2_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c571ca5630d65b34f08776d61f6be269a5e819dd870a99530993adc50c19e43e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:ecd314ed5a994812d976dbccf0d3c4db54fadf5c1cba46d1fa0b2f0a1fd0e921_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:60f49f5b8bf2a681ee8fc8b5cd1351f70c1fe9a0052b4ec4806f6f5e996c14ad_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9ed8cbcf7d72efc99c619dbebb4f0dc548ac574d76f321efd5bc077ab35051c7_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:e856a58e6720d1fb05988d53f5b5868f10407551f8dfffd8b27e30d683b79920_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:edb5ff30f3984733c7c778e06a05fedf562790e9b2baf7f91f23b84e3db1228f_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:224d90fd4efbf139fa0a8f37705af8556c89128d9fe9911de8a421877e920746_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:91606367539bd6d36ad256a49a14f94eb534de2ad28e894d18288d97612fda7c_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d287d7b9594acfc6c2a49e9734c4699a7f641a24c136af2a984ce91ea2c3bdb1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:fe7eac5ba8577d0f36408c3f8be773c4e95ef57ded868a47cf80f669c51dca98_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:064b805df36b0ce427e9aa04177bce9334b1f691f2d3f15e469b9b969ce34bd4_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:3a2e53f6ac97df7e08ea40464916bbb50edb2bbfd5623b1037a04a8cd7f80ee6_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:d19e8224bbbc5b8a5c4c4ce7e3f7406d93c7e8de87de638f20cd806bcb8049c0_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:f31fe74f9dfb4a181358d4513573690c60fee2b3658472269239189374636a11_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68429"
},
{
"category": "external",
"summary": "RHBZ#2423460",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2423460"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68429",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68429"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68429",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68429"
},
{
"category": "external",
"summary": "https://github.com/storybookjs/storybook/security/advisories/GHSA-8452-54wp-rmv6",
"url": "https://github.com/storybookjs/storybook/security/advisories/GHSA-8452-54wp-rmv6"
},
{
"category": "external",
"summary": "https://storybook.js.org/blog/security-advisory",
"url": "https://storybook.js.org/blog/security-advisory"
}
],
"release_date": "2025-12-17T22:26:55.732000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T12:56:05+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:1dc2620596822eb28fb997bc51ad2ecb352011e63f4c54fb650bc3e4c8009c4e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:25ba51881b0dbabd2911ec309a1aa881cfb8075605a6d50dac63751482a55d62_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b219c4478e43d68d1a3f2bb9aa0ec16cd30d11587d48ab5952ac09b03771c396_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:eca201d07c2a36e80e38d331ac5daf176ae85b6f36884bb6cb22df27dc14eb63_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2737"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:1dc2620596822eb28fb997bc51ad2ecb352011e63f4c54fb650bc3e4c8009c4e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:25ba51881b0dbabd2911ec309a1aa881cfb8075605a6d50dac63751482a55d62_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:b219c4478e43d68d1a3f2bb9aa0ec16cd30d11587d48ab5952ac09b03771c396_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/grafana-rhel9@sha256:eca201d07c2a36e80e38d331ac5daf176ae85b6f36884bb6cb22df27dc14eb63_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5eb26c2ee619ea24d5fa836b1d34e18fcaf83ce5202f9cb5e57adc4c1860cedb_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:72e2a67c8f707d8c4c0657b2d69e47e3d426db857e8270330fcff59f7145f362_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:ad1d4a09a47b2770be8feffed6cf0b8da2305b0472515ebbb08ebda65d608e79_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f00d96629947fa7b290d75ed751bc3e6a514cee8545307f1685d05662b3257cb_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:2325f237ab329cb3f1d3db4da40ed19f68d6daa2a5902c71be3f0d3cfcadd503_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:bf39728adabe9f4c9b50eed0af81d3524ed655718a0e3f86fa1f77aa6ccdb4d2_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:c571ca5630d65b34f08776d61f6be269a5e819dd870a99530993adc50c19e43e_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-8-rhel9@sha256:ecd314ed5a994812d976dbccf0d3c4db54fadf5c1cba46d1fa0b2f0a1fd0e921_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:60f49f5b8bf2a681ee8fc8b5cd1351f70c1fe9a0052b4ec4806f6f5e996c14ad_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:9ed8cbcf7d72efc99c619dbebb4f0dc548ac574d76f321efd5bc077ab35051c7_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:e856a58e6720d1fb05988d53f5b5868f10407551f8dfffd8b27e30d683b79920_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:edb5ff30f3984733c7c778e06a05fedf562790e9b2baf7f91f23b84e3db1228f_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:224d90fd4efbf139fa0a8f37705af8556c89128d9fe9911de8a421877e920746_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:91606367539bd6d36ad256a49a14f94eb534de2ad28e894d18288d97612fda7c_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d287d7b9594acfc6c2a49e9734c4699a7f641a24c136af2a984ce91ea2c3bdb1_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:fe7eac5ba8577d0f36408c3f8be773c4e95ef57ded868a47cf80f669c51dca98_arm64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:064b805df36b0ce427e9aa04177bce9334b1f691f2d3f15e469b9b969ce34bd4_amd64",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:3a2e53f6ac97df7e08ea40464916bbb50edb2bbfd5623b1037a04a8cd7f80ee6_s390x",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:d19e8224bbbc5b8a5c4c4ce7e3f7406d93c7e8de87de638f20cd806bcb8049c0_ppc64le",
"Red Hat Ceph Storage 8:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:f31fe74f9dfb4a181358d4513573690c60fee2b3658472269239189374636a11_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Storybook: Storybook: Information disclosure via unexpected bundling of environment variables"
}
]
}
RHSA-2026:1730
Vulnerability from csaf_redhat - Published: 2026-02-02 15:52 - Updated: 2026-05-07 07:29Summary
Red Hat Security Advisory: Red Hat Quay 3.12.13
Severity
Important
Notes
Topic: Red Hat Quay 3.12.13 is now available with bug fixes.
Details: Quay 3.12.13
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:1730
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in the x/crypto/ssh go library. Applications and libraries that misuse the ServerConfig.PublicKeyCallback callback may be susceptible to an authorization bypass. For example, an attacker may send public keys A and B and authenticate with A. PublicKeyCallback would be called only twice, first with A and then with B. A vulnerable application may then make authorization decisions based on key B, for which the attacker does not control the private key. The misuse of ServerConfig.PublicKeyCallback may cause an authorization bypass.
8.2 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:1730
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in golang.org/x/net/html. This flaw allows an attacker to craft input to the parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This issue can cause a denial of service.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:1730
A flaw was found in node-forge. This vulnerability allows unauthenticated attackers to bypass downstream cryptographic verifications and security decisions via crafting ASN.1 (Abstract Syntax Notation One) structures to desynchronize schema validations, yielding a semantic divergence.
8.7 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:1730
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
A flaw was found in qs, a module used for parsing query strings. A remote attacker can exploit an improper input validation vulnerability by sending specially crafted HTTP requests that use bracket notation (e.g., `a[]=value`). This bypasses the `arrayLimit` option, which is designed to limit the size of parsed arrays and prevent resource exhaustion. Successful exploitation can lead to memory exhaustion, causing a Denial of Service (DoS) where the application crashes or becomes unresponsive, making the service unavailable to users.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:1730
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
A flaw was found in runc. This attack is a more sophisticated variant of CVE-2019-16884, which was a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process. The mitigation applied for CVE-2019-16884 was fairly limited and effectively only caused runc to verify that when we write LSM labels that those labels are actual procfs files.
8.2 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:1730
Workaround
Potential mitigations for this issue include:
* Using rootless containers, as doing so will block most of the inadvertent writes (runc would run with reduced privileges, making attempts to write to procfs files ineffective).
* Based on our analysis, neither AppArmor or SELinux can protect against the full version of the redirected write attack. The container runtime is generally privileged enough to write to arbitrary procfs files, which is more than sufficient to cause a container breakout.
A flaw was found in auth0/node-jws. This vulnerability allows improper signature verification via using the HS256 (Hash-based Message Authentication Code using SHA-256) algorithm under specific conditions, where applications use the jws.createVerify() function for HMAC (Keyed-Hash Message Authentication Code) algorithms and user-provided data from the JSON (JavaScript Object Notation) Web Signature protected header or payload in HMAC secret lookup routines.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:1730
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
An ASN.1 Denial of Service (Dos) vulnerability exists in the node-forge asn1.fromDer function within forge/lib/asn1.js. The ASN.1 DER parser implementation (_fromDer) recurses for every constructed ASN.1 value (SEQUENCE, SET, etc.) and lacks a guard limiting recursion depth. An attacker can craft a small DER blob containing a very large nesting depth of constructed TLVs which causes the Node.js V8 engine to exhaust its call stack and throw RangeError: Maximum call stack size exceeded, crashing or incapacitating the process handling the parse. This is a remote, low-cost Denial-of-Service against applications that parse untrusted ASN.1 objects.
5.3 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:1730
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in urllib3 Python library that could lead to a Denial of Service condition. A remote, malicious server can exploit this flaw by responding to a client request with an HTTP message that uses an excessive number of chained compression algorithms. This unlimited decompression chain causes the client system to consume a virtually unbounded amount of CPU resources and memory. The high resource usage leads to service disruption, making the application unresponsive.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:1730
A decompression handling flaw has been discovered in urllib3. When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header (e.g., gzip, deflate, br, or zstd). The library must read compressed data from the network and decompress it until the requested chunk size is met. Any resulting decompressed data that exceeds the requested amount is held in an internal buffer for the next read operation. The decompression logic could cause urllib3 to fully decode a small amount of highly compressed data in a single operation. This can result in excessive resource consumption (high CPU usage and massive memory allocation for the decompressed data; CWE-409) on the client side, even if the application only requested a small chunk of data.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:1730
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in Fulcio, a free-to-use certificate authority. This vulnerability allows a denial of service (DoS) due to excessive memory allocation when processing a malicious OpenID Connect (OIDC) identity token containing numerous period characters.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:1730
urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP `Content-Encoding` header (e.g., `gzip`, `deflate`, `br`, or `zstd`). When using the streaming API, the library decompresses only the necessary bytes, enabling partial content consumption. Starting in version 1.22 and prior to version 2.6.3, for HTTP redirect responses, the library would read the entire response body to drain the connection and decompress the content unnecessarily. This decompression occurred even before any read methods were called, and configured read limits did not restrict the amount of decompressed data. As a result, there was no safeguard against decompression bombs. A malicious server could exploit this to trigger excessive resource consumption on the client. Applications and libraries are affected when they stream content from untrusted sources by setting `preload_content=False` when they do not disable redirects. Users should upgrade to at least urllib3 v2.6.3, in which the library does not decode content of redirect responses when `preload_content=False`. If upgrading is not immediately possible, disable redirects by setting `redirect=False` for requests to untrusted source.
7.5 (High)
Vendor Fix
Before applying this update, make sure all previously released errata relevant
to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:1730
References
| URL | Category | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat Quay 3.12.13 is now available with bug fixes.",
"title": "Topic"
},
{
"category": "general",
"text": "Quay 3.12.13",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:1730",
"url": "https://access.redhat.com/errata/RHSA-2026:1730"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-34156",
"url": "https://access.redhat.com/security/cve/CVE-2024-34156"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-45337",
"url": "https://access.redhat.com/security/cve/CVE-2024-45337"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-45338",
"url": "https://access.redhat.com/security/cve/CVE-2024-45338"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-12816",
"url": "https://access.redhat.com/security/cve/CVE-2025-12816"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-15284",
"url": "https://access.redhat.com/security/cve/CVE-2025-15284"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-52881",
"url": "https://access.redhat.com/security/cve/CVE-2025-52881"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-65945",
"url": "https://access.redhat.com/security/cve/CVE-2025-65945"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66031",
"url": "https://access.redhat.com/security/cve/CVE-2025-66031"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66418",
"url": "https://access.redhat.com/security/cve/CVE-2025-66418"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66471",
"url": "https://access.redhat.com/security/cve/CVE-2025-66471"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66506",
"url": "https://access.redhat.com/security/cve/CVE-2025-66506"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-21441",
"url": "https://access.redhat.com/security/cve/CVE-2026-21441"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_1730.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Quay 3.12.13",
"tracking": {
"current_release_date": "2026-05-07T07:29:42+00:00",
"generator": {
"date": "2026-05-07T07:29:42+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.9"
}
},
"id": "RHSA-2026:1730",
"initial_release_date": "2026-02-02T15:52:56+00:00",
"revision_history": [
{
"date": "2026-02-02T15:52:56+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-02-02T15:52:59+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-07T07:29:42+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Quay 3.12",
"product": {
"name": "Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:quay:3.12::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Quay"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel8@sha256:e82aac09336b0a36d5bc896826891ec41714ea1e05aac345a49abc4915b255ee_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:e82aac09336b0a36d5bc896826891ec41714ea1e05aac345a49abc4915b255ee_ppc64le",
"product_id": "registry.redhat.io/quay/quay-rhel8@sha256:e82aac09336b0a36d5bc896826891ec41714ea1e05aac345a49abc4915b255ee_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel8@sha256%3Ae82aac09336b0a36d5bc896826891ec41714ea1e05aac345a49abc4915b255ee?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1769852013"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:63e2f0159c3521ea5d908f331979836af72c32f18104bcf915feab123e294dd1_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:63e2f0159c3521ea5d908f331979836af72c32f18104bcf915feab123e294dd1_ppc64le",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:63e2f0159c3521ea5d908f331979836af72c32f18104bcf915feab123e294dd1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3A63e2f0159c3521ea5d908f331979836af72c32f18104bcf915feab123e294dd1?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1769466677"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:11c27678e7d181621669548757d07cc9ed5be4e55043d4676fd4a2fb41433498_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:11c27678e7d181621669548757d07cc9ed5be4e55043d4676fd4a2fb41433498_ppc64le",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:11c27678e7d181621669548757d07cc9ed5be4e55043d4676fd4a2fb41433498_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3A11c27678e7d181621669548757d07cc9ed5be4e55043d4676fd4a2fb41433498?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1769810112"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:47e327e54e2dfd7b990a196e8864262ff2ce94e760caa96a163f44fb51119f18_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:47e327e54e2dfd7b990a196e8864262ff2ce94e760caa96a163f44fb51119f18_ppc64le",
"product_id": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:47e327e54e2dfd7b990a196e8864262ff2ce94e760caa96a163f44fb51119f18_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-qemu-rhcos-rhel8@sha256%3A47e327e54e2dfd7b990a196e8864262ff2ce94e760caa96a163f44fb51119f18?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1769812327"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:53c55f81a10b84f6c7756a98c30f6c018736d8691440408ded75a9d60d20abd7_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:53c55f81a10b84f6c7756a98c30f6c018736d8691440408ded75a9d60d20abd7_ppc64le",
"product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:53c55f81a10b84f6c7756a98c30f6c018736d8691440408ded75a9d60d20abd7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel8@sha256%3A53c55f81a10b84f6c7756a98c30f6c018736d8691440408ded75a9d60d20abd7?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1769811895"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel8@sha256:92e8d6d910fa92fb05e4e0a8046b03090643509fe2a67f8efc8e1bb2b93aba10_ppc64le",
"product": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:92e8d6d910fa92fb05e4e0a8046b03090643509fe2a67f8efc8e1bb2b93aba10_ppc64le",
"product_id": "registry.redhat.io/quay/clair-rhel8@sha256:92e8d6d910fa92fb05e4e0a8046b03090643509fe2a67f8efc8e1bb2b93aba10_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel8@sha256%3A92e8d6d910fa92fb05e4e0a8046b03090643509fe2a67f8efc8e1bb2b93aba10?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1769718571"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:86224e8f5d9f5ede57e90166cde9802c1ef956737b711935b9269b387ea5b68b_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:86224e8f5d9f5ede57e90166cde9802c1ef956737b711935b9269b387ea5b68b_ppc64le",
"product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:86224e8f5d9f5ede57e90166cde9802c1ef956737b711935b9269b387ea5b68b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel8@sha256%3A86224e8f5d9f5ede57e90166cde9802c1ef956737b711935b9269b387ea5b68b?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1769000026"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel8@sha256:117876c6c6a12beb25983da60c8c1628f350a1797888b9f03c44b9dd737844fa_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:117876c6c6a12beb25983da60c8c1628f350a1797888b9f03c44b9dd737844fa_amd64",
"product_id": "registry.redhat.io/quay/quay-rhel8@sha256:117876c6c6a12beb25983da60c8c1628f350a1797888b9f03c44b9dd737844fa_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel8@sha256%3A117876c6c6a12beb25983da60c8c1628f350a1797888b9f03c44b9dd737844fa?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1769852013"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d6728285a5552f62e96c93eb5b0eba181582890c4fce1a0b56758d2b3c4bbdcd_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d6728285a5552f62e96c93eb5b0eba181582890c4fce1a0b56758d2b3c4bbdcd_amd64",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d6728285a5552f62e96c93eb5b0eba181582890c4fce1a0b56758d2b3c4bbdcd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-bundle@sha256%3Ad6728285a5552f62e96c93eb5b0eba181582890c4fce1a0b56758d2b3c4bbdcd?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1769802588"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:412a23db39debcda082d6d85807a7983aa474e3eea8f6780c619d0b371af16ae_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:412a23db39debcda082d6d85807a7983aa474e3eea8f6780c619d0b371af16ae_amd64",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:412a23db39debcda082d6d85807a7983aa474e3eea8f6780c619d0b371af16ae_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3A412a23db39debcda082d6d85807a7983aa474e3eea8f6780c619d0b371af16ae?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1769466677"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:edc72269317914b4612ffe859a558a886b5a244d99c016896b126f1dd35fb299_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:edc72269317914b4612ffe859a558a886b5a244d99c016896b126f1dd35fb299_amd64",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:edc72269317914b4612ffe859a558a886b5a244d99c016896b126f1dd35fb299_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-bundle@sha256%3Aedc72269317914b4612ffe859a558a886b5a244d99c016896b126f1dd35fb299?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1769810760"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cc4a64957a3e97ee564e895c50d451dd0cd472ea635a258db2ea3a0bac83e242_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cc4a64957a3e97ee564e895c50d451dd0cd472ea635a258db2ea3a0bac83e242_amd64",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cc4a64957a3e97ee564e895c50d451dd0cd472ea635a258db2ea3a0bac83e242_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3Acc4a64957a3e97ee564e895c50d451dd0cd472ea635a258db2ea3a0bac83e242?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1769810112"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:cd984016e01cde762b5958b8e7f8ea9f17828348104f074424a3ed14604a2544_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:cd984016e01cde762b5958b8e7f8ea9f17828348104f074424a3ed14604a2544_amd64",
"product_id": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:cd984016e01cde762b5958b8e7f8ea9f17828348104f074424a3ed14604a2544_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-qemu-rhcos-rhel8@sha256%3Acd984016e01cde762b5958b8e7f8ea9f17828348104f074424a3ed14604a2544?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1769812327"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:f2f9b7f06fe1847d49a1d94069e1052b021f2169fb036f2b886f2f70859914de_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:f2f9b7f06fe1847d49a1d94069e1052b021f2169fb036f2b886f2f70859914de_amd64",
"product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:f2f9b7f06fe1847d49a1d94069e1052b021f2169fb036f2b886f2f70859914de_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel8@sha256%3Af2f9b7f06fe1847d49a1d94069e1052b021f2169fb036f2b886f2f70859914de?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1769811895"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel8@sha256:056dc564e4f8ee5ee816c008b962ca6e2de3b3e86c60fd2805654b6054948caa_amd64",
"product": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:056dc564e4f8ee5ee816c008b962ca6e2de3b3e86c60fd2805654b6054948caa_amd64",
"product_id": "registry.redhat.io/quay/clair-rhel8@sha256:056dc564e4f8ee5ee816c008b962ca6e2de3b3e86c60fd2805654b6054948caa_amd64",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel8@sha256%3A056dc564e4f8ee5ee816c008b962ca6e2de3b3e86c60fd2805654b6054948caa?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1769718571"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-bundle@sha256:6e048b97ef55a2ad081250608152c08613075713d9b10d7558becfb19ded8e45_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-operator-bundle@sha256:6e048b97ef55a2ad081250608152c08613075713d9b10d7558becfb19ded8e45_amd64",
"product_id": "registry.redhat.io/quay/quay-operator-bundle@sha256:6e048b97ef55a2ad081250608152c08613075713d9b10d7558becfb19ded8e45_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-bundle@sha256%3A6e048b97ef55a2ad081250608152c08613075713d9b10d7558becfb19ded8e45?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1769855900"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:f5050789c44ce9c4de52aa34acf375efe97708a313280e395e34a6d306e5d1e0_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:f5050789c44ce9c4de52aa34acf375efe97708a313280e395e34a6d306e5d1e0_amd64",
"product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:f5050789c44ce9c4de52aa34acf375efe97708a313280e395e34a6d306e5d1e0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel8@sha256%3Af5050789c44ce9c4de52aa34acf375efe97708a313280e395e34a6d306e5d1e0?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1769000026"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel8@sha256:03a485b1c02f5155f22c7820c166889b3f7d7b479892bb4d106432fa2dbf217b_arm64",
"product": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:03a485b1c02f5155f22c7820c166889b3f7d7b479892bb4d106432fa2dbf217b_arm64",
"product_id": "registry.redhat.io/quay/quay-rhel8@sha256:03a485b1c02f5155f22c7820c166889b3f7d7b479892bb4d106432fa2dbf217b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel8@sha256%3A03a485b1c02f5155f22c7820c166889b3f7d7b479892bb4d106432fa2dbf217b?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=1769852013"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:39a26364fc2794512c6862fd0333df158d8301ca82eabf53959561fc39fbbe0f_arm64",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:39a26364fc2794512c6862fd0333df158d8301ca82eabf53959561fc39fbbe0f_arm64",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:39a26364fc2794512c6862fd0333df158d8301ca82eabf53959561fc39fbbe0f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3A39a26364fc2794512c6862fd0333df158d8301ca82eabf53959561fc39fbbe0f?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=1769466677"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1f9c64d9e2b9c6c1ae2fc5d00c83498a9bb8db3a0cf5fd3545a49cce65a998ef_arm64",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1f9c64d9e2b9c6c1ae2fc5d00c83498a9bb8db3a0cf5fd3545a49cce65a998ef_arm64",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1f9c64d9e2b9c6c1ae2fc5d00c83498a9bb8db3a0cf5fd3545a49cce65a998ef_arm64",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3A1f9c64d9e2b9c6c1ae2fc5d00c83498a9bb8db3a0cf5fd3545a49cce65a998ef?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=1769810112"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:ed9b563d9a2133239537b37954bbba96ba6e17f9f64d899cfd51688b9bed040a_arm64",
"product": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:ed9b563d9a2133239537b37954bbba96ba6e17f9f64d899cfd51688b9bed040a_arm64",
"product_id": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:ed9b563d9a2133239537b37954bbba96ba6e17f9f64d899cfd51688b9bed040a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-qemu-rhcos-rhel8@sha256%3Aed9b563d9a2133239537b37954bbba96ba6e17f9f64d899cfd51688b9bed040a?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=1769812327"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:907981736598e7544bebfc8d174fea92cc9a7769d649cbe8ce3cc296e6953856_arm64",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:907981736598e7544bebfc8d174fea92cc9a7769d649cbe8ce3cc296e6953856_arm64",
"product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:907981736598e7544bebfc8d174fea92cc9a7769d649cbe8ce3cc296e6953856_arm64",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel8@sha256%3A907981736598e7544bebfc8d174fea92cc9a7769d649cbe8ce3cc296e6953856?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=1769811895"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel8@sha256:338cd06dcc742eb7f37b3ca02ff6c5902630e1466ce3dc6b73b49c1b2b8562fa_arm64",
"product": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:338cd06dcc742eb7f37b3ca02ff6c5902630e1466ce3dc6b73b49c1b2b8562fa_arm64",
"product_id": "registry.redhat.io/quay/clair-rhel8@sha256:338cd06dcc742eb7f37b3ca02ff6c5902630e1466ce3dc6b73b49c1b2b8562fa_arm64",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel8@sha256%3A338cd06dcc742eb7f37b3ca02ff6c5902630e1466ce3dc6b73b49c1b2b8562fa?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=1769718571"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:19951763d79334b5e566c8d9b5acf9524268d1e5864a574632363cf540678184_arm64",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:19951763d79334b5e566c8d9b5acf9524268d1e5864a574632363cf540678184_arm64",
"product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:19951763d79334b5e566c8d9b5acf9524268d1e5864a574632363cf540678184_arm64",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel8@sha256%3A19951763d79334b5e566c8d9b5acf9524268d1e5864a574632363cf540678184?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=1769000026"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5e8ae98348f50d6a50ff31a3b099afb84109ea0892b9408d16f6f32b0b657048_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5e8ae98348f50d6a50ff31a3b099afb84109ea0892b9408d16f6f32b0b657048_s390x",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5e8ae98348f50d6a50ff31a3b099afb84109ea0892b9408d16f6f32b0b657048_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3A5e8ae98348f50d6a50ff31a3b099afb84109ea0892b9408d16f6f32b0b657048?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1769466677"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e8980b92b3c6c5fe6cb076121faba33f0c70bb980e349172c0d3732c52ab8c09_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e8980b92b3c6c5fe6cb076121faba33f0c70bb980e349172c0d3732c52ab8c09_s390x",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e8980b92b3c6c5fe6cb076121faba33f0c70bb980e349172c0d3732c52ab8c09_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3Ae8980b92b3c6c5fe6cb076121faba33f0c70bb980e349172c0d3732c52ab8c09?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1769810112"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a1f93c08e02b3b2651f50bcdb8297a66a4f8a5221284f30c9a3a65a14784c824_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a1f93c08e02b3b2651f50bcdb8297a66a4f8a5221284f30c9a3a65a14784c824_s390x",
"product_id": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a1f93c08e02b3b2651f50bcdb8297a66a4f8a5221284f30c9a3a65a14784c824_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-qemu-rhcos-rhel8@sha256%3Aa1f93c08e02b3b2651f50bcdb8297a66a4f8a5221284f30c9a3a65a14784c824?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1769812327"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:3b19f8efe886a379fcad216b583de6c962a231159020f363323d531c330350de_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:3b19f8efe886a379fcad216b583de6c962a231159020f363323d531c330350de_s390x",
"product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:3b19f8efe886a379fcad216b583de6c962a231159020f363323d531c330350de_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel8@sha256%3A3b19f8efe886a379fcad216b583de6c962a231159020f363323d531c330350de?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1769811895"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel8@sha256:24eeadd822f6f30c5e587e9d3eba06f1856a2c2e9f47daf4bad706146f50382a_s390x",
"product": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:24eeadd822f6f30c5e587e9d3eba06f1856a2c2e9f47daf4bad706146f50382a_s390x",
"product_id": "registry.redhat.io/quay/clair-rhel8@sha256:24eeadd822f6f30c5e587e9d3eba06f1856a2c2e9f47daf4bad706146f50382a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel8@sha256%3A24eeadd822f6f30c5e587e9d3eba06f1856a2c2e9f47daf4bad706146f50382a?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1769718571"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:f2c4a003335692f84e68cb660d61581a68c89607ec92fca9ca08a7e98efc8c63_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:f2c4a003335692f84e68cb660d61581a68c89607ec92fca9ca08a7e98efc8c63_s390x",
"product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:f2c4a003335692f84e68cb660d61581a68c89607ec92fca9ca08a7e98efc8c63_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel8@sha256%3Af2c4a003335692f84e68cb660d61581a68c89607ec92fca9ca08a7e98efc8c63?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1769000026"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel8@sha256:f58b0c52270707e15747b431520150641019c9b215e864c8dfe8dec1f6e94caf_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:f58b0c52270707e15747b431520150641019c9b215e864c8dfe8dec1f6e94caf_s390x",
"product_id": "registry.redhat.io/quay/quay-rhel8@sha256:f58b0c52270707e15747b431520150641019c9b215e864c8dfe8dec1f6e94caf_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel8@sha256%3Af58b0c52270707e15747b431520150641019c9b215e864c8dfe8dec1f6e94caf?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1769852013"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:056dc564e4f8ee5ee816c008b962ca6e2de3b3e86c60fd2805654b6054948caa_amd64 as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:056dc564e4f8ee5ee816c008b962ca6e2de3b3e86c60fd2805654b6054948caa_amd64"
},
"product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:056dc564e4f8ee5ee816c008b962ca6e2de3b3e86c60fd2805654b6054948caa_amd64",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:24eeadd822f6f30c5e587e9d3eba06f1856a2c2e9f47daf4bad706146f50382a_s390x as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:24eeadd822f6f30c5e587e9d3eba06f1856a2c2e9f47daf4bad706146f50382a_s390x"
},
"product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:24eeadd822f6f30c5e587e9d3eba06f1856a2c2e9f47daf4bad706146f50382a_s390x",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:338cd06dcc742eb7f37b3ca02ff6c5902630e1466ce3dc6b73b49c1b2b8562fa_arm64 as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:338cd06dcc742eb7f37b3ca02ff6c5902630e1466ce3dc6b73b49c1b2b8562fa_arm64"
},
"product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:338cd06dcc742eb7f37b3ca02ff6c5902630e1466ce3dc6b73b49c1b2b8562fa_arm64",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:92e8d6d910fa92fb05e4e0a8046b03090643509fe2a67f8efc8e1bb2b93aba10_ppc64le as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:92e8d6d910fa92fb05e4e0a8046b03090643509fe2a67f8efc8e1bb2b93aba10_ppc64le"
},
"product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:92e8d6d910fa92fb05e4e0a8046b03090643509fe2a67f8efc8e1bb2b93aba10_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:edc72269317914b4612ffe859a558a886b5a244d99c016896b126f1dd35fb299_amd64 as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:edc72269317914b4612ffe859a558a886b5a244d99c016896b126f1dd35fb299_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:edc72269317914b4612ffe859a558a886b5a244d99c016896b126f1dd35fb299_amd64",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:11c27678e7d181621669548757d07cc9ed5be4e55043d4676fd4a2fb41433498_ppc64le as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:11c27678e7d181621669548757d07cc9ed5be4e55043d4676fd4a2fb41433498_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:11c27678e7d181621669548757d07cc9ed5be4e55043d4676fd4a2fb41433498_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1f9c64d9e2b9c6c1ae2fc5d00c83498a9bb8db3a0cf5fd3545a49cce65a998ef_arm64 as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1f9c64d9e2b9c6c1ae2fc5d00c83498a9bb8db3a0cf5fd3545a49cce65a998ef_arm64"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1f9c64d9e2b9c6c1ae2fc5d00c83498a9bb8db3a0cf5fd3545a49cce65a998ef_arm64",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cc4a64957a3e97ee564e895c50d451dd0cd472ea635a258db2ea3a0bac83e242_amd64 as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cc4a64957a3e97ee564e895c50d451dd0cd472ea635a258db2ea3a0bac83e242_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cc4a64957a3e97ee564e895c50d451dd0cd472ea635a258db2ea3a0bac83e242_amd64",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e8980b92b3c6c5fe6cb076121faba33f0c70bb980e349172c0d3732c52ab8c09_s390x as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e8980b92b3c6c5fe6cb076121faba33f0c70bb980e349172c0d3732c52ab8c09_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e8980b92b3c6c5fe6cb076121faba33f0c70bb980e349172c0d3732c52ab8c09_s390x",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:47e327e54e2dfd7b990a196e8864262ff2ce94e760caa96a163f44fb51119f18_ppc64le as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:47e327e54e2dfd7b990a196e8864262ff2ce94e760caa96a163f44fb51119f18_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:47e327e54e2dfd7b990a196e8864262ff2ce94e760caa96a163f44fb51119f18_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a1f93c08e02b3b2651f50bcdb8297a66a4f8a5221284f30c9a3a65a14784c824_s390x as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a1f93c08e02b3b2651f50bcdb8297a66a4f8a5221284f30c9a3a65a14784c824_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a1f93c08e02b3b2651f50bcdb8297a66a4f8a5221284f30c9a3a65a14784c824_s390x",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:cd984016e01cde762b5958b8e7f8ea9f17828348104f074424a3ed14604a2544_amd64 as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:cd984016e01cde762b5958b8e7f8ea9f17828348104f074424a3ed14604a2544_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:cd984016e01cde762b5958b8e7f8ea9f17828348104f074424a3ed14604a2544_amd64",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:ed9b563d9a2133239537b37954bbba96ba6e17f9f64d899cfd51688b9bed040a_arm64 as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:ed9b563d9a2133239537b37954bbba96ba6e17f9f64d899cfd51688b9bed040a_arm64"
},
"product_reference": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:ed9b563d9a2133239537b37954bbba96ba6e17f9f64d899cfd51688b9bed040a_arm64",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:3b19f8efe886a379fcad216b583de6c962a231159020f363323d531c330350de_s390x as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:3b19f8efe886a379fcad216b583de6c962a231159020f363323d531c330350de_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:3b19f8efe886a379fcad216b583de6c962a231159020f363323d531c330350de_s390x",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:53c55f81a10b84f6c7756a98c30f6c018736d8691440408ded75a9d60d20abd7_ppc64le as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:53c55f81a10b84f6c7756a98c30f6c018736d8691440408ded75a9d60d20abd7_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:53c55f81a10b84f6c7756a98c30f6c018736d8691440408ded75a9d60d20abd7_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:907981736598e7544bebfc8d174fea92cc9a7769d649cbe8ce3cc296e6953856_arm64 as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:907981736598e7544bebfc8d174fea92cc9a7769d649cbe8ce3cc296e6953856_arm64"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:907981736598e7544bebfc8d174fea92cc9a7769d649cbe8ce3cc296e6953856_arm64",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:f2f9b7f06fe1847d49a1d94069e1052b021f2169fb036f2b886f2f70859914de_amd64 as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:f2f9b7f06fe1847d49a1d94069e1052b021f2169fb036f2b886f2f70859914de_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:f2f9b7f06fe1847d49a1d94069e1052b021f2169fb036f2b886f2f70859914de_amd64",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d6728285a5552f62e96c93eb5b0eba181582890c4fce1a0b56758d2b3c4bbdcd_amd64 as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d6728285a5552f62e96c93eb5b0eba181582890c4fce1a0b56758d2b3c4bbdcd_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d6728285a5552f62e96c93eb5b0eba181582890c4fce1a0b56758d2b3c4bbdcd_amd64",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:39a26364fc2794512c6862fd0333df158d8301ca82eabf53959561fc39fbbe0f_arm64 as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:39a26364fc2794512c6862fd0333df158d8301ca82eabf53959561fc39fbbe0f_arm64"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:39a26364fc2794512c6862fd0333df158d8301ca82eabf53959561fc39fbbe0f_arm64",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:412a23db39debcda082d6d85807a7983aa474e3eea8f6780c619d0b371af16ae_amd64 as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:412a23db39debcda082d6d85807a7983aa474e3eea8f6780c619d0b371af16ae_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:412a23db39debcda082d6d85807a7983aa474e3eea8f6780c619d0b371af16ae_amd64",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5e8ae98348f50d6a50ff31a3b099afb84109ea0892b9408d16f6f32b0b657048_s390x as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5e8ae98348f50d6a50ff31a3b099afb84109ea0892b9408d16f6f32b0b657048_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5e8ae98348f50d6a50ff31a3b099afb84109ea0892b9408d16f6f32b0b657048_s390x",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:63e2f0159c3521ea5d908f331979836af72c32f18104bcf915feab123e294dd1_ppc64le as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:63e2f0159c3521ea5d908f331979836af72c32f18104bcf915feab123e294dd1_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:63e2f0159c3521ea5d908f331979836af72c32f18104bcf915feab123e294dd1_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-bundle@sha256:6e048b97ef55a2ad081250608152c08613075713d9b10d7558becfb19ded8e45_amd64 as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:6e048b97ef55a2ad081250608152c08613075713d9b10d7558becfb19ded8e45_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-operator-bundle@sha256:6e048b97ef55a2ad081250608152c08613075713d9b10d7558becfb19ded8e45_amd64",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:19951763d79334b5e566c8d9b5acf9524268d1e5864a574632363cf540678184_arm64 as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:19951763d79334b5e566c8d9b5acf9524268d1e5864a574632363cf540678184_arm64"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:19951763d79334b5e566c8d9b5acf9524268d1e5864a574632363cf540678184_arm64",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:86224e8f5d9f5ede57e90166cde9802c1ef956737b711935b9269b387ea5b68b_ppc64le as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:86224e8f5d9f5ede57e90166cde9802c1ef956737b711935b9269b387ea5b68b_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:86224e8f5d9f5ede57e90166cde9802c1ef956737b711935b9269b387ea5b68b_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:f2c4a003335692f84e68cb660d61581a68c89607ec92fca9ca08a7e98efc8c63_s390x as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f2c4a003335692f84e68cb660d61581a68c89607ec92fca9ca08a7e98efc8c63_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:f2c4a003335692f84e68cb660d61581a68c89607ec92fca9ca08a7e98efc8c63_s390x",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:f5050789c44ce9c4de52aa34acf375efe97708a313280e395e34a6d306e5d1e0_amd64 as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f5050789c44ce9c4de52aa34acf375efe97708a313280e395e34a6d306e5d1e0_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:f5050789c44ce9c4de52aa34acf375efe97708a313280e395e34a6d306e5d1e0_amd64",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:03a485b1c02f5155f22c7820c166889b3f7d7b479892bb4d106432fa2dbf217b_arm64 as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:03a485b1c02f5155f22c7820c166889b3f7d7b479892bb4d106432fa2dbf217b_arm64"
},
"product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:03a485b1c02f5155f22c7820c166889b3f7d7b479892bb4d106432fa2dbf217b_arm64",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:117876c6c6a12beb25983da60c8c1628f350a1797888b9f03c44b9dd737844fa_amd64 as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:117876c6c6a12beb25983da60c8c1628f350a1797888b9f03c44b9dd737844fa_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:117876c6c6a12beb25983da60c8c1628f350a1797888b9f03c44b9dd737844fa_amd64",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:e82aac09336b0a36d5bc896826891ec41714ea1e05aac345a49abc4915b255ee_ppc64le as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e82aac09336b0a36d5bc896826891ec41714ea1e05aac345a49abc4915b255ee_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:e82aac09336b0a36d5bc896826891ec41714ea1e05aac345a49abc4915b255ee_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:f58b0c52270707e15747b431520150641019c9b215e864c8dfe8dec1f6e94caf_s390x as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f58b0c52270707e15747b431520150641019c9b215e864c8dfe8dec1f6e94caf_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:f58b0c52270707e15747b431520150641019c9b215e864c8dfe8dec1f6e94caf_s390x",
"relates_to_product_reference": "Red Hat Quay 3.12"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-34156",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2024-09-06T21:20:09.377905+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:056dc564e4f8ee5ee816c008b962ca6e2de3b3e86c60fd2805654b6054948caa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:24eeadd822f6f30c5e587e9d3eba06f1856a2c2e9f47daf4bad706146f50382a_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:338cd06dcc742eb7f37b3ca02ff6c5902630e1466ce3dc6b73b49c1b2b8562fa_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:92e8d6d910fa92fb05e4e0a8046b03090643509fe2a67f8efc8e1bb2b93aba10_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:edc72269317914b4612ffe859a558a886b5a244d99c016896b126f1dd35fb299_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:11c27678e7d181621669548757d07cc9ed5be4e55043d4676fd4a2fb41433498_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1f9c64d9e2b9c6c1ae2fc5d00c83498a9bb8db3a0cf5fd3545a49cce65a998ef_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cc4a64957a3e97ee564e895c50d451dd0cd472ea635a258db2ea3a0bac83e242_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e8980b92b3c6c5fe6cb076121faba33f0c70bb980e349172c0d3732c52ab8c09_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:47e327e54e2dfd7b990a196e8864262ff2ce94e760caa96a163f44fb51119f18_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a1f93c08e02b3b2651f50bcdb8297a66a4f8a5221284f30c9a3a65a14784c824_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:cd984016e01cde762b5958b8e7f8ea9f17828348104f074424a3ed14604a2544_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:ed9b563d9a2133239537b37954bbba96ba6e17f9f64d899cfd51688b9bed040a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:3b19f8efe886a379fcad216b583de6c962a231159020f363323d531c330350de_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:53c55f81a10b84f6c7756a98c30f6c018736d8691440408ded75a9d60d20abd7_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:907981736598e7544bebfc8d174fea92cc9a7769d649cbe8ce3cc296e6953856_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:f2f9b7f06fe1847d49a1d94069e1052b021f2169fb036f2b886f2f70859914de_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d6728285a5552f62e96c93eb5b0eba181582890c4fce1a0b56758d2b3c4bbdcd_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:39a26364fc2794512c6862fd0333df158d8301ca82eabf53959561fc39fbbe0f_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:412a23db39debcda082d6d85807a7983aa474e3eea8f6780c619d0b371af16ae_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5e8ae98348f50d6a50ff31a3b099afb84109ea0892b9408d16f6f32b0b657048_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:63e2f0159c3521ea5d908f331979836af72c32f18104bcf915feab123e294dd1_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:6e048b97ef55a2ad081250608152c08613075713d9b10d7558becfb19ded8e45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:19951763d79334b5e566c8d9b5acf9524268d1e5864a574632363cf540678184_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:86224e8f5d9f5ede57e90166cde9802c1ef956737b711935b9269b387ea5b68b_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f2c4a003335692f84e68cb660d61581a68c89607ec92fca9ca08a7e98efc8c63_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f5050789c44ce9c4de52aa34acf375efe97708a313280e395e34a6d306e5d1e0_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310528"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in Go\u0027s `encoding/gob` package is of high severity because it exposes applications to potential Denial of Service (DoS) attacks through stack exhaustion. Since `gob` relies on recursive function calls to decode nested structures, an attacker could exploit this by sending crafted messages with excessively deep nesting, causing the application to panic due to stack overflow. This risk is particularly important in scenarios where untrusted or external input is processed, as it can lead to system unavailability or crashes, undermining the reliability and availability of services.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:03a485b1c02f5155f22c7820c166889b3f7d7b479892bb4d106432fa2dbf217b_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:117876c6c6a12beb25983da60c8c1628f350a1797888b9f03c44b9dd737844fa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e82aac09336b0a36d5bc896826891ec41714ea1e05aac345a49abc4915b255ee_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f58b0c52270707e15747b431520150641019c9b215e864c8dfe8dec1f6e94caf_s390x"
],
"known_not_affected": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:056dc564e4f8ee5ee816c008b962ca6e2de3b3e86c60fd2805654b6054948caa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:24eeadd822f6f30c5e587e9d3eba06f1856a2c2e9f47daf4bad706146f50382a_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:338cd06dcc742eb7f37b3ca02ff6c5902630e1466ce3dc6b73b49c1b2b8562fa_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:92e8d6d910fa92fb05e4e0a8046b03090643509fe2a67f8efc8e1bb2b93aba10_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:edc72269317914b4612ffe859a558a886b5a244d99c016896b126f1dd35fb299_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:11c27678e7d181621669548757d07cc9ed5be4e55043d4676fd4a2fb41433498_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1f9c64d9e2b9c6c1ae2fc5d00c83498a9bb8db3a0cf5fd3545a49cce65a998ef_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cc4a64957a3e97ee564e895c50d451dd0cd472ea635a258db2ea3a0bac83e242_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e8980b92b3c6c5fe6cb076121faba33f0c70bb980e349172c0d3732c52ab8c09_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:47e327e54e2dfd7b990a196e8864262ff2ce94e760caa96a163f44fb51119f18_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a1f93c08e02b3b2651f50bcdb8297a66a4f8a5221284f30c9a3a65a14784c824_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:cd984016e01cde762b5958b8e7f8ea9f17828348104f074424a3ed14604a2544_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:ed9b563d9a2133239537b37954bbba96ba6e17f9f64d899cfd51688b9bed040a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:3b19f8efe886a379fcad216b583de6c962a231159020f363323d531c330350de_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:53c55f81a10b84f6c7756a98c30f6c018736d8691440408ded75a9d60d20abd7_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:907981736598e7544bebfc8d174fea92cc9a7769d649cbe8ce3cc296e6953856_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:f2f9b7f06fe1847d49a1d94069e1052b021f2169fb036f2b886f2f70859914de_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d6728285a5552f62e96c93eb5b0eba181582890c4fce1a0b56758d2b3c4bbdcd_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:39a26364fc2794512c6862fd0333df158d8301ca82eabf53959561fc39fbbe0f_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:412a23db39debcda082d6d85807a7983aa474e3eea8f6780c619d0b371af16ae_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5e8ae98348f50d6a50ff31a3b099afb84109ea0892b9408d16f6f32b0b657048_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:63e2f0159c3521ea5d908f331979836af72c32f18104bcf915feab123e294dd1_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:6e048b97ef55a2ad081250608152c08613075713d9b10d7558becfb19ded8e45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:19951763d79334b5e566c8d9b5acf9524268d1e5864a574632363cf540678184_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:86224e8f5d9f5ede57e90166cde9802c1ef956737b711935b9269b387ea5b68b_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f2c4a003335692f84e68cb660d61581a68c89607ec92fca9ca08a7e98efc8c63_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f5050789c44ce9c4de52aa34acf375efe97708a313280e395e34a6d306e5d1e0_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-34156"
},
{
"category": "external",
"summary": "RHBZ#2310528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310528"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-34156",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-34156",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34156"
},
{
"category": "external",
"summary": "https://go.dev/cl/611239",
"url": "https://go.dev/cl/611239"
},
{
"category": "external",
"summary": "https://go.dev/issue/69139",
"url": "https://go.dev/issue/69139"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk",
"url": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3106",
"url": "https://pkg.go.dev/vuln/GO-2024-3106"
}
],
"release_date": "2024-09-06T21:15:12.020000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T15:52:56+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:03a485b1c02f5155f22c7820c166889b3f7d7b479892bb4d106432fa2dbf217b_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:117876c6c6a12beb25983da60c8c1628f350a1797888b9f03c44b9dd737844fa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e82aac09336b0a36d5bc896826891ec41714ea1e05aac345a49abc4915b255ee_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f58b0c52270707e15747b431520150641019c9b215e864c8dfe8dec1f6e94caf_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1730"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:056dc564e4f8ee5ee816c008b962ca6e2de3b3e86c60fd2805654b6054948caa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:24eeadd822f6f30c5e587e9d3eba06f1856a2c2e9f47daf4bad706146f50382a_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:338cd06dcc742eb7f37b3ca02ff6c5902630e1466ce3dc6b73b49c1b2b8562fa_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:92e8d6d910fa92fb05e4e0a8046b03090643509fe2a67f8efc8e1bb2b93aba10_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:edc72269317914b4612ffe859a558a886b5a244d99c016896b126f1dd35fb299_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:11c27678e7d181621669548757d07cc9ed5be4e55043d4676fd4a2fb41433498_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1f9c64d9e2b9c6c1ae2fc5d00c83498a9bb8db3a0cf5fd3545a49cce65a998ef_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cc4a64957a3e97ee564e895c50d451dd0cd472ea635a258db2ea3a0bac83e242_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e8980b92b3c6c5fe6cb076121faba33f0c70bb980e349172c0d3732c52ab8c09_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:47e327e54e2dfd7b990a196e8864262ff2ce94e760caa96a163f44fb51119f18_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a1f93c08e02b3b2651f50bcdb8297a66a4f8a5221284f30c9a3a65a14784c824_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:cd984016e01cde762b5958b8e7f8ea9f17828348104f074424a3ed14604a2544_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:ed9b563d9a2133239537b37954bbba96ba6e17f9f64d899cfd51688b9bed040a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:3b19f8efe886a379fcad216b583de6c962a231159020f363323d531c330350de_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:53c55f81a10b84f6c7756a98c30f6c018736d8691440408ded75a9d60d20abd7_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:907981736598e7544bebfc8d174fea92cc9a7769d649cbe8ce3cc296e6953856_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:f2f9b7f06fe1847d49a1d94069e1052b021f2169fb036f2b886f2f70859914de_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d6728285a5552f62e96c93eb5b0eba181582890c4fce1a0b56758d2b3c4bbdcd_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:39a26364fc2794512c6862fd0333df158d8301ca82eabf53959561fc39fbbe0f_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:412a23db39debcda082d6d85807a7983aa474e3eea8f6780c619d0b371af16ae_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5e8ae98348f50d6a50ff31a3b099afb84109ea0892b9408d16f6f32b0b657048_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:63e2f0159c3521ea5d908f331979836af72c32f18104bcf915feab123e294dd1_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:6e048b97ef55a2ad081250608152c08613075713d9b10d7558becfb19ded8e45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:19951763d79334b5e566c8d9b5acf9524268d1e5864a574632363cf540678184_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:86224e8f5d9f5ede57e90166cde9802c1ef956737b711935b9269b387ea5b68b_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f2c4a003335692f84e68cb660d61581a68c89607ec92fca9ca08a7e98efc8c63_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f5050789c44ce9c4de52aa34acf375efe97708a313280e395e34a6d306e5d1e0_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:03a485b1c02f5155f22c7820c166889b3f7d7b479892bb4d106432fa2dbf217b_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:117876c6c6a12beb25983da60c8c1628f350a1797888b9f03c44b9dd737844fa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e82aac09336b0a36d5bc896826891ec41714ea1e05aac345a49abc4915b255ee_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f58b0c52270707e15747b431520150641019c9b215e864c8dfe8dec1f6e94caf_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:056dc564e4f8ee5ee816c008b962ca6e2de3b3e86c60fd2805654b6054948caa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:24eeadd822f6f30c5e587e9d3eba06f1856a2c2e9f47daf4bad706146f50382a_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:338cd06dcc742eb7f37b3ca02ff6c5902630e1466ce3dc6b73b49c1b2b8562fa_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:92e8d6d910fa92fb05e4e0a8046b03090643509fe2a67f8efc8e1bb2b93aba10_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:edc72269317914b4612ffe859a558a886b5a244d99c016896b126f1dd35fb299_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:11c27678e7d181621669548757d07cc9ed5be4e55043d4676fd4a2fb41433498_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1f9c64d9e2b9c6c1ae2fc5d00c83498a9bb8db3a0cf5fd3545a49cce65a998ef_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cc4a64957a3e97ee564e895c50d451dd0cd472ea635a258db2ea3a0bac83e242_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e8980b92b3c6c5fe6cb076121faba33f0c70bb980e349172c0d3732c52ab8c09_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:47e327e54e2dfd7b990a196e8864262ff2ce94e760caa96a163f44fb51119f18_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a1f93c08e02b3b2651f50bcdb8297a66a4f8a5221284f30c9a3a65a14784c824_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:cd984016e01cde762b5958b8e7f8ea9f17828348104f074424a3ed14604a2544_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:ed9b563d9a2133239537b37954bbba96ba6e17f9f64d899cfd51688b9bed040a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:3b19f8efe886a379fcad216b583de6c962a231159020f363323d531c330350de_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:53c55f81a10b84f6c7756a98c30f6c018736d8691440408ded75a9d60d20abd7_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:907981736598e7544bebfc8d174fea92cc9a7769d649cbe8ce3cc296e6953856_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:f2f9b7f06fe1847d49a1d94069e1052b021f2169fb036f2b886f2f70859914de_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d6728285a5552f62e96c93eb5b0eba181582890c4fce1a0b56758d2b3c4bbdcd_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:39a26364fc2794512c6862fd0333df158d8301ca82eabf53959561fc39fbbe0f_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:412a23db39debcda082d6d85807a7983aa474e3eea8f6780c619d0b371af16ae_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5e8ae98348f50d6a50ff31a3b099afb84109ea0892b9408d16f6f32b0b657048_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:63e2f0159c3521ea5d908f331979836af72c32f18104bcf915feab123e294dd1_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:6e048b97ef55a2ad081250608152c08613075713d9b10d7558becfb19ded8e45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:19951763d79334b5e566c8d9b5acf9524268d1e5864a574632363cf540678184_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:86224e8f5d9f5ede57e90166cde9802c1ef956737b711935b9269b387ea5b68b_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f2c4a003335692f84e68cb660d61581a68c89607ec92fca9ca08a7e98efc8c63_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f5050789c44ce9c4de52aa34acf375efe97708a313280e395e34a6d306e5d1e0_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:03a485b1c02f5155f22c7820c166889b3f7d7b479892bb4d106432fa2dbf217b_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:117876c6c6a12beb25983da60c8c1628f350a1797888b9f03c44b9dd737844fa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e82aac09336b0a36d5bc896826891ec41714ea1e05aac345a49abc4915b255ee_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f58b0c52270707e15747b431520150641019c9b215e864c8dfe8dec1f6e94caf_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion"
},
{
"cve": "CVE-2024-45337",
"cwe": {
"id": "CWE-285",
"name": "Improper Authorization"
},
"discovery_date": "2024-12-11T19:00:54.247490+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:056dc564e4f8ee5ee816c008b962ca6e2de3b3e86c60fd2805654b6054948caa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:24eeadd822f6f30c5e587e9d3eba06f1856a2c2e9f47daf4bad706146f50382a_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:338cd06dcc742eb7f37b3ca02ff6c5902630e1466ce3dc6b73b49c1b2b8562fa_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:92e8d6d910fa92fb05e4e0a8046b03090643509fe2a67f8efc8e1bb2b93aba10_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:edc72269317914b4612ffe859a558a886b5a244d99c016896b126f1dd35fb299_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:11c27678e7d181621669548757d07cc9ed5be4e55043d4676fd4a2fb41433498_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1f9c64d9e2b9c6c1ae2fc5d00c83498a9bb8db3a0cf5fd3545a49cce65a998ef_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cc4a64957a3e97ee564e895c50d451dd0cd472ea635a258db2ea3a0bac83e242_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e8980b92b3c6c5fe6cb076121faba33f0c70bb980e349172c0d3732c52ab8c09_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:47e327e54e2dfd7b990a196e8864262ff2ce94e760caa96a163f44fb51119f18_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a1f93c08e02b3b2651f50bcdb8297a66a4f8a5221284f30c9a3a65a14784c824_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:cd984016e01cde762b5958b8e7f8ea9f17828348104f074424a3ed14604a2544_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:ed9b563d9a2133239537b37954bbba96ba6e17f9f64d899cfd51688b9bed040a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:3b19f8efe886a379fcad216b583de6c962a231159020f363323d531c330350de_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:53c55f81a10b84f6c7756a98c30f6c018736d8691440408ded75a9d60d20abd7_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:907981736598e7544bebfc8d174fea92cc9a7769d649cbe8ce3cc296e6953856_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:f2f9b7f06fe1847d49a1d94069e1052b021f2169fb036f2b886f2f70859914de_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d6728285a5552f62e96c93eb5b0eba181582890c4fce1a0b56758d2b3c4bbdcd_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:39a26364fc2794512c6862fd0333df158d8301ca82eabf53959561fc39fbbe0f_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:412a23db39debcda082d6d85807a7983aa474e3eea8f6780c619d0b371af16ae_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5e8ae98348f50d6a50ff31a3b099afb84109ea0892b9408d16f6f32b0b657048_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:63e2f0159c3521ea5d908f331979836af72c32f18104bcf915feab123e294dd1_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:6e048b97ef55a2ad081250608152c08613075713d9b10d7558becfb19ded8e45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:19951763d79334b5e566c8d9b5acf9524268d1e5864a574632363cf540678184_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:86224e8f5d9f5ede57e90166cde9802c1ef956737b711935b9269b387ea5b68b_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f2c4a003335692f84e68cb660d61581a68c89607ec92fca9ca08a7e98efc8c63_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f5050789c44ce9c4de52aa34acf375efe97708a313280e395e34a6d306e5d1e0_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2331720"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the x/crypto/ssh go library. Applications and libraries that misuse the ServerConfig.PublicKeyCallback callback may be susceptible to an authorization bypass. For example, an attacker may send public keys A and B and authenticate with A. PublicKeyCallback would be called only twice, first with A and then with B. A vulnerable application may then make authorization decisions based on key B, for which the attacker does not control the private key. The misuse of ServerConfig.PublicKeyCallback may cause an authorization bypass.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is classified as important rather than critical because it does not directly enable unauthorized access but rather introduces a risk of authorization bypass if the application or library misuses the PublicKeyCallback API. The vulnerability relies on incorrect assumptions made by the application when handling the sequence or state of keys provided during SSH authentication. Properly implemented systems that use the Permissions field or avoid relying on external state remain unaffected. Additionally, the vulnerability does not allow direct exploitation to gain control over a system without the presence of insecure logic in the application\u0027s handling of authentication attempts.\n\n\nRed Hat Enterprise Linux(RHEL) 8 \u0026 9 and Red Hat Openshift marked as not affected as it was determined that the problem function `ServerConfig.PublicKeyCallback`, as noted in the CVE-2024-45337 issue, is not called by Podman, Buildah, containers-common, or the gvisor-tap-vsock projects.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:03a485b1c02f5155f22c7820c166889b3f7d7b479892bb4d106432fa2dbf217b_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:117876c6c6a12beb25983da60c8c1628f350a1797888b9f03c44b9dd737844fa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e82aac09336b0a36d5bc896826891ec41714ea1e05aac345a49abc4915b255ee_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f58b0c52270707e15747b431520150641019c9b215e864c8dfe8dec1f6e94caf_s390x"
],
"known_not_affected": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:056dc564e4f8ee5ee816c008b962ca6e2de3b3e86c60fd2805654b6054948caa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:24eeadd822f6f30c5e587e9d3eba06f1856a2c2e9f47daf4bad706146f50382a_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:338cd06dcc742eb7f37b3ca02ff6c5902630e1466ce3dc6b73b49c1b2b8562fa_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:92e8d6d910fa92fb05e4e0a8046b03090643509fe2a67f8efc8e1bb2b93aba10_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:edc72269317914b4612ffe859a558a886b5a244d99c016896b126f1dd35fb299_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:11c27678e7d181621669548757d07cc9ed5be4e55043d4676fd4a2fb41433498_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1f9c64d9e2b9c6c1ae2fc5d00c83498a9bb8db3a0cf5fd3545a49cce65a998ef_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cc4a64957a3e97ee564e895c50d451dd0cd472ea635a258db2ea3a0bac83e242_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e8980b92b3c6c5fe6cb076121faba33f0c70bb980e349172c0d3732c52ab8c09_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:47e327e54e2dfd7b990a196e8864262ff2ce94e760caa96a163f44fb51119f18_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a1f93c08e02b3b2651f50bcdb8297a66a4f8a5221284f30c9a3a65a14784c824_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:cd984016e01cde762b5958b8e7f8ea9f17828348104f074424a3ed14604a2544_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:ed9b563d9a2133239537b37954bbba96ba6e17f9f64d899cfd51688b9bed040a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:3b19f8efe886a379fcad216b583de6c962a231159020f363323d531c330350de_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:53c55f81a10b84f6c7756a98c30f6c018736d8691440408ded75a9d60d20abd7_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:907981736598e7544bebfc8d174fea92cc9a7769d649cbe8ce3cc296e6953856_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:f2f9b7f06fe1847d49a1d94069e1052b021f2169fb036f2b886f2f70859914de_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d6728285a5552f62e96c93eb5b0eba181582890c4fce1a0b56758d2b3c4bbdcd_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:39a26364fc2794512c6862fd0333df158d8301ca82eabf53959561fc39fbbe0f_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:412a23db39debcda082d6d85807a7983aa474e3eea8f6780c619d0b371af16ae_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5e8ae98348f50d6a50ff31a3b099afb84109ea0892b9408d16f6f32b0b657048_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:63e2f0159c3521ea5d908f331979836af72c32f18104bcf915feab123e294dd1_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:6e048b97ef55a2ad081250608152c08613075713d9b10d7558becfb19ded8e45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:19951763d79334b5e566c8d9b5acf9524268d1e5864a574632363cf540678184_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:86224e8f5d9f5ede57e90166cde9802c1ef956737b711935b9269b387ea5b68b_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f2c4a003335692f84e68cb660d61581a68c89607ec92fca9ca08a7e98efc8c63_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f5050789c44ce9c4de52aa34acf375efe97708a313280e395e34a6d306e5d1e0_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45337"
},
{
"category": "external",
"summary": "RHBZ#2331720",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331720"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45337",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45337"
},
{
"category": "external",
"summary": "https://github.com/golang/crypto/commit/b4f1988a35dee11ec3e05d6bf3e90b695fbd8909",
"url": "https://github.com/golang/crypto/commit/b4f1988a35dee11ec3e05d6bf3e90b695fbd8909"
},
{
"category": "external",
"summary": "https://go.dev/cl/635315",
"url": "https://go.dev/cl/635315"
},
{
"category": "external",
"summary": "https://go.dev/issue/70779",
"url": "https://go.dev/issue/70779"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/-nPEi39gI4Q/m/cGVPJCqdAQAJ",
"url": "https://groups.google.com/g/golang-announce/c/-nPEi39gI4Q/m/cGVPJCqdAQAJ"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3321",
"url": "https://pkg.go.dev/vuln/GO-2024-3321"
}
],
"release_date": "2024-12-11T18:55:58.506000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T15:52:56+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:03a485b1c02f5155f22c7820c166889b3f7d7b479892bb4d106432fa2dbf217b_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:117876c6c6a12beb25983da60c8c1628f350a1797888b9f03c44b9dd737844fa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e82aac09336b0a36d5bc896826891ec41714ea1e05aac345a49abc4915b255ee_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f58b0c52270707e15747b431520150641019c9b215e864c8dfe8dec1f6e94caf_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1730"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:056dc564e4f8ee5ee816c008b962ca6e2de3b3e86c60fd2805654b6054948caa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:24eeadd822f6f30c5e587e9d3eba06f1856a2c2e9f47daf4bad706146f50382a_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:338cd06dcc742eb7f37b3ca02ff6c5902630e1466ce3dc6b73b49c1b2b8562fa_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:92e8d6d910fa92fb05e4e0a8046b03090643509fe2a67f8efc8e1bb2b93aba10_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:edc72269317914b4612ffe859a558a886b5a244d99c016896b126f1dd35fb299_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:11c27678e7d181621669548757d07cc9ed5be4e55043d4676fd4a2fb41433498_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1f9c64d9e2b9c6c1ae2fc5d00c83498a9bb8db3a0cf5fd3545a49cce65a998ef_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cc4a64957a3e97ee564e895c50d451dd0cd472ea635a258db2ea3a0bac83e242_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e8980b92b3c6c5fe6cb076121faba33f0c70bb980e349172c0d3732c52ab8c09_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:47e327e54e2dfd7b990a196e8864262ff2ce94e760caa96a163f44fb51119f18_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a1f93c08e02b3b2651f50bcdb8297a66a4f8a5221284f30c9a3a65a14784c824_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:cd984016e01cde762b5958b8e7f8ea9f17828348104f074424a3ed14604a2544_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:ed9b563d9a2133239537b37954bbba96ba6e17f9f64d899cfd51688b9bed040a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:3b19f8efe886a379fcad216b583de6c962a231159020f363323d531c330350de_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:53c55f81a10b84f6c7756a98c30f6c018736d8691440408ded75a9d60d20abd7_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:907981736598e7544bebfc8d174fea92cc9a7769d649cbe8ce3cc296e6953856_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:f2f9b7f06fe1847d49a1d94069e1052b021f2169fb036f2b886f2f70859914de_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d6728285a5552f62e96c93eb5b0eba181582890c4fce1a0b56758d2b3c4bbdcd_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:39a26364fc2794512c6862fd0333df158d8301ca82eabf53959561fc39fbbe0f_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:412a23db39debcda082d6d85807a7983aa474e3eea8f6780c619d0b371af16ae_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5e8ae98348f50d6a50ff31a3b099afb84109ea0892b9408d16f6f32b0b657048_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:63e2f0159c3521ea5d908f331979836af72c32f18104bcf915feab123e294dd1_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:6e048b97ef55a2ad081250608152c08613075713d9b10d7558becfb19ded8e45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:19951763d79334b5e566c8d9b5acf9524268d1e5864a574632363cf540678184_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:86224e8f5d9f5ede57e90166cde9802c1ef956737b711935b9269b387ea5b68b_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f2c4a003335692f84e68cb660d61581a68c89607ec92fca9ca08a7e98efc8c63_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f5050789c44ce9c4de52aa34acf375efe97708a313280e395e34a6d306e5d1e0_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:03a485b1c02f5155f22c7820c166889b3f7d7b479892bb4d106432fa2dbf217b_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:117876c6c6a12beb25983da60c8c1628f350a1797888b9f03c44b9dd737844fa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e82aac09336b0a36d5bc896826891ec41714ea1e05aac345a49abc4915b255ee_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f58b0c52270707e15747b431520150641019c9b215e864c8dfe8dec1f6e94caf_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:056dc564e4f8ee5ee816c008b962ca6e2de3b3e86c60fd2805654b6054948caa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:24eeadd822f6f30c5e587e9d3eba06f1856a2c2e9f47daf4bad706146f50382a_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:338cd06dcc742eb7f37b3ca02ff6c5902630e1466ce3dc6b73b49c1b2b8562fa_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:92e8d6d910fa92fb05e4e0a8046b03090643509fe2a67f8efc8e1bb2b93aba10_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:edc72269317914b4612ffe859a558a886b5a244d99c016896b126f1dd35fb299_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:11c27678e7d181621669548757d07cc9ed5be4e55043d4676fd4a2fb41433498_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1f9c64d9e2b9c6c1ae2fc5d00c83498a9bb8db3a0cf5fd3545a49cce65a998ef_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cc4a64957a3e97ee564e895c50d451dd0cd472ea635a258db2ea3a0bac83e242_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e8980b92b3c6c5fe6cb076121faba33f0c70bb980e349172c0d3732c52ab8c09_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:47e327e54e2dfd7b990a196e8864262ff2ce94e760caa96a163f44fb51119f18_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a1f93c08e02b3b2651f50bcdb8297a66a4f8a5221284f30c9a3a65a14784c824_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:cd984016e01cde762b5958b8e7f8ea9f17828348104f074424a3ed14604a2544_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:ed9b563d9a2133239537b37954bbba96ba6e17f9f64d899cfd51688b9bed040a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:3b19f8efe886a379fcad216b583de6c962a231159020f363323d531c330350de_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:53c55f81a10b84f6c7756a98c30f6c018736d8691440408ded75a9d60d20abd7_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:907981736598e7544bebfc8d174fea92cc9a7769d649cbe8ce3cc296e6953856_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:f2f9b7f06fe1847d49a1d94069e1052b021f2169fb036f2b886f2f70859914de_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d6728285a5552f62e96c93eb5b0eba181582890c4fce1a0b56758d2b3c4bbdcd_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:39a26364fc2794512c6862fd0333df158d8301ca82eabf53959561fc39fbbe0f_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:412a23db39debcda082d6d85807a7983aa474e3eea8f6780c619d0b371af16ae_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5e8ae98348f50d6a50ff31a3b099afb84109ea0892b9408d16f6f32b0b657048_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:63e2f0159c3521ea5d908f331979836af72c32f18104bcf915feab123e294dd1_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:6e048b97ef55a2ad081250608152c08613075713d9b10d7558becfb19ded8e45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:19951763d79334b5e566c8d9b5acf9524268d1e5864a574632363cf540678184_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:86224e8f5d9f5ede57e90166cde9802c1ef956737b711935b9269b387ea5b68b_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f2c4a003335692f84e68cb660d61581a68c89607ec92fca9ca08a7e98efc8c63_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f5050789c44ce9c4de52aa34acf375efe97708a313280e395e34a6d306e5d1e0_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:03a485b1c02f5155f22c7820c166889b3f7d7b479892bb4d106432fa2dbf217b_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:117876c6c6a12beb25983da60c8c1628f350a1797888b9f03c44b9dd737844fa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e82aac09336b0a36d5bc896826891ec41714ea1e05aac345a49abc4915b255ee_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f58b0c52270707e15747b431520150641019c9b215e864c8dfe8dec1f6e94caf_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto"
},
{
"cve": "CVE-2024-45338",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2024-12-18T21:00:59.938173+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:056dc564e4f8ee5ee816c008b962ca6e2de3b3e86c60fd2805654b6054948caa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:24eeadd822f6f30c5e587e9d3eba06f1856a2c2e9f47daf4bad706146f50382a_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:338cd06dcc742eb7f37b3ca02ff6c5902630e1466ce3dc6b73b49c1b2b8562fa_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:92e8d6d910fa92fb05e4e0a8046b03090643509fe2a67f8efc8e1bb2b93aba10_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:edc72269317914b4612ffe859a558a886b5a244d99c016896b126f1dd35fb299_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:11c27678e7d181621669548757d07cc9ed5be4e55043d4676fd4a2fb41433498_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1f9c64d9e2b9c6c1ae2fc5d00c83498a9bb8db3a0cf5fd3545a49cce65a998ef_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cc4a64957a3e97ee564e895c50d451dd0cd472ea635a258db2ea3a0bac83e242_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e8980b92b3c6c5fe6cb076121faba33f0c70bb980e349172c0d3732c52ab8c09_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:47e327e54e2dfd7b990a196e8864262ff2ce94e760caa96a163f44fb51119f18_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a1f93c08e02b3b2651f50bcdb8297a66a4f8a5221284f30c9a3a65a14784c824_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:cd984016e01cde762b5958b8e7f8ea9f17828348104f074424a3ed14604a2544_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:ed9b563d9a2133239537b37954bbba96ba6e17f9f64d899cfd51688b9bed040a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:3b19f8efe886a379fcad216b583de6c962a231159020f363323d531c330350de_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:53c55f81a10b84f6c7756a98c30f6c018736d8691440408ded75a9d60d20abd7_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:907981736598e7544bebfc8d174fea92cc9a7769d649cbe8ce3cc296e6953856_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:f2f9b7f06fe1847d49a1d94069e1052b021f2169fb036f2b886f2f70859914de_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d6728285a5552f62e96c93eb5b0eba181582890c4fce1a0b56758d2b3c4bbdcd_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:39a26364fc2794512c6862fd0333df158d8301ca82eabf53959561fc39fbbe0f_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:412a23db39debcda082d6d85807a7983aa474e3eea8f6780c619d0b371af16ae_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5e8ae98348f50d6a50ff31a3b099afb84109ea0892b9408d16f6f32b0b657048_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:63e2f0159c3521ea5d908f331979836af72c32f18104bcf915feab123e294dd1_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:6e048b97ef55a2ad081250608152c08613075713d9b10d7558becfb19ded8e45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:19951763d79334b5e566c8d9b5acf9524268d1e5864a574632363cf540678184_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:86224e8f5d9f5ede57e90166cde9802c1ef956737b711935b9269b387ea5b68b_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f2c4a003335692f84e68cb660d61581a68c89607ec92fca9ca08a7e98efc8c63_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f5050789c44ce9c4de52aa34acf375efe97708a313280e395e34a6d306e5d1e0_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2333122"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/net/html. This flaw allows an attacker to craft input to the parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This issue can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as an Important severity because an attacker can craft malicious input that causes the parsing functions to process data non-linearly, resulting in significant delays which leads to a denial of service by exhausting system resources.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:03a485b1c02f5155f22c7820c166889b3f7d7b479892bb4d106432fa2dbf217b_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:117876c6c6a12beb25983da60c8c1628f350a1797888b9f03c44b9dd737844fa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e82aac09336b0a36d5bc896826891ec41714ea1e05aac345a49abc4915b255ee_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f58b0c52270707e15747b431520150641019c9b215e864c8dfe8dec1f6e94caf_s390x"
],
"known_not_affected": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:056dc564e4f8ee5ee816c008b962ca6e2de3b3e86c60fd2805654b6054948caa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:24eeadd822f6f30c5e587e9d3eba06f1856a2c2e9f47daf4bad706146f50382a_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:338cd06dcc742eb7f37b3ca02ff6c5902630e1466ce3dc6b73b49c1b2b8562fa_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:92e8d6d910fa92fb05e4e0a8046b03090643509fe2a67f8efc8e1bb2b93aba10_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:edc72269317914b4612ffe859a558a886b5a244d99c016896b126f1dd35fb299_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:11c27678e7d181621669548757d07cc9ed5be4e55043d4676fd4a2fb41433498_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1f9c64d9e2b9c6c1ae2fc5d00c83498a9bb8db3a0cf5fd3545a49cce65a998ef_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cc4a64957a3e97ee564e895c50d451dd0cd472ea635a258db2ea3a0bac83e242_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e8980b92b3c6c5fe6cb076121faba33f0c70bb980e349172c0d3732c52ab8c09_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:47e327e54e2dfd7b990a196e8864262ff2ce94e760caa96a163f44fb51119f18_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a1f93c08e02b3b2651f50bcdb8297a66a4f8a5221284f30c9a3a65a14784c824_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:cd984016e01cde762b5958b8e7f8ea9f17828348104f074424a3ed14604a2544_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:ed9b563d9a2133239537b37954bbba96ba6e17f9f64d899cfd51688b9bed040a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:3b19f8efe886a379fcad216b583de6c962a231159020f363323d531c330350de_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:53c55f81a10b84f6c7756a98c30f6c018736d8691440408ded75a9d60d20abd7_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:907981736598e7544bebfc8d174fea92cc9a7769d649cbe8ce3cc296e6953856_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:f2f9b7f06fe1847d49a1d94069e1052b021f2169fb036f2b886f2f70859914de_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d6728285a5552f62e96c93eb5b0eba181582890c4fce1a0b56758d2b3c4bbdcd_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:39a26364fc2794512c6862fd0333df158d8301ca82eabf53959561fc39fbbe0f_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:412a23db39debcda082d6d85807a7983aa474e3eea8f6780c619d0b371af16ae_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5e8ae98348f50d6a50ff31a3b099afb84109ea0892b9408d16f6f32b0b657048_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:63e2f0159c3521ea5d908f331979836af72c32f18104bcf915feab123e294dd1_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:6e048b97ef55a2ad081250608152c08613075713d9b10d7558becfb19ded8e45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:19951763d79334b5e566c8d9b5acf9524268d1e5864a574632363cf540678184_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:86224e8f5d9f5ede57e90166cde9802c1ef956737b711935b9269b387ea5b68b_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f2c4a003335692f84e68cb660d61581a68c89607ec92fca9ca08a7e98efc8c63_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f5050789c44ce9c4de52aa34acf375efe97708a313280e395e34a6d306e5d1e0_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45338"
},
{
"category": "external",
"summary": "RHBZ#2333122",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333122"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45338"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45338",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45338"
},
{
"category": "external",
"summary": "https://go.dev/cl/637536",
"url": "https://go.dev/cl/637536"
},
{
"category": "external",
"summary": "https://go.dev/issue/70906",
"url": "https://go.dev/issue/70906"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ",
"url": "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3333",
"url": "https://pkg.go.dev/vuln/GO-2024-3333"
}
],
"release_date": "2024-12-18T20:38:22.660000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T15:52:56+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:03a485b1c02f5155f22c7820c166889b3f7d7b479892bb4d106432fa2dbf217b_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:117876c6c6a12beb25983da60c8c1628f350a1797888b9f03c44b9dd737844fa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e82aac09336b0a36d5bc896826891ec41714ea1e05aac345a49abc4915b255ee_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f58b0c52270707e15747b431520150641019c9b215e864c8dfe8dec1f6e94caf_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1730"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:056dc564e4f8ee5ee816c008b962ca6e2de3b3e86c60fd2805654b6054948caa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:24eeadd822f6f30c5e587e9d3eba06f1856a2c2e9f47daf4bad706146f50382a_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:338cd06dcc742eb7f37b3ca02ff6c5902630e1466ce3dc6b73b49c1b2b8562fa_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:92e8d6d910fa92fb05e4e0a8046b03090643509fe2a67f8efc8e1bb2b93aba10_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:edc72269317914b4612ffe859a558a886b5a244d99c016896b126f1dd35fb299_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:11c27678e7d181621669548757d07cc9ed5be4e55043d4676fd4a2fb41433498_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1f9c64d9e2b9c6c1ae2fc5d00c83498a9bb8db3a0cf5fd3545a49cce65a998ef_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cc4a64957a3e97ee564e895c50d451dd0cd472ea635a258db2ea3a0bac83e242_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e8980b92b3c6c5fe6cb076121faba33f0c70bb980e349172c0d3732c52ab8c09_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:47e327e54e2dfd7b990a196e8864262ff2ce94e760caa96a163f44fb51119f18_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a1f93c08e02b3b2651f50bcdb8297a66a4f8a5221284f30c9a3a65a14784c824_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:cd984016e01cde762b5958b8e7f8ea9f17828348104f074424a3ed14604a2544_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:ed9b563d9a2133239537b37954bbba96ba6e17f9f64d899cfd51688b9bed040a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:3b19f8efe886a379fcad216b583de6c962a231159020f363323d531c330350de_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:53c55f81a10b84f6c7756a98c30f6c018736d8691440408ded75a9d60d20abd7_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:907981736598e7544bebfc8d174fea92cc9a7769d649cbe8ce3cc296e6953856_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:f2f9b7f06fe1847d49a1d94069e1052b021f2169fb036f2b886f2f70859914de_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d6728285a5552f62e96c93eb5b0eba181582890c4fce1a0b56758d2b3c4bbdcd_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:39a26364fc2794512c6862fd0333df158d8301ca82eabf53959561fc39fbbe0f_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:412a23db39debcda082d6d85807a7983aa474e3eea8f6780c619d0b371af16ae_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5e8ae98348f50d6a50ff31a3b099afb84109ea0892b9408d16f6f32b0b657048_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:63e2f0159c3521ea5d908f331979836af72c32f18104bcf915feab123e294dd1_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:6e048b97ef55a2ad081250608152c08613075713d9b10d7558becfb19ded8e45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:19951763d79334b5e566c8d9b5acf9524268d1e5864a574632363cf540678184_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:86224e8f5d9f5ede57e90166cde9802c1ef956737b711935b9269b387ea5b68b_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f2c4a003335692f84e68cb660d61581a68c89607ec92fca9ca08a7e98efc8c63_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f5050789c44ce9c4de52aa34acf375efe97708a313280e395e34a6d306e5d1e0_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:03a485b1c02f5155f22c7820c166889b3f7d7b479892bb4d106432fa2dbf217b_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:117876c6c6a12beb25983da60c8c1628f350a1797888b9f03c44b9dd737844fa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e82aac09336b0a36d5bc896826891ec41714ea1e05aac345a49abc4915b255ee_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f58b0c52270707e15747b431520150641019c9b215e864c8dfe8dec1f6e94caf_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html"
},
{
"cve": "CVE-2025-12816",
"cwe": {
"id": "CWE-179",
"name": "Incorrect Behavior Order: Early Validation"
},
"discovery_date": "2025-11-25T20:01:05.875196+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:056dc564e4f8ee5ee816c008b962ca6e2de3b3e86c60fd2805654b6054948caa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:24eeadd822f6f30c5e587e9d3eba06f1856a2c2e9f47daf4bad706146f50382a_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:338cd06dcc742eb7f37b3ca02ff6c5902630e1466ce3dc6b73b49c1b2b8562fa_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:92e8d6d910fa92fb05e4e0a8046b03090643509fe2a67f8efc8e1bb2b93aba10_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:edc72269317914b4612ffe859a558a886b5a244d99c016896b126f1dd35fb299_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:11c27678e7d181621669548757d07cc9ed5be4e55043d4676fd4a2fb41433498_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1f9c64d9e2b9c6c1ae2fc5d00c83498a9bb8db3a0cf5fd3545a49cce65a998ef_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cc4a64957a3e97ee564e895c50d451dd0cd472ea635a258db2ea3a0bac83e242_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e8980b92b3c6c5fe6cb076121faba33f0c70bb980e349172c0d3732c52ab8c09_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:47e327e54e2dfd7b990a196e8864262ff2ce94e760caa96a163f44fb51119f18_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a1f93c08e02b3b2651f50bcdb8297a66a4f8a5221284f30c9a3a65a14784c824_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:cd984016e01cde762b5958b8e7f8ea9f17828348104f074424a3ed14604a2544_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:ed9b563d9a2133239537b37954bbba96ba6e17f9f64d899cfd51688b9bed040a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:3b19f8efe886a379fcad216b583de6c962a231159020f363323d531c330350de_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:53c55f81a10b84f6c7756a98c30f6c018736d8691440408ded75a9d60d20abd7_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:907981736598e7544bebfc8d174fea92cc9a7769d649cbe8ce3cc296e6953856_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:f2f9b7f06fe1847d49a1d94069e1052b021f2169fb036f2b886f2f70859914de_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d6728285a5552f62e96c93eb5b0eba181582890c4fce1a0b56758d2b3c4bbdcd_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:39a26364fc2794512c6862fd0333df158d8301ca82eabf53959561fc39fbbe0f_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:412a23db39debcda082d6d85807a7983aa474e3eea8f6780c619d0b371af16ae_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5e8ae98348f50d6a50ff31a3b099afb84109ea0892b9408d16f6f32b0b657048_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:63e2f0159c3521ea5d908f331979836af72c32f18104bcf915feab123e294dd1_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:6e048b97ef55a2ad081250608152c08613075713d9b10d7558becfb19ded8e45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:19951763d79334b5e566c8d9b5acf9524268d1e5864a574632363cf540678184_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:86224e8f5d9f5ede57e90166cde9802c1ef956737b711935b9269b387ea5b68b_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f2c4a003335692f84e68cb660d61581a68c89607ec92fca9ca08a7e98efc8c63_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f5050789c44ce9c4de52aa34acf375efe97708a313280e395e34a6d306e5d1e0_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2417097"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in node-forge. This vulnerability allows unauthenticated attackers to bypass downstream cryptographic verifications and security decisions via crafting ASN.1 (Abstract Syntax Notation One) structures to desynchronize schema validations, yielding a semantic divergence.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: node-forge: Interpretation conflict vulnerability allows bypassing cryptographic verifications",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products due to an interpretation conflict in the node-forge library. An unauthenticated attacker could exploit this flaw by crafting malicious ASN.1 structures, leading to a bypass of cryptographic verifications and security decisions in affected applications. This impacts various Red Hat products that utilize node-forge for cryptographic operations.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:03a485b1c02f5155f22c7820c166889b3f7d7b479892bb4d106432fa2dbf217b_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:117876c6c6a12beb25983da60c8c1628f350a1797888b9f03c44b9dd737844fa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e82aac09336b0a36d5bc896826891ec41714ea1e05aac345a49abc4915b255ee_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f58b0c52270707e15747b431520150641019c9b215e864c8dfe8dec1f6e94caf_s390x"
],
"known_not_affected": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:056dc564e4f8ee5ee816c008b962ca6e2de3b3e86c60fd2805654b6054948caa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:24eeadd822f6f30c5e587e9d3eba06f1856a2c2e9f47daf4bad706146f50382a_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:338cd06dcc742eb7f37b3ca02ff6c5902630e1466ce3dc6b73b49c1b2b8562fa_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:92e8d6d910fa92fb05e4e0a8046b03090643509fe2a67f8efc8e1bb2b93aba10_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:edc72269317914b4612ffe859a558a886b5a244d99c016896b126f1dd35fb299_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:11c27678e7d181621669548757d07cc9ed5be4e55043d4676fd4a2fb41433498_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1f9c64d9e2b9c6c1ae2fc5d00c83498a9bb8db3a0cf5fd3545a49cce65a998ef_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cc4a64957a3e97ee564e895c50d451dd0cd472ea635a258db2ea3a0bac83e242_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e8980b92b3c6c5fe6cb076121faba33f0c70bb980e349172c0d3732c52ab8c09_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:47e327e54e2dfd7b990a196e8864262ff2ce94e760caa96a163f44fb51119f18_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a1f93c08e02b3b2651f50bcdb8297a66a4f8a5221284f30c9a3a65a14784c824_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:cd984016e01cde762b5958b8e7f8ea9f17828348104f074424a3ed14604a2544_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:ed9b563d9a2133239537b37954bbba96ba6e17f9f64d899cfd51688b9bed040a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:3b19f8efe886a379fcad216b583de6c962a231159020f363323d531c330350de_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:53c55f81a10b84f6c7756a98c30f6c018736d8691440408ded75a9d60d20abd7_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:907981736598e7544bebfc8d174fea92cc9a7769d649cbe8ce3cc296e6953856_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:f2f9b7f06fe1847d49a1d94069e1052b021f2169fb036f2b886f2f70859914de_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d6728285a5552f62e96c93eb5b0eba181582890c4fce1a0b56758d2b3c4bbdcd_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:39a26364fc2794512c6862fd0333df158d8301ca82eabf53959561fc39fbbe0f_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:412a23db39debcda082d6d85807a7983aa474e3eea8f6780c619d0b371af16ae_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5e8ae98348f50d6a50ff31a3b099afb84109ea0892b9408d16f6f32b0b657048_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:63e2f0159c3521ea5d908f331979836af72c32f18104bcf915feab123e294dd1_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:6e048b97ef55a2ad081250608152c08613075713d9b10d7558becfb19ded8e45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:19951763d79334b5e566c8d9b5acf9524268d1e5864a574632363cf540678184_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:86224e8f5d9f5ede57e90166cde9802c1ef956737b711935b9269b387ea5b68b_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f2c4a003335692f84e68cb660d61581a68c89607ec92fca9ca08a7e98efc8c63_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f5050789c44ce9c4de52aa34acf375efe97708a313280e395e34a6d306e5d1e0_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-12816"
},
{
"category": "external",
"summary": "RHBZ#2417097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-12816",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12816"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-12816",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12816"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge",
"url": "https://github.com/digitalbazaar/forge"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/pull/1124",
"url": "https://github.com/digitalbazaar/forge/pull/1124"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5gfm-wpxj-wjgq",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5gfm-wpxj-wjgq"
},
{
"category": "external",
"summary": "https://kb.cert.org/vuls/id/521113",
"url": "https://kb.cert.org/vuls/id/521113"
},
{
"category": "external",
"summary": "https://www.npmjs.com/package/node-forge",
"url": "https://www.npmjs.com/package/node-forge"
}
],
"release_date": "2025-11-25T19:15:50.243000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T15:52:56+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:03a485b1c02f5155f22c7820c166889b3f7d7b479892bb4d106432fa2dbf217b_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:117876c6c6a12beb25983da60c8c1628f350a1797888b9f03c44b9dd737844fa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e82aac09336b0a36d5bc896826891ec41714ea1e05aac345a49abc4915b255ee_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f58b0c52270707e15747b431520150641019c9b215e864c8dfe8dec1f6e94caf_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1730"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:056dc564e4f8ee5ee816c008b962ca6e2de3b3e86c60fd2805654b6054948caa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:24eeadd822f6f30c5e587e9d3eba06f1856a2c2e9f47daf4bad706146f50382a_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:338cd06dcc742eb7f37b3ca02ff6c5902630e1466ce3dc6b73b49c1b2b8562fa_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:92e8d6d910fa92fb05e4e0a8046b03090643509fe2a67f8efc8e1bb2b93aba10_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:edc72269317914b4612ffe859a558a886b5a244d99c016896b126f1dd35fb299_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:11c27678e7d181621669548757d07cc9ed5be4e55043d4676fd4a2fb41433498_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1f9c64d9e2b9c6c1ae2fc5d00c83498a9bb8db3a0cf5fd3545a49cce65a998ef_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cc4a64957a3e97ee564e895c50d451dd0cd472ea635a258db2ea3a0bac83e242_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e8980b92b3c6c5fe6cb076121faba33f0c70bb980e349172c0d3732c52ab8c09_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:47e327e54e2dfd7b990a196e8864262ff2ce94e760caa96a163f44fb51119f18_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a1f93c08e02b3b2651f50bcdb8297a66a4f8a5221284f30c9a3a65a14784c824_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:cd984016e01cde762b5958b8e7f8ea9f17828348104f074424a3ed14604a2544_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:ed9b563d9a2133239537b37954bbba96ba6e17f9f64d899cfd51688b9bed040a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:3b19f8efe886a379fcad216b583de6c962a231159020f363323d531c330350de_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:53c55f81a10b84f6c7756a98c30f6c018736d8691440408ded75a9d60d20abd7_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:907981736598e7544bebfc8d174fea92cc9a7769d649cbe8ce3cc296e6953856_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:f2f9b7f06fe1847d49a1d94069e1052b021f2169fb036f2b886f2f70859914de_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d6728285a5552f62e96c93eb5b0eba181582890c4fce1a0b56758d2b3c4bbdcd_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:39a26364fc2794512c6862fd0333df158d8301ca82eabf53959561fc39fbbe0f_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:412a23db39debcda082d6d85807a7983aa474e3eea8f6780c619d0b371af16ae_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5e8ae98348f50d6a50ff31a3b099afb84109ea0892b9408d16f6f32b0b657048_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:63e2f0159c3521ea5d908f331979836af72c32f18104bcf915feab123e294dd1_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:6e048b97ef55a2ad081250608152c08613075713d9b10d7558becfb19ded8e45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:19951763d79334b5e566c8d9b5acf9524268d1e5864a574632363cf540678184_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:86224e8f5d9f5ede57e90166cde9802c1ef956737b711935b9269b387ea5b68b_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f2c4a003335692f84e68cb660d61581a68c89607ec92fca9ca08a7e98efc8c63_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f5050789c44ce9c4de52aa34acf375efe97708a313280e395e34a6d306e5d1e0_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:03a485b1c02f5155f22c7820c166889b3f7d7b479892bb4d106432fa2dbf217b_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:117876c6c6a12beb25983da60c8c1628f350a1797888b9f03c44b9dd737844fa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e82aac09336b0a36d5bc896826891ec41714ea1e05aac345a49abc4915b255ee_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f58b0c52270707e15747b431520150641019c9b215e864c8dfe8dec1f6e94caf_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:056dc564e4f8ee5ee816c008b962ca6e2de3b3e86c60fd2805654b6054948caa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:24eeadd822f6f30c5e587e9d3eba06f1856a2c2e9f47daf4bad706146f50382a_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:338cd06dcc742eb7f37b3ca02ff6c5902630e1466ce3dc6b73b49c1b2b8562fa_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:92e8d6d910fa92fb05e4e0a8046b03090643509fe2a67f8efc8e1bb2b93aba10_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:edc72269317914b4612ffe859a558a886b5a244d99c016896b126f1dd35fb299_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:11c27678e7d181621669548757d07cc9ed5be4e55043d4676fd4a2fb41433498_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1f9c64d9e2b9c6c1ae2fc5d00c83498a9bb8db3a0cf5fd3545a49cce65a998ef_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cc4a64957a3e97ee564e895c50d451dd0cd472ea635a258db2ea3a0bac83e242_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e8980b92b3c6c5fe6cb076121faba33f0c70bb980e349172c0d3732c52ab8c09_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:47e327e54e2dfd7b990a196e8864262ff2ce94e760caa96a163f44fb51119f18_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a1f93c08e02b3b2651f50bcdb8297a66a4f8a5221284f30c9a3a65a14784c824_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:cd984016e01cde762b5958b8e7f8ea9f17828348104f074424a3ed14604a2544_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:ed9b563d9a2133239537b37954bbba96ba6e17f9f64d899cfd51688b9bed040a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:3b19f8efe886a379fcad216b583de6c962a231159020f363323d531c330350de_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:53c55f81a10b84f6c7756a98c30f6c018736d8691440408ded75a9d60d20abd7_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:907981736598e7544bebfc8d174fea92cc9a7769d649cbe8ce3cc296e6953856_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:f2f9b7f06fe1847d49a1d94069e1052b021f2169fb036f2b886f2f70859914de_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d6728285a5552f62e96c93eb5b0eba181582890c4fce1a0b56758d2b3c4bbdcd_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:39a26364fc2794512c6862fd0333df158d8301ca82eabf53959561fc39fbbe0f_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:412a23db39debcda082d6d85807a7983aa474e3eea8f6780c619d0b371af16ae_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5e8ae98348f50d6a50ff31a3b099afb84109ea0892b9408d16f6f32b0b657048_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:63e2f0159c3521ea5d908f331979836af72c32f18104bcf915feab123e294dd1_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:6e048b97ef55a2ad081250608152c08613075713d9b10d7558becfb19ded8e45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:19951763d79334b5e566c8d9b5acf9524268d1e5864a574632363cf540678184_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:86224e8f5d9f5ede57e90166cde9802c1ef956737b711935b9269b387ea5b68b_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f2c4a003335692f84e68cb660d61581a68c89607ec92fca9ca08a7e98efc8c63_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f5050789c44ce9c4de52aa34acf375efe97708a313280e395e34a6d306e5d1e0_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:03a485b1c02f5155f22c7820c166889b3f7d7b479892bb4d106432fa2dbf217b_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:117876c6c6a12beb25983da60c8c1628f350a1797888b9f03c44b9dd737844fa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e82aac09336b0a36d5bc896826891ec41714ea1e05aac345a49abc4915b255ee_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f58b0c52270707e15747b431520150641019c9b215e864c8dfe8dec1f6e94caf_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "node-forge: node-forge: Interpretation conflict vulnerability allows bypassing cryptographic verifications"
},
{
"cve": "CVE-2025-15284",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-12-29T23:00:58.541337+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:056dc564e4f8ee5ee816c008b962ca6e2de3b3e86c60fd2805654b6054948caa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:24eeadd822f6f30c5e587e9d3eba06f1856a2c2e9f47daf4bad706146f50382a_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:338cd06dcc742eb7f37b3ca02ff6c5902630e1466ce3dc6b73b49c1b2b8562fa_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:92e8d6d910fa92fb05e4e0a8046b03090643509fe2a67f8efc8e1bb2b93aba10_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:edc72269317914b4612ffe859a558a886b5a244d99c016896b126f1dd35fb299_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:11c27678e7d181621669548757d07cc9ed5be4e55043d4676fd4a2fb41433498_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1f9c64d9e2b9c6c1ae2fc5d00c83498a9bb8db3a0cf5fd3545a49cce65a998ef_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cc4a64957a3e97ee564e895c50d451dd0cd472ea635a258db2ea3a0bac83e242_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e8980b92b3c6c5fe6cb076121faba33f0c70bb980e349172c0d3732c52ab8c09_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:47e327e54e2dfd7b990a196e8864262ff2ce94e760caa96a163f44fb51119f18_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a1f93c08e02b3b2651f50bcdb8297a66a4f8a5221284f30c9a3a65a14784c824_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:cd984016e01cde762b5958b8e7f8ea9f17828348104f074424a3ed14604a2544_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:ed9b563d9a2133239537b37954bbba96ba6e17f9f64d899cfd51688b9bed040a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:3b19f8efe886a379fcad216b583de6c962a231159020f363323d531c330350de_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:53c55f81a10b84f6c7756a98c30f6c018736d8691440408ded75a9d60d20abd7_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:907981736598e7544bebfc8d174fea92cc9a7769d649cbe8ce3cc296e6953856_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:f2f9b7f06fe1847d49a1d94069e1052b021f2169fb036f2b886f2f70859914de_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d6728285a5552f62e96c93eb5b0eba181582890c4fce1a0b56758d2b3c4bbdcd_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:39a26364fc2794512c6862fd0333df158d8301ca82eabf53959561fc39fbbe0f_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:412a23db39debcda082d6d85807a7983aa474e3eea8f6780c619d0b371af16ae_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5e8ae98348f50d6a50ff31a3b099afb84109ea0892b9408d16f6f32b0b657048_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:63e2f0159c3521ea5d908f331979836af72c32f18104bcf915feab123e294dd1_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:6e048b97ef55a2ad081250608152c08613075713d9b10d7558becfb19ded8e45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:19951763d79334b5e566c8d9b5acf9524268d1e5864a574632363cf540678184_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:86224e8f5d9f5ede57e90166cde9802c1ef956737b711935b9269b387ea5b68b_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f2c4a003335692f84e68cb660d61581a68c89607ec92fca9ca08a7e98efc8c63_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f5050789c44ce9c4de52aa34acf375efe97708a313280e395e34a6d306e5d1e0_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2425946"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in qs, a module used for parsing query strings. A remote attacker can exploit an improper input validation vulnerability by sending specially crafted HTTP requests that use bracket notation (e.g., `a[]=value`). This bypasses the `arrayLimit` option, which is designed to limit the size of parsed arrays and prevent resource exhaustion. Successful exploitation can lead to memory exhaustion, causing a Denial of Service (DoS) where the application crashes or becomes unresponsive, making the service unavailable to users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "qs: qs: Denial of Service via improper input validation in array parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products that utilize the `qs` module for parsing query strings, particularly when processing user-controlled input with bracket notation. The `arrayLimit` option, intended to prevent resource exhaustion, is bypassed when bracket notation (`a[]=value`) is used, allowing a remote attacker to cause a denial of service through memory exhaustion. This can lead to application crashes or unresponsiveness, making the service unavailable.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:03a485b1c02f5155f22c7820c166889b3f7d7b479892bb4d106432fa2dbf217b_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:117876c6c6a12beb25983da60c8c1628f350a1797888b9f03c44b9dd737844fa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e82aac09336b0a36d5bc896826891ec41714ea1e05aac345a49abc4915b255ee_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f58b0c52270707e15747b431520150641019c9b215e864c8dfe8dec1f6e94caf_s390x"
],
"known_not_affected": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:056dc564e4f8ee5ee816c008b962ca6e2de3b3e86c60fd2805654b6054948caa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:24eeadd822f6f30c5e587e9d3eba06f1856a2c2e9f47daf4bad706146f50382a_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:338cd06dcc742eb7f37b3ca02ff6c5902630e1466ce3dc6b73b49c1b2b8562fa_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:92e8d6d910fa92fb05e4e0a8046b03090643509fe2a67f8efc8e1bb2b93aba10_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:edc72269317914b4612ffe859a558a886b5a244d99c016896b126f1dd35fb299_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:11c27678e7d181621669548757d07cc9ed5be4e55043d4676fd4a2fb41433498_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1f9c64d9e2b9c6c1ae2fc5d00c83498a9bb8db3a0cf5fd3545a49cce65a998ef_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cc4a64957a3e97ee564e895c50d451dd0cd472ea635a258db2ea3a0bac83e242_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e8980b92b3c6c5fe6cb076121faba33f0c70bb980e349172c0d3732c52ab8c09_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:47e327e54e2dfd7b990a196e8864262ff2ce94e760caa96a163f44fb51119f18_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a1f93c08e02b3b2651f50bcdb8297a66a4f8a5221284f30c9a3a65a14784c824_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:cd984016e01cde762b5958b8e7f8ea9f17828348104f074424a3ed14604a2544_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:ed9b563d9a2133239537b37954bbba96ba6e17f9f64d899cfd51688b9bed040a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:3b19f8efe886a379fcad216b583de6c962a231159020f363323d531c330350de_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:53c55f81a10b84f6c7756a98c30f6c018736d8691440408ded75a9d60d20abd7_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:907981736598e7544bebfc8d174fea92cc9a7769d649cbe8ce3cc296e6953856_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:f2f9b7f06fe1847d49a1d94069e1052b021f2169fb036f2b886f2f70859914de_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d6728285a5552f62e96c93eb5b0eba181582890c4fce1a0b56758d2b3c4bbdcd_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:39a26364fc2794512c6862fd0333df158d8301ca82eabf53959561fc39fbbe0f_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:412a23db39debcda082d6d85807a7983aa474e3eea8f6780c619d0b371af16ae_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5e8ae98348f50d6a50ff31a3b099afb84109ea0892b9408d16f6f32b0b657048_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:63e2f0159c3521ea5d908f331979836af72c32f18104bcf915feab123e294dd1_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:6e048b97ef55a2ad081250608152c08613075713d9b10d7558becfb19ded8e45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:19951763d79334b5e566c8d9b5acf9524268d1e5864a574632363cf540678184_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:86224e8f5d9f5ede57e90166cde9802c1ef956737b711935b9269b387ea5b68b_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f2c4a003335692f84e68cb660d61581a68c89607ec92fca9ca08a7e98efc8c63_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f5050789c44ce9c4de52aa34acf375efe97708a313280e395e34a6d306e5d1e0_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-15284"
},
{
"category": "external",
"summary": "RHBZ#2425946",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425946"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-15284",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15284"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-15284",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-15284"
},
{
"category": "external",
"summary": "https://github.com/ljharb/qs/commit/3086902ecf7f088d0d1803887643ac6c03d415b9",
"url": "https://github.com/ljharb/qs/commit/3086902ecf7f088d0d1803887643ac6c03d415b9"
},
{
"category": "external",
"summary": "https://github.com/ljharb/qs/security/advisories/GHSA-6rw7-vpxm-498p",
"url": "https://github.com/ljharb/qs/security/advisories/GHSA-6rw7-vpxm-498p"
}
],
"release_date": "2025-12-29T22:56:45.240000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T15:52:56+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:03a485b1c02f5155f22c7820c166889b3f7d7b479892bb4d106432fa2dbf217b_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:117876c6c6a12beb25983da60c8c1628f350a1797888b9f03c44b9dd737844fa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e82aac09336b0a36d5bc896826891ec41714ea1e05aac345a49abc4915b255ee_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f58b0c52270707e15747b431520150641019c9b215e864c8dfe8dec1f6e94caf_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1730"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:056dc564e4f8ee5ee816c008b962ca6e2de3b3e86c60fd2805654b6054948caa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:24eeadd822f6f30c5e587e9d3eba06f1856a2c2e9f47daf4bad706146f50382a_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:338cd06dcc742eb7f37b3ca02ff6c5902630e1466ce3dc6b73b49c1b2b8562fa_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:92e8d6d910fa92fb05e4e0a8046b03090643509fe2a67f8efc8e1bb2b93aba10_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:edc72269317914b4612ffe859a558a886b5a244d99c016896b126f1dd35fb299_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:11c27678e7d181621669548757d07cc9ed5be4e55043d4676fd4a2fb41433498_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1f9c64d9e2b9c6c1ae2fc5d00c83498a9bb8db3a0cf5fd3545a49cce65a998ef_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cc4a64957a3e97ee564e895c50d451dd0cd472ea635a258db2ea3a0bac83e242_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e8980b92b3c6c5fe6cb076121faba33f0c70bb980e349172c0d3732c52ab8c09_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:47e327e54e2dfd7b990a196e8864262ff2ce94e760caa96a163f44fb51119f18_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a1f93c08e02b3b2651f50bcdb8297a66a4f8a5221284f30c9a3a65a14784c824_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:cd984016e01cde762b5958b8e7f8ea9f17828348104f074424a3ed14604a2544_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:ed9b563d9a2133239537b37954bbba96ba6e17f9f64d899cfd51688b9bed040a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:3b19f8efe886a379fcad216b583de6c962a231159020f363323d531c330350de_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:53c55f81a10b84f6c7756a98c30f6c018736d8691440408ded75a9d60d20abd7_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:907981736598e7544bebfc8d174fea92cc9a7769d649cbe8ce3cc296e6953856_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:f2f9b7f06fe1847d49a1d94069e1052b021f2169fb036f2b886f2f70859914de_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d6728285a5552f62e96c93eb5b0eba181582890c4fce1a0b56758d2b3c4bbdcd_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:39a26364fc2794512c6862fd0333df158d8301ca82eabf53959561fc39fbbe0f_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:412a23db39debcda082d6d85807a7983aa474e3eea8f6780c619d0b371af16ae_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5e8ae98348f50d6a50ff31a3b099afb84109ea0892b9408d16f6f32b0b657048_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:63e2f0159c3521ea5d908f331979836af72c32f18104bcf915feab123e294dd1_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:6e048b97ef55a2ad081250608152c08613075713d9b10d7558becfb19ded8e45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:19951763d79334b5e566c8d9b5acf9524268d1e5864a574632363cf540678184_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:86224e8f5d9f5ede57e90166cde9802c1ef956737b711935b9269b387ea5b68b_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f2c4a003335692f84e68cb660d61581a68c89607ec92fca9ca08a7e98efc8c63_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f5050789c44ce9c4de52aa34acf375efe97708a313280e395e34a6d306e5d1e0_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:03a485b1c02f5155f22c7820c166889b3f7d7b479892bb4d106432fa2dbf217b_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:117876c6c6a12beb25983da60c8c1628f350a1797888b9f03c44b9dd737844fa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e82aac09336b0a36d5bc896826891ec41714ea1e05aac345a49abc4915b255ee_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f58b0c52270707e15747b431520150641019c9b215e864c8dfe8dec1f6e94caf_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:056dc564e4f8ee5ee816c008b962ca6e2de3b3e86c60fd2805654b6054948caa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:24eeadd822f6f30c5e587e9d3eba06f1856a2c2e9f47daf4bad706146f50382a_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:338cd06dcc742eb7f37b3ca02ff6c5902630e1466ce3dc6b73b49c1b2b8562fa_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:92e8d6d910fa92fb05e4e0a8046b03090643509fe2a67f8efc8e1bb2b93aba10_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:edc72269317914b4612ffe859a558a886b5a244d99c016896b126f1dd35fb299_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:11c27678e7d181621669548757d07cc9ed5be4e55043d4676fd4a2fb41433498_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1f9c64d9e2b9c6c1ae2fc5d00c83498a9bb8db3a0cf5fd3545a49cce65a998ef_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cc4a64957a3e97ee564e895c50d451dd0cd472ea635a258db2ea3a0bac83e242_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e8980b92b3c6c5fe6cb076121faba33f0c70bb980e349172c0d3732c52ab8c09_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:47e327e54e2dfd7b990a196e8864262ff2ce94e760caa96a163f44fb51119f18_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a1f93c08e02b3b2651f50bcdb8297a66a4f8a5221284f30c9a3a65a14784c824_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:cd984016e01cde762b5958b8e7f8ea9f17828348104f074424a3ed14604a2544_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:ed9b563d9a2133239537b37954bbba96ba6e17f9f64d899cfd51688b9bed040a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:3b19f8efe886a379fcad216b583de6c962a231159020f363323d531c330350de_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:53c55f81a10b84f6c7756a98c30f6c018736d8691440408ded75a9d60d20abd7_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:907981736598e7544bebfc8d174fea92cc9a7769d649cbe8ce3cc296e6953856_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:f2f9b7f06fe1847d49a1d94069e1052b021f2169fb036f2b886f2f70859914de_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d6728285a5552f62e96c93eb5b0eba181582890c4fce1a0b56758d2b3c4bbdcd_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:39a26364fc2794512c6862fd0333df158d8301ca82eabf53959561fc39fbbe0f_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:412a23db39debcda082d6d85807a7983aa474e3eea8f6780c619d0b371af16ae_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5e8ae98348f50d6a50ff31a3b099afb84109ea0892b9408d16f6f32b0b657048_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:63e2f0159c3521ea5d908f331979836af72c32f18104bcf915feab123e294dd1_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:6e048b97ef55a2ad081250608152c08613075713d9b10d7558becfb19ded8e45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:19951763d79334b5e566c8d9b5acf9524268d1e5864a574632363cf540678184_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:86224e8f5d9f5ede57e90166cde9802c1ef956737b711935b9269b387ea5b68b_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f2c4a003335692f84e68cb660d61581a68c89607ec92fca9ca08a7e98efc8c63_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f5050789c44ce9c4de52aa34acf375efe97708a313280e395e34a6d306e5d1e0_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:03a485b1c02f5155f22c7820c166889b3f7d7b479892bb4d106432fa2dbf217b_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:117876c6c6a12beb25983da60c8c1628f350a1797888b9f03c44b9dd737844fa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e82aac09336b0a36d5bc896826891ec41714ea1e05aac345a49abc4915b255ee_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f58b0c52270707e15747b431520150641019c9b215e864c8dfe8dec1f6e94caf_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "qs: qs: Denial of Service via improper input validation in array parsing"
},
{
"cve": "CVE-2025-52881",
"cwe": {
"id": "CWE-59",
"name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
},
"discovery_date": "2025-10-17T14:19:18.652000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:056dc564e4f8ee5ee816c008b962ca6e2de3b3e86c60fd2805654b6054948caa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:24eeadd822f6f30c5e587e9d3eba06f1856a2c2e9f47daf4bad706146f50382a_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:338cd06dcc742eb7f37b3ca02ff6c5902630e1466ce3dc6b73b49c1b2b8562fa_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:92e8d6d910fa92fb05e4e0a8046b03090643509fe2a67f8efc8e1bb2b93aba10_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:edc72269317914b4612ffe859a558a886b5a244d99c016896b126f1dd35fb299_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:11c27678e7d181621669548757d07cc9ed5be4e55043d4676fd4a2fb41433498_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1f9c64d9e2b9c6c1ae2fc5d00c83498a9bb8db3a0cf5fd3545a49cce65a998ef_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cc4a64957a3e97ee564e895c50d451dd0cd472ea635a258db2ea3a0bac83e242_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e8980b92b3c6c5fe6cb076121faba33f0c70bb980e349172c0d3732c52ab8c09_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:47e327e54e2dfd7b990a196e8864262ff2ce94e760caa96a163f44fb51119f18_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a1f93c08e02b3b2651f50bcdb8297a66a4f8a5221284f30c9a3a65a14784c824_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:cd984016e01cde762b5958b8e7f8ea9f17828348104f074424a3ed14604a2544_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:ed9b563d9a2133239537b37954bbba96ba6e17f9f64d899cfd51688b9bed040a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:3b19f8efe886a379fcad216b583de6c962a231159020f363323d531c330350de_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:53c55f81a10b84f6c7756a98c30f6c018736d8691440408ded75a9d60d20abd7_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:907981736598e7544bebfc8d174fea92cc9a7769d649cbe8ce3cc296e6953856_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:f2f9b7f06fe1847d49a1d94069e1052b021f2169fb036f2b886f2f70859914de_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d6728285a5552f62e96c93eb5b0eba181582890c4fce1a0b56758d2b3c4bbdcd_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:39a26364fc2794512c6862fd0333df158d8301ca82eabf53959561fc39fbbe0f_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:412a23db39debcda082d6d85807a7983aa474e3eea8f6780c619d0b371af16ae_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5e8ae98348f50d6a50ff31a3b099afb84109ea0892b9408d16f6f32b0b657048_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:63e2f0159c3521ea5d908f331979836af72c32f18104bcf915feab123e294dd1_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:6e048b97ef55a2ad081250608152c08613075713d9b10d7558becfb19ded8e45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:19951763d79334b5e566c8d9b5acf9524268d1e5864a574632363cf540678184_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:86224e8f5d9f5ede57e90166cde9802c1ef956737b711935b9269b387ea5b68b_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f2c4a003335692f84e68cb660d61581a68c89607ec92fca9ca08a7e98efc8c63_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f5050789c44ce9c4de52aa34acf375efe97708a313280e395e34a6d306e5d1e0_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2404715"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in runc. This attack is a more sophisticated variant of CVE-2019-16884, which was a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process. The mitigation applied for CVE-2019-16884 was fairly limited and effectively only caused runc to verify that when we write LSM labels that those labels are actual procfs files.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat considers this as an Important flaw since the impact is limited to local attack with minimal privileges in order to jeopardize the environment.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:03a485b1c02f5155f22c7820c166889b3f7d7b479892bb4d106432fa2dbf217b_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:117876c6c6a12beb25983da60c8c1628f350a1797888b9f03c44b9dd737844fa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e82aac09336b0a36d5bc896826891ec41714ea1e05aac345a49abc4915b255ee_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f58b0c52270707e15747b431520150641019c9b215e864c8dfe8dec1f6e94caf_s390x"
],
"known_not_affected": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:056dc564e4f8ee5ee816c008b962ca6e2de3b3e86c60fd2805654b6054948caa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:24eeadd822f6f30c5e587e9d3eba06f1856a2c2e9f47daf4bad706146f50382a_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:338cd06dcc742eb7f37b3ca02ff6c5902630e1466ce3dc6b73b49c1b2b8562fa_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:92e8d6d910fa92fb05e4e0a8046b03090643509fe2a67f8efc8e1bb2b93aba10_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:edc72269317914b4612ffe859a558a886b5a244d99c016896b126f1dd35fb299_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:11c27678e7d181621669548757d07cc9ed5be4e55043d4676fd4a2fb41433498_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1f9c64d9e2b9c6c1ae2fc5d00c83498a9bb8db3a0cf5fd3545a49cce65a998ef_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cc4a64957a3e97ee564e895c50d451dd0cd472ea635a258db2ea3a0bac83e242_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e8980b92b3c6c5fe6cb076121faba33f0c70bb980e349172c0d3732c52ab8c09_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:47e327e54e2dfd7b990a196e8864262ff2ce94e760caa96a163f44fb51119f18_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a1f93c08e02b3b2651f50bcdb8297a66a4f8a5221284f30c9a3a65a14784c824_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:cd984016e01cde762b5958b8e7f8ea9f17828348104f074424a3ed14604a2544_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:ed9b563d9a2133239537b37954bbba96ba6e17f9f64d899cfd51688b9bed040a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:3b19f8efe886a379fcad216b583de6c962a231159020f363323d531c330350de_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:53c55f81a10b84f6c7756a98c30f6c018736d8691440408ded75a9d60d20abd7_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:907981736598e7544bebfc8d174fea92cc9a7769d649cbe8ce3cc296e6953856_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:f2f9b7f06fe1847d49a1d94069e1052b021f2169fb036f2b886f2f70859914de_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d6728285a5552f62e96c93eb5b0eba181582890c4fce1a0b56758d2b3c4bbdcd_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:39a26364fc2794512c6862fd0333df158d8301ca82eabf53959561fc39fbbe0f_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:412a23db39debcda082d6d85807a7983aa474e3eea8f6780c619d0b371af16ae_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5e8ae98348f50d6a50ff31a3b099afb84109ea0892b9408d16f6f32b0b657048_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:63e2f0159c3521ea5d908f331979836af72c32f18104bcf915feab123e294dd1_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:6e048b97ef55a2ad081250608152c08613075713d9b10d7558becfb19ded8e45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:19951763d79334b5e566c8d9b5acf9524268d1e5864a574632363cf540678184_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:86224e8f5d9f5ede57e90166cde9802c1ef956737b711935b9269b387ea5b68b_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f2c4a003335692f84e68cb660d61581a68c89607ec92fca9ca08a7e98efc8c63_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f5050789c44ce9c4de52aa34acf375efe97708a313280e395e34a6d306e5d1e0_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-52881"
},
{
"category": "external",
"summary": "RHBZ#2404715",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2404715"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-52881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52881"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-52881",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-52881"
},
{
"category": "external",
"summary": "https://github.com/opencontainers/runc/security/advisories/GHSA-cgrx-mc8f-2prm",
"url": "https://github.com/opencontainers/runc/security/advisories/GHSA-cgrx-mc8f-2prm"
},
{
"category": "external",
"summary": "https://github.com/opencontainers/selinux/pull/237",
"url": "https://github.com/opencontainers/selinux/pull/237"
}
],
"release_date": "2025-11-05T09:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T15:52:56+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:03a485b1c02f5155f22c7820c166889b3f7d7b479892bb4d106432fa2dbf217b_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:117876c6c6a12beb25983da60c8c1628f350a1797888b9f03c44b9dd737844fa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e82aac09336b0a36d5bc896826891ec41714ea1e05aac345a49abc4915b255ee_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f58b0c52270707e15747b431520150641019c9b215e864c8dfe8dec1f6e94caf_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1730"
},
{
"category": "workaround",
"details": "Potential mitigations for this issue include:\n\n* Using rootless containers, as doing so will block most of the inadvertent writes (runc would run with reduced privileges, making attempts to write to procfs files ineffective).\n* Based on our analysis, neither AppArmor or SELinux can protect against the full version of the redirected write attack. The container runtime is generally privileged enough to write to arbitrary procfs files, which is more than sufficient to cause a container breakout.",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:056dc564e4f8ee5ee816c008b962ca6e2de3b3e86c60fd2805654b6054948caa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:24eeadd822f6f30c5e587e9d3eba06f1856a2c2e9f47daf4bad706146f50382a_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:338cd06dcc742eb7f37b3ca02ff6c5902630e1466ce3dc6b73b49c1b2b8562fa_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:92e8d6d910fa92fb05e4e0a8046b03090643509fe2a67f8efc8e1bb2b93aba10_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:edc72269317914b4612ffe859a558a886b5a244d99c016896b126f1dd35fb299_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:11c27678e7d181621669548757d07cc9ed5be4e55043d4676fd4a2fb41433498_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1f9c64d9e2b9c6c1ae2fc5d00c83498a9bb8db3a0cf5fd3545a49cce65a998ef_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cc4a64957a3e97ee564e895c50d451dd0cd472ea635a258db2ea3a0bac83e242_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e8980b92b3c6c5fe6cb076121faba33f0c70bb980e349172c0d3732c52ab8c09_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:47e327e54e2dfd7b990a196e8864262ff2ce94e760caa96a163f44fb51119f18_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a1f93c08e02b3b2651f50bcdb8297a66a4f8a5221284f30c9a3a65a14784c824_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:cd984016e01cde762b5958b8e7f8ea9f17828348104f074424a3ed14604a2544_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:ed9b563d9a2133239537b37954bbba96ba6e17f9f64d899cfd51688b9bed040a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:3b19f8efe886a379fcad216b583de6c962a231159020f363323d531c330350de_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:53c55f81a10b84f6c7756a98c30f6c018736d8691440408ded75a9d60d20abd7_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:907981736598e7544bebfc8d174fea92cc9a7769d649cbe8ce3cc296e6953856_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:f2f9b7f06fe1847d49a1d94069e1052b021f2169fb036f2b886f2f70859914de_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d6728285a5552f62e96c93eb5b0eba181582890c4fce1a0b56758d2b3c4bbdcd_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:39a26364fc2794512c6862fd0333df158d8301ca82eabf53959561fc39fbbe0f_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:412a23db39debcda082d6d85807a7983aa474e3eea8f6780c619d0b371af16ae_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5e8ae98348f50d6a50ff31a3b099afb84109ea0892b9408d16f6f32b0b657048_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:63e2f0159c3521ea5d908f331979836af72c32f18104bcf915feab123e294dd1_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:6e048b97ef55a2ad081250608152c08613075713d9b10d7558becfb19ded8e45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:19951763d79334b5e566c8d9b5acf9524268d1e5864a574632363cf540678184_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:86224e8f5d9f5ede57e90166cde9802c1ef956737b711935b9269b387ea5b68b_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f2c4a003335692f84e68cb660d61581a68c89607ec92fca9ca08a7e98efc8c63_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f5050789c44ce9c4de52aa34acf375efe97708a313280e395e34a6d306e5d1e0_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:03a485b1c02f5155f22c7820c166889b3f7d7b479892bb4d106432fa2dbf217b_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:117876c6c6a12beb25983da60c8c1628f350a1797888b9f03c44b9dd737844fa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e82aac09336b0a36d5bc896826891ec41714ea1e05aac345a49abc4915b255ee_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f58b0c52270707e15747b431520150641019c9b215e864c8dfe8dec1f6e94caf_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:056dc564e4f8ee5ee816c008b962ca6e2de3b3e86c60fd2805654b6054948caa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:24eeadd822f6f30c5e587e9d3eba06f1856a2c2e9f47daf4bad706146f50382a_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:338cd06dcc742eb7f37b3ca02ff6c5902630e1466ce3dc6b73b49c1b2b8562fa_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:92e8d6d910fa92fb05e4e0a8046b03090643509fe2a67f8efc8e1bb2b93aba10_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:edc72269317914b4612ffe859a558a886b5a244d99c016896b126f1dd35fb299_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:11c27678e7d181621669548757d07cc9ed5be4e55043d4676fd4a2fb41433498_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1f9c64d9e2b9c6c1ae2fc5d00c83498a9bb8db3a0cf5fd3545a49cce65a998ef_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cc4a64957a3e97ee564e895c50d451dd0cd472ea635a258db2ea3a0bac83e242_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e8980b92b3c6c5fe6cb076121faba33f0c70bb980e349172c0d3732c52ab8c09_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:47e327e54e2dfd7b990a196e8864262ff2ce94e760caa96a163f44fb51119f18_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a1f93c08e02b3b2651f50bcdb8297a66a4f8a5221284f30c9a3a65a14784c824_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:cd984016e01cde762b5958b8e7f8ea9f17828348104f074424a3ed14604a2544_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:ed9b563d9a2133239537b37954bbba96ba6e17f9f64d899cfd51688b9bed040a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:3b19f8efe886a379fcad216b583de6c962a231159020f363323d531c330350de_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:53c55f81a10b84f6c7756a98c30f6c018736d8691440408ded75a9d60d20abd7_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:907981736598e7544bebfc8d174fea92cc9a7769d649cbe8ce3cc296e6953856_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:f2f9b7f06fe1847d49a1d94069e1052b021f2169fb036f2b886f2f70859914de_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d6728285a5552f62e96c93eb5b0eba181582890c4fce1a0b56758d2b3c4bbdcd_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:39a26364fc2794512c6862fd0333df158d8301ca82eabf53959561fc39fbbe0f_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:412a23db39debcda082d6d85807a7983aa474e3eea8f6780c619d0b371af16ae_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5e8ae98348f50d6a50ff31a3b099afb84109ea0892b9408d16f6f32b0b657048_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:63e2f0159c3521ea5d908f331979836af72c32f18104bcf915feab123e294dd1_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:6e048b97ef55a2ad081250608152c08613075713d9b10d7558becfb19ded8e45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:19951763d79334b5e566c8d9b5acf9524268d1e5864a574632363cf540678184_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:86224e8f5d9f5ede57e90166cde9802c1ef956737b711935b9269b387ea5b68b_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f2c4a003335692f84e68cb660d61581a68c89607ec92fca9ca08a7e98efc8c63_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f5050789c44ce9c4de52aa34acf375efe97708a313280e395e34a6d306e5d1e0_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:03a485b1c02f5155f22c7820c166889b3f7d7b479892bb4d106432fa2dbf217b_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:117876c6c6a12beb25983da60c8c1628f350a1797888b9f03c44b9dd737844fa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e82aac09336b0a36d5bc896826891ec41714ea1e05aac345a49abc4915b255ee_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f58b0c52270707e15747b431520150641019c9b215e864c8dfe8dec1f6e94caf_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects"
},
{
"cve": "CVE-2025-65945",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"discovery_date": "2025-12-04T19:01:14.733682+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:056dc564e4f8ee5ee816c008b962ca6e2de3b3e86c60fd2805654b6054948caa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:24eeadd822f6f30c5e587e9d3eba06f1856a2c2e9f47daf4bad706146f50382a_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:338cd06dcc742eb7f37b3ca02ff6c5902630e1466ce3dc6b73b49c1b2b8562fa_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:92e8d6d910fa92fb05e4e0a8046b03090643509fe2a67f8efc8e1bb2b93aba10_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:edc72269317914b4612ffe859a558a886b5a244d99c016896b126f1dd35fb299_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:11c27678e7d181621669548757d07cc9ed5be4e55043d4676fd4a2fb41433498_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1f9c64d9e2b9c6c1ae2fc5d00c83498a9bb8db3a0cf5fd3545a49cce65a998ef_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cc4a64957a3e97ee564e895c50d451dd0cd472ea635a258db2ea3a0bac83e242_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e8980b92b3c6c5fe6cb076121faba33f0c70bb980e349172c0d3732c52ab8c09_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:47e327e54e2dfd7b990a196e8864262ff2ce94e760caa96a163f44fb51119f18_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a1f93c08e02b3b2651f50bcdb8297a66a4f8a5221284f30c9a3a65a14784c824_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:cd984016e01cde762b5958b8e7f8ea9f17828348104f074424a3ed14604a2544_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:ed9b563d9a2133239537b37954bbba96ba6e17f9f64d899cfd51688b9bed040a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:3b19f8efe886a379fcad216b583de6c962a231159020f363323d531c330350de_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:53c55f81a10b84f6c7756a98c30f6c018736d8691440408ded75a9d60d20abd7_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:907981736598e7544bebfc8d174fea92cc9a7769d649cbe8ce3cc296e6953856_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:f2f9b7f06fe1847d49a1d94069e1052b021f2169fb036f2b886f2f70859914de_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d6728285a5552f62e96c93eb5b0eba181582890c4fce1a0b56758d2b3c4bbdcd_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:39a26364fc2794512c6862fd0333df158d8301ca82eabf53959561fc39fbbe0f_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:412a23db39debcda082d6d85807a7983aa474e3eea8f6780c619d0b371af16ae_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5e8ae98348f50d6a50ff31a3b099afb84109ea0892b9408d16f6f32b0b657048_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:63e2f0159c3521ea5d908f331979836af72c32f18104bcf915feab123e294dd1_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:6e048b97ef55a2ad081250608152c08613075713d9b10d7558becfb19ded8e45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:19951763d79334b5e566c8d9b5acf9524268d1e5864a574632363cf540678184_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:86224e8f5d9f5ede57e90166cde9802c1ef956737b711935b9269b387ea5b68b_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f2c4a003335692f84e68cb660d61581a68c89607ec92fca9ca08a7e98efc8c63_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f5050789c44ce9c4de52aa34acf375efe97708a313280e395e34a6d306e5d1e0_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418904"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in auth0/node-jws. This vulnerability allows improper signature verification via using the HS256 (Hash-based Message Authentication Code using SHA-256) algorithm under specific conditions, where applications use the jws.createVerify() function for HMAC (Keyed-Hash Message Authentication Code) algorithms and user-provided data from the JSON (JavaScript Object Notation) Web Signature protected header or payload in HMAC secret lookup routines.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-jws: auth0/node-jws: Improper signature verification in HS256 algorithm",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:03a485b1c02f5155f22c7820c166889b3f7d7b479892bb4d106432fa2dbf217b_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:117876c6c6a12beb25983da60c8c1628f350a1797888b9f03c44b9dd737844fa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e82aac09336b0a36d5bc896826891ec41714ea1e05aac345a49abc4915b255ee_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f58b0c52270707e15747b431520150641019c9b215e864c8dfe8dec1f6e94caf_s390x"
],
"known_not_affected": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:056dc564e4f8ee5ee816c008b962ca6e2de3b3e86c60fd2805654b6054948caa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:24eeadd822f6f30c5e587e9d3eba06f1856a2c2e9f47daf4bad706146f50382a_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:338cd06dcc742eb7f37b3ca02ff6c5902630e1466ce3dc6b73b49c1b2b8562fa_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:92e8d6d910fa92fb05e4e0a8046b03090643509fe2a67f8efc8e1bb2b93aba10_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:edc72269317914b4612ffe859a558a886b5a244d99c016896b126f1dd35fb299_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:11c27678e7d181621669548757d07cc9ed5be4e55043d4676fd4a2fb41433498_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1f9c64d9e2b9c6c1ae2fc5d00c83498a9bb8db3a0cf5fd3545a49cce65a998ef_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cc4a64957a3e97ee564e895c50d451dd0cd472ea635a258db2ea3a0bac83e242_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e8980b92b3c6c5fe6cb076121faba33f0c70bb980e349172c0d3732c52ab8c09_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:47e327e54e2dfd7b990a196e8864262ff2ce94e760caa96a163f44fb51119f18_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a1f93c08e02b3b2651f50bcdb8297a66a4f8a5221284f30c9a3a65a14784c824_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:cd984016e01cde762b5958b8e7f8ea9f17828348104f074424a3ed14604a2544_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:ed9b563d9a2133239537b37954bbba96ba6e17f9f64d899cfd51688b9bed040a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:3b19f8efe886a379fcad216b583de6c962a231159020f363323d531c330350de_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:53c55f81a10b84f6c7756a98c30f6c018736d8691440408ded75a9d60d20abd7_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:907981736598e7544bebfc8d174fea92cc9a7769d649cbe8ce3cc296e6953856_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:f2f9b7f06fe1847d49a1d94069e1052b021f2169fb036f2b886f2f70859914de_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d6728285a5552f62e96c93eb5b0eba181582890c4fce1a0b56758d2b3c4bbdcd_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:39a26364fc2794512c6862fd0333df158d8301ca82eabf53959561fc39fbbe0f_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:412a23db39debcda082d6d85807a7983aa474e3eea8f6780c619d0b371af16ae_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5e8ae98348f50d6a50ff31a3b099afb84109ea0892b9408d16f6f32b0b657048_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:63e2f0159c3521ea5d908f331979836af72c32f18104bcf915feab123e294dd1_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:6e048b97ef55a2ad081250608152c08613075713d9b10d7558becfb19ded8e45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:19951763d79334b5e566c8d9b5acf9524268d1e5864a574632363cf540678184_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:86224e8f5d9f5ede57e90166cde9802c1ef956737b711935b9269b387ea5b68b_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f2c4a003335692f84e68cb660d61581a68c89607ec92fca9ca08a7e98efc8c63_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f5050789c44ce9c4de52aa34acf375efe97708a313280e395e34a6d306e5d1e0_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-65945"
},
{
"category": "external",
"summary": "RHBZ#2418904",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418904"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-65945",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-65945"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-65945",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-65945"
},
{
"category": "external",
"summary": "https://github.com/auth0/node-jws/commit/34c45b2c04434f925b638de6a061de9339c0ea2e",
"url": "https://github.com/auth0/node-jws/commit/34c45b2c04434f925b638de6a061de9339c0ea2e"
},
{
"category": "external",
"summary": "https://github.com/auth0/node-jws/security/advisories/GHSA-869p-cjfg-cm3x",
"url": "https://github.com/auth0/node-jws/security/advisories/GHSA-869p-cjfg-cm3x"
}
],
"release_date": "2025-12-04T18:45:37.517000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T15:52:56+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:03a485b1c02f5155f22c7820c166889b3f7d7b479892bb4d106432fa2dbf217b_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:117876c6c6a12beb25983da60c8c1628f350a1797888b9f03c44b9dd737844fa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e82aac09336b0a36d5bc896826891ec41714ea1e05aac345a49abc4915b255ee_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f58b0c52270707e15747b431520150641019c9b215e864c8dfe8dec1f6e94caf_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1730"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:056dc564e4f8ee5ee816c008b962ca6e2de3b3e86c60fd2805654b6054948caa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:24eeadd822f6f30c5e587e9d3eba06f1856a2c2e9f47daf4bad706146f50382a_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:338cd06dcc742eb7f37b3ca02ff6c5902630e1466ce3dc6b73b49c1b2b8562fa_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:92e8d6d910fa92fb05e4e0a8046b03090643509fe2a67f8efc8e1bb2b93aba10_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:edc72269317914b4612ffe859a558a886b5a244d99c016896b126f1dd35fb299_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:11c27678e7d181621669548757d07cc9ed5be4e55043d4676fd4a2fb41433498_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1f9c64d9e2b9c6c1ae2fc5d00c83498a9bb8db3a0cf5fd3545a49cce65a998ef_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cc4a64957a3e97ee564e895c50d451dd0cd472ea635a258db2ea3a0bac83e242_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e8980b92b3c6c5fe6cb076121faba33f0c70bb980e349172c0d3732c52ab8c09_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:47e327e54e2dfd7b990a196e8864262ff2ce94e760caa96a163f44fb51119f18_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a1f93c08e02b3b2651f50bcdb8297a66a4f8a5221284f30c9a3a65a14784c824_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:cd984016e01cde762b5958b8e7f8ea9f17828348104f074424a3ed14604a2544_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:ed9b563d9a2133239537b37954bbba96ba6e17f9f64d899cfd51688b9bed040a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:3b19f8efe886a379fcad216b583de6c962a231159020f363323d531c330350de_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:53c55f81a10b84f6c7756a98c30f6c018736d8691440408ded75a9d60d20abd7_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:907981736598e7544bebfc8d174fea92cc9a7769d649cbe8ce3cc296e6953856_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:f2f9b7f06fe1847d49a1d94069e1052b021f2169fb036f2b886f2f70859914de_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d6728285a5552f62e96c93eb5b0eba181582890c4fce1a0b56758d2b3c4bbdcd_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:39a26364fc2794512c6862fd0333df158d8301ca82eabf53959561fc39fbbe0f_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:412a23db39debcda082d6d85807a7983aa474e3eea8f6780c619d0b371af16ae_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5e8ae98348f50d6a50ff31a3b099afb84109ea0892b9408d16f6f32b0b657048_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:63e2f0159c3521ea5d908f331979836af72c32f18104bcf915feab123e294dd1_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:6e048b97ef55a2ad081250608152c08613075713d9b10d7558becfb19ded8e45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:19951763d79334b5e566c8d9b5acf9524268d1e5864a574632363cf540678184_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:86224e8f5d9f5ede57e90166cde9802c1ef956737b711935b9269b387ea5b68b_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f2c4a003335692f84e68cb660d61581a68c89607ec92fca9ca08a7e98efc8c63_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f5050789c44ce9c4de52aa34acf375efe97708a313280e395e34a6d306e5d1e0_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:03a485b1c02f5155f22c7820c166889b3f7d7b479892bb4d106432fa2dbf217b_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:117876c6c6a12beb25983da60c8c1628f350a1797888b9f03c44b9dd737844fa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e82aac09336b0a36d5bc896826891ec41714ea1e05aac345a49abc4915b255ee_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f58b0c52270707e15747b431520150641019c9b215e864c8dfe8dec1f6e94caf_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:056dc564e4f8ee5ee816c008b962ca6e2de3b3e86c60fd2805654b6054948caa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:24eeadd822f6f30c5e587e9d3eba06f1856a2c2e9f47daf4bad706146f50382a_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:338cd06dcc742eb7f37b3ca02ff6c5902630e1466ce3dc6b73b49c1b2b8562fa_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:92e8d6d910fa92fb05e4e0a8046b03090643509fe2a67f8efc8e1bb2b93aba10_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:edc72269317914b4612ffe859a558a886b5a244d99c016896b126f1dd35fb299_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:11c27678e7d181621669548757d07cc9ed5be4e55043d4676fd4a2fb41433498_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1f9c64d9e2b9c6c1ae2fc5d00c83498a9bb8db3a0cf5fd3545a49cce65a998ef_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cc4a64957a3e97ee564e895c50d451dd0cd472ea635a258db2ea3a0bac83e242_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e8980b92b3c6c5fe6cb076121faba33f0c70bb980e349172c0d3732c52ab8c09_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:47e327e54e2dfd7b990a196e8864262ff2ce94e760caa96a163f44fb51119f18_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a1f93c08e02b3b2651f50bcdb8297a66a4f8a5221284f30c9a3a65a14784c824_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:cd984016e01cde762b5958b8e7f8ea9f17828348104f074424a3ed14604a2544_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:ed9b563d9a2133239537b37954bbba96ba6e17f9f64d899cfd51688b9bed040a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:3b19f8efe886a379fcad216b583de6c962a231159020f363323d531c330350de_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:53c55f81a10b84f6c7756a98c30f6c018736d8691440408ded75a9d60d20abd7_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:907981736598e7544bebfc8d174fea92cc9a7769d649cbe8ce3cc296e6953856_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:f2f9b7f06fe1847d49a1d94069e1052b021f2169fb036f2b886f2f70859914de_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d6728285a5552f62e96c93eb5b0eba181582890c4fce1a0b56758d2b3c4bbdcd_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:39a26364fc2794512c6862fd0333df158d8301ca82eabf53959561fc39fbbe0f_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:412a23db39debcda082d6d85807a7983aa474e3eea8f6780c619d0b371af16ae_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5e8ae98348f50d6a50ff31a3b099afb84109ea0892b9408d16f6f32b0b657048_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:63e2f0159c3521ea5d908f331979836af72c32f18104bcf915feab123e294dd1_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:6e048b97ef55a2ad081250608152c08613075713d9b10d7558becfb19ded8e45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:19951763d79334b5e566c8d9b5acf9524268d1e5864a574632363cf540678184_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:86224e8f5d9f5ede57e90166cde9802c1ef956737b711935b9269b387ea5b68b_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f2c4a003335692f84e68cb660d61581a68c89607ec92fca9ca08a7e98efc8c63_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f5050789c44ce9c4de52aa34acf375efe97708a313280e395e34a6d306e5d1e0_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:03a485b1c02f5155f22c7820c166889b3f7d7b479892bb4d106432fa2dbf217b_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:117876c6c6a12beb25983da60c8c1628f350a1797888b9f03c44b9dd737844fa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e82aac09336b0a36d5bc896826891ec41714ea1e05aac345a49abc4915b255ee_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f58b0c52270707e15747b431520150641019c9b215e864c8dfe8dec1f6e94caf_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "node-jws: auth0/node-jws: Improper signature verification in HS256 algorithm"
},
{
"cve": "CVE-2025-66031",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2025-11-26T23:01:36.363253+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:056dc564e4f8ee5ee816c008b962ca6e2de3b3e86c60fd2805654b6054948caa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:24eeadd822f6f30c5e587e9d3eba06f1856a2c2e9f47daf4bad706146f50382a_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:338cd06dcc742eb7f37b3ca02ff6c5902630e1466ce3dc6b73b49c1b2b8562fa_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:92e8d6d910fa92fb05e4e0a8046b03090643509fe2a67f8efc8e1bb2b93aba10_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:edc72269317914b4612ffe859a558a886b5a244d99c016896b126f1dd35fb299_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:11c27678e7d181621669548757d07cc9ed5be4e55043d4676fd4a2fb41433498_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1f9c64d9e2b9c6c1ae2fc5d00c83498a9bb8db3a0cf5fd3545a49cce65a998ef_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cc4a64957a3e97ee564e895c50d451dd0cd472ea635a258db2ea3a0bac83e242_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e8980b92b3c6c5fe6cb076121faba33f0c70bb980e349172c0d3732c52ab8c09_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:47e327e54e2dfd7b990a196e8864262ff2ce94e760caa96a163f44fb51119f18_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a1f93c08e02b3b2651f50bcdb8297a66a4f8a5221284f30c9a3a65a14784c824_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:cd984016e01cde762b5958b8e7f8ea9f17828348104f074424a3ed14604a2544_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:ed9b563d9a2133239537b37954bbba96ba6e17f9f64d899cfd51688b9bed040a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:3b19f8efe886a379fcad216b583de6c962a231159020f363323d531c330350de_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:53c55f81a10b84f6c7756a98c30f6c018736d8691440408ded75a9d60d20abd7_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:907981736598e7544bebfc8d174fea92cc9a7769d649cbe8ce3cc296e6953856_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:f2f9b7f06fe1847d49a1d94069e1052b021f2169fb036f2b886f2f70859914de_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d6728285a5552f62e96c93eb5b0eba181582890c4fce1a0b56758d2b3c4bbdcd_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:39a26364fc2794512c6862fd0333df158d8301ca82eabf53959561fc39fbbe0f_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:412a23db39debcda082d6d85807a7983aa474e3eea8f6780c619d0b371af16ae_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5e8ae98348f50d6a50ff31a3b099afb84109ea0892b9408d16f6f32b0b657048_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:63e2f0159c3521ea5d908f331979836af72c32f18104bcf915feab123e294dd1_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:6e048b97ef55a2ad081250608152c08613075713d9b10d7558becfb19ded8e45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:19951763d79334b5e566c8d9b5acf9524268d1e5864a574632363cf540678184_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:86224e8f5d9f5ede57e90166cde9802c1ef956737b711935b9269b387ea5b68b_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f2c4a003335692f84e68cb660d61581a68c89607ec92fca9ca08a7e98efc8c63_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f5050789c44ce9c4de52aa34acf375efe97708a313280e395e34a6d306e5d1e0_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2417397"
}
],
"notes": [
{
"category": "description",
"text": "An ASN.1 Denial of Service (Dos) vulnerability exists in the node-forge asn1.fromDer function within forge/lib/asn1.js. The ASN.1 DER parser implementation (_fromDer) recurses for every constructed ASN.1 value (SEQUENCE, SET, etc.) and lacks a guard limiting recursion depth. An attacker can craft a small DER blob containing a very large nesting depth of constructed TLVs which causes the Node.js V8 engine to exhaust its call stack and throw RangeError: Maximum call stack size exceeded, crashing or incapacitating the process handling the parse. This is a remote, low-cost Denial-of-Service against applications that parse untrusted ASN.1 objects.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: node-forge ASN.1 Unbounded Recursion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:03a485b1c02f5155f22c7820c166889b3f7d7b479892bb4d106432fa2dbf217b_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:117876c6c6a12beb25983da60c8c1628f350a1797888b9f03c44b9dd737844fa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e82aac09336b0a36d5bc896826891ec41714ea1e05aac345a49abc4915b255ee_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f58b0c52270707e15747b431520150641019c9b215e864c8dfe8dec1f6e94caf_s390x"
],
"known_not_affected": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:056dc564e4f8ee5ee816c008b962ca6e2de3b3e86c60fd2805654b6054948caa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:24eeadd822f6f30c5e587e9d3eba06f1856a2c2e9f47daf4bad706146f50382a_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:338cd06dcc742eb7f37b3ca02ff6c5902630e1466ce3dc6b73b49c1b2b8562fa_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:92e8d6d910fa92fb05e4e0a8046b03090643509fe2a67f8efc8e1bb2b93aba10_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:edc72269317914b4612ffe859a558a886b5a244d99c016896b126f1dd35fb299_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:11c27678e7d181621669548757d07cc9ed5be4e55043d4676fd4a2fb41433498_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1f9c64d9e2b9c6c1ae2fc5d00c83498a9bb8db3a0cf5fd3545a49cce65a998ef_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cc4a64957a3e97ee564e895c50d451dd0cd472ea635a258db2ea3a0bac83e242_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e8980b92b3c6c5fe6cb076121faba33f0c70bb980e349172c0d3732c52ab8c09_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:47e327e54e2dfd7b990a196e8864262ff2ce94e760caa96a163f44fb51119f18_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a1f93c08e02b3b2651f50bcdb8297a66a4f8a5221284f30c9a3a65a14784c824_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:cd984016e01cde762b5958b8e7f8ea9f17828348104f074424a3ed14604a2544_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:ed9b563d9a2133239537b37954bbba96ba6e17f9f64d899cfd51688b9bed040a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:3b19f8efe886a379fcad216b583de6c962a231159020f363323d531c330350de_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:53c55f81a10b84f6c7756a98c30f6c018736d8691440408ded75a9d60d20abd7_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:907981736598e7544bebfc8d174fea92cc9a7769d649cbe8ce3cc296e6953856_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:f2f9b7f06fe1847d49a1d94069e1052b021f2169fb036f2b886f2f70859914de_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d6728285a5552f62e96c93eb5b0eba181582890c4fce1a0b56758d2b3c4bbdcd_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:39a26364fc2794512c6862fd0333df158d8301ca82eabf53959561fc39fbbe0f_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:412a23db39debcda082d6d85807a7983aa474e3eea8f6780c619d0b371af16ae_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5e8ae98348f50d6a50ff31a3b099afb84109ea0892b9408d16f6f32b0b657048_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:63e2f0159c3521ea5d908f331979836af72c32f18104bcf915feab123e294dd1_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:6e048b97ef55a2ad081250608152c08613075713d9b10d7558becfb19ded8e45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:19951763d79334b5e566c8d9b5acf9524268d1e5864a574632363cf540678184_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:86224e8f5d9f5ede57e90166cde9802c1ef956737b711935b9269b387ea5b68b_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f2c4a003335692f84e68cb660d61581a68c89607ec92fca9ca08a7e98efc8c63_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f5050789c44ce9c4de52aa34acf375efe97708a313280e395e34a6d306e5d1e0_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66031"
},
{
"category": "external",
"summary": "RHBZ#2417397",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417397"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66031",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66031"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66031",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66031"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/commit/260425c6167a38aae038697132483b5517b26451",
"url": "https://github.com/digitalbazaar/forge/commit/260425c6167a38aae038697132483b5517b26451"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-554w-wpv2-vw27",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-554w-wpv2-vw27"
}
],
"release_date": "2025-11-26T22:23:26.013000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T15:52:56+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:03a485b1c02f5155f22c7820c166889b3f7d7b479892bb4d106432fa2dbf217b_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:117876c6c6a12beb25983da60c8c1628f350a1797888b9f03c44b9dd737844fa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e82aac09336b0a36d5bc896826891ec41714ea1e05aac345a49abc4915b255ee_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f58b0c52270707e15747b431520150641019c9b215e864c8dfe8dec1f6e94caf_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1730"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:056dc564e4f8ee5ee816c008b962ca6e2de3b3e86c60fd2805654b6054948caa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:24eeadd822f6f30c5e587e9d3eba06f1856a2c2e9f47daf4bad706146f50382a_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:338cd06dcc742eb7f37b3ca02ff6c5902630e1466ce3dc6b73b49c1b2b8562fa_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:92e8d6d910fa92fb05e4e0a8046b03090643509fe2a67f8efc8e1bb2b93aba10_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:edc72269317914b4612ffe859a558a886b5a244d99c016896b126f1dd35fb299_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:11c27678e7d181621669548757d07cc9ed5be4e55043d4676fd4a2fb41433498_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1f9c64d9e2b9c6c1ae2fc5d00c83498a9bb8db3a0cf5fd3545a49cce65a998ef_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cc4a64957a3e97ee564e895c50d451dd0cd472ea635a258db2ea3a0bac83e242_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e8980b92b3c6c5fe6cb076121faba33f0c70bb980e349172c0d3732c52ab8c09_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:47e327e54e2dfd7b990a196e8864262ff2ce94e760caa96a163f44fb51119f18_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a1f93c08e02b3b2651f50bcdb8297a66a4f8a5221284f30c9a3a65a14784c824_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:cd984016e01cde762b5958b8e7f8ea9f17828348104f074424a3ed14604a2544_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:ed9b563d9a2133239537b37954bbba96ba6e17f9f64d899cfd51688b9bed040a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:3b19f8efe886a379fcad216b583de6c962a231159020f363323d531c330350de_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:53c55f81a10b84f6c7756a98c30f6c018736d8691440408ded75a9d60d20abd7_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:907981736598e7544bebfc8d174fea92cc9a7769d649cbe8ce3cc296e6953856_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:f2f9b7f06fe1847d49a1d94069e1052b021f2169fb036f2b886f2f70859914de_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d6728285a5552f62e96c93eb5b0eba181582890c4fce1a0b56758d2b3c4bbdcd_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:39a26364fc2794512c6862fd0333df158d8301ca82eabf53959561fc39fbbe0f_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:412a23db39debcda082d6d85807a7983aa474e3eea8f6780c619d0b371af16ae_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5e8ae98348f50d6a50ff31a3b099afb84109ea0892b9408d16f6f32b0b657048_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:63e2f0159c3521ea5d908f331979836af72c32f18104bcf915feab123e294dd1_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:6e048b97ef55a2ad081250608152c08613075713d9b10d7558becfb19ded8e45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:19951763d79334b5e566c8d9b5acf9524268d1e5864a574632363cf540678184_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:86224e8f5d9f5ede57e90166cde9802c1ef956737b711935b9269b387ea5b68b_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f2c4a003335692f84e68cb660d61581a68c89607ec92fca9ca08a7e98efc8c63_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f5050789c44ce9c4de52aa34acf375efe97708a313280e395e34a6d306e5d1e0_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:03a485b1c02f5155f22c7820c166889b3f7d7b479892bb4d106432fa2dbf217b_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:117876c6c6a12beb25983da60c8c1628f350a1797888b9f03c44b9dd737844fa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e82aac09336b0a36d5bc896826891ec41714ea1e05aac345a49abc4915b255ee_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f58b0c52270707e15747b431520150641019c9b215e864c8dfe8dec1f6e94caf_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:056dc564e4f8ee5ee816c008b962ca6e2de3b3e86c60fd2805654b6054948caa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:24eeadd822f6f30c5e587e9d3eba06f1856a2c2e9f47daf4bad706146f50382a_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:338cd06dcc742eb7f37b3ca02ff6c5902630e1466ce3dc6b73b49c1b2b8562fa_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:92e8d6d910fa92fb05e4e0a8046b03090643509fe2a67f8efc8e1bb2b93aba10_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:edc72269317914b4612ffe859a558a886b5a244d99c016896b126f1dd35fb299_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:11c27678e7d181621669548757d07cc9ed5be4e55043d4676fd4a2fb41433498_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1f9c64d9e2b9c6c1ae2fc5d00c83498a9bb8db3a0cf5fd3545a49cce65a998ef_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cc4a64957a3e97ee564e895c50d451dd0cd472ea635a258db2ea3a0bac83e242_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e8980b92b3c6c5fe6cb076121faba33f0c70bb980e349172c0d3732c52ab8c09_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:47e327e54e2dfd7b990a196e8864262ff2ce94e760caa96a163f44fb51119f18_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a1f93c08e02b3b2651f50bcdb8297a66a4f8a5221284f30c9a3a65a14784c824_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:cd984016e01cde762b5958b8e7f8ea9f17828348104f074424a3ed14604a2544_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:ed9b563d9a2133239537b37954bbba96ba6e17f9f64d899cfd51688b9bed040a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:3b19f8efe886a379fcad216b583de6c962a231159020f363323d531c330350de_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:53c55f81a10b84f6c7756a98c30f6c018736d8691440408ded75a9d60d20abd7_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:907981736598e7544bebfc8d174fea92cc9a7769d649cbe8ce3cc296e6953856_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:f2f9b7f06fe1847d49a1d94069e1052b021f2169fb036f2b886f2f70859914de_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d6728285a5552f62e96c93eb5b0eba181582890c4fce1a0b56758d2b3c4bbdcd_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:39a26364fc2794512c6862fd0333df158d8301ca82eabf53959561fc39fbbe0f_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:412a23db39debcda082d6d85807a7983aa474e3eea8f6780c619d0b371af16ae_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5e8ae98348f50d6a50ff31a3b099afb84109ea0892b9408d16f6f32b0b657048_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:63e2f0159c3521ea5d908f331979836af72c32f18104bcf915feab123e294dd1_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:6e048b97ef55a2ad081250608152c08613075713d9b10d7558becfb19ded8e45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:19951763d79334b5e566c8d9b5acf9524268d1e5864a574632363cf540678184_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:86224e8f5d9f5ede57e90166cde9802c1ef956737b711935b9269b387ea5b68b_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f2c4a003335692f84e68cb660d61581a68c89607ec92fca9ca08a7e98efc8c63_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f5050789c44ce9c4de52aa34acf375efe97708a313280e395e34a6d306e5d1e0_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:03a485b1c02f5155f22c7820c166889b3f7d7b479892bb4d106432fa2dbf217b_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:117876c6c6a12beb25983da60c8c1628f350a1797888b9f03c44b9dd737844fa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e82aac09336b0a36d5bc896826891ec41714ea1e05aac345a49abc4915b255ee_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f58b0c52270707e15747b431520150641019c9b215e864c8dfe8dec1f6e94caf_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "node-forge: node-forge ASN.1 Unbounded Recursion"
},
{
"cve": "CVE-2025-66418",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-12-05T17:01:20.277857+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:056dc564e4f8ee5ee816c008b962ca6e2de3b3e86c60fd2805654b6054948caa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:24eeadd822f6f30c5e587e9d3eba06f1856a2c2e9f47daf4bad706146f50382a_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:338cd06dcc742eb7f37b3ca02ff6c5902630e1466ce3dc6b73b49c1b2b8562fa_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:92e8d6d910fa92fb05e4e0a8046b03090643509fe2a67f8efc8e1bb2b93aba10_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:edc72269317914b4612ffe859a558a886b5a244d99c016896b126f1dd35fb299_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:11c27678e7d181621669548757d07cc9ed5be4e55043d4676fd4a2fb41433498_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1f9c64d9e2b9c6c1ae2fc5d00c83498a9bb8db3a0cf5fd3545a49cce65a998ef_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cc4a64957a3e97ee564e895c50d451dd0cd472ea635a258db2ea3a0bac83e242_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e8980b92b3c6c5fe6cb076121faba33f0c70bb980e349172c0d3732c52ab8c09_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:47e327e54e2dfd7b990a196e8864262ff2ce94e760caa96a163f44fb51119f18_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a1f93c08e02b3b2651f50bcdb8297a66a4f8a5221284f30c9a3a65a14784c824_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:cd984016e01cde762b5958b8e7f8ea9f17828348104f074424a3ed14604a2544_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:ed9b563d9a2133239537b37954bbba96ba6e17f9f64d899cfd51688b9bed040a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:3b19f8efe886a379fcad216b583de6c962a231159020f363323d531c330350de_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:53c55f81a10b84f6c7756a98c30f6c018736d8691440408ded75a9d60d20abd7_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:907981736598e7544bebfc8d174fea92cc9a7769d649cbe8ce3cc296e6953856_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:f2f9b7f06fe1847d49a1d94069e1052b021f2169fb036f2b886f2f70859914de_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d6728285a5552f62e96c93eb5b0eba181582890c4fce1a0b56758d2b3c4bbdcd_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:39a26364fc2794512c6862fd0333df158d8301ca82eabf53959561fc39fbbe0f_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:412a23db39debcda082d6d85807a7983aa474e3eea8f6780c619d0b371af16ae_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5e8ae98348f50d6a50ff31a3b099afb84109ea0892b9408d16f6f32b0b657048_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:63e2f0159c3521ea5d908f331979836af72c32f18104bcf915feab123e294dd1_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:6e048b97ef55a2ad081250608152c08613075713d9b10d7558becfb19ded8e45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:19951763d79334b5e566c8d9b5acf9524268d1e5864a574632363cf540678184_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:86224e8f5d9f5ede57e90166cde9802c1ef956737b711935b9269b387ea5b68b_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f2c4a003335692f84e68cb660d61581a68c89607ec92fca9ca08a7e98efc8c63_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f5050789c44ce9c4de52aa34acf375efe97708a313280e395e34a6d306e5d1e0_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419455"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in urllib3 Python library that could lead to a Denial of Service condition. A remote, malicious server can exploit this flaw by responding to a client request with an HTTP message that uses an excessive number of chained compression algorithms. This unlimited decompression chain causes the client system to consume a virtually unbounded amount of CPU resources and memory. The high resource usage leads to service disruption, making the application unresponsive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:03a485b1c02f5155f22c7820c166889b3f7d7b479892bb4d106432fa2dbf217b_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:117876c6c6a12beb25983da60c8c1628f350a1797888b9f03c44b9dd737844fa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e82aac09336b0a36d5bc896826891ec41714ea1e05aac345a49abc4915b255ee_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f58b0c52270707e15747b431520150641019c9b215e864c8dfe8dec1f6e94caf_s390x"
],
"known_not_affected": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:056dc564e4f8ee5ee816c008b962ca6e2de3b3e86c60fd2805654b6054948caa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:24eeadd822f6f30c5e587e9d3eba06f1856a2c2e9f47daf4bad706146f50382a_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:338cd06dcc742eb7f37b3ca02ff6c5902630e1466ce3dc6b73b49c1b2b8562fa_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:92e8d6d910fa92fb05e4e0a8046b03090643509fe2a67f8efc8e1bb2b93aba10_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:edc72269317914b4612ffe859a558a886b5a244d99c016896b126f1dd35fb299_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:11c27678e7d181621669548757d07cc9ed5be4e55043d4676fd4a2fb41433498_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1f9c64d9e2b9c6c1ae2fc5d00c83498a9bb8db3a0cf5fd3545a49cce65a998ef_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cc4a64957a3e97ee564e895c50d451dd0cd472ea635a258db2ea3a0bac83e242_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e8980b92b3c6c5fe6cb076121faba33f0c70bb980e349172c0d3732c52ab8c09_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:47e327e54e2dfd7b990a196e8864262ff2ce94e760caa96a163f44fb51119f18_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a1f93c08e02b3b2651f50bcdb8297a66a4f8a5221284f30c9a3a65a14784c824_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:cd984016e01cde762b5958b8e7f8ea9f17828348104f074424a3ed14604a2544_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:ed9b563d9a2133239537b37954bbba96ba6e17f9f64d899cfd51688b9bed040a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:3b19f8efe886a379fcad216b583de6c962a231159020f363323d531c330350de_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:53c55f81a10b84f6c7756a98c30f6c018736d8691440408ded75a9d60d20abd7_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:907981736598e7544bebfc8d174fea92cc9a7769d649cbe8ce3cc296e6953856_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:f2f9b7f06fe1847d49a1d94069e1052b021f2169fb036f2b886f2f70859914de_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d6728285a5552f62e96c93eb5b0eba181582890c4fce1a0b56758d2b3c4bbdcd_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:39a26364fc2794512c6862fd0333df158d8301ca82eabf53959561fc39fbbe0f_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:412a23db39debcda082d6d85807a7983aa474e3eea8f6780c619d0b371af16ae_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5e8ae98348f50d6a50ff31a3b099afb84109ea0892b9408d16f6f32b0b657048_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:63e2f0159c3521ea5d908f331979836af72c32f18104bcf915feab123e294dd1_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:6e048b97ef55a2ad081250608152c08613075713d9b10d7558becfb19ded8e45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:19951763d79334b5e566c8d9b5acf9524268d1e5864a574632363cf540678184_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:86224e8f5d9f5ede57e90166cde9802c1ef956737b711935b9269b387ea5b68b_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f2c4a003335692f84e68cb660d61581a68c89607ec92fca9ca08a7e98efc8c63_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f5050789c44ce9c4de52aa34acf375efe97708a313280e395e34a6d306e5d1e0_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66418"
},
{
"category": "external",
"summary": "RHBZ#2419455",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419455"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66418"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66418",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66418"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/24d7b67eac89f94e11003424bcf0d8f7b72222a8",
"url": "https://github.com/urllib3/urllib3/commit/24d7b67eac89f94e11003424bcf0d8f7b72222a8"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53"
}
],
"release_date": "2025-12-05T16:02:15.271000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T15:52:56+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:03a485b1c02f5155f22c7820c166889b3f7d7b479892bb4d106432fa2dbf217b_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:117876c6c6a12beb25983da60c8c1628f350a1797888b9f03c44b9dd737844fa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e82aac09336b0a36d5bc896826891ec41714ea1e05aac345a49abc4915b255ee_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f58b0c52270707e15747b431520150641019c9b215e864c8dfe8dec1f6e94caf_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1730"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:056dc564e4f8ee5ee816c008b962ca6e2de3b3e86c60fd2805654b6054948caa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:24eeadd822f6f30c5e587e9d3eba06f1856a2c2e9f47daf4bad706146f50382a_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:338cd06dcc742eb7f37b3ca02ff6c5902630e1466ce3dc6b73b49c1b2b8562fa_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:92e8d6d910fa92fb05e4e0a8046b03090643509fe2a67f8efc8e1bb2b93aba10_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:edc72269317914b4612ffe859a558a886b5a244d99c016896b126f1dd35fb299_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:11c27678e7d181621669548757d07cc9ed5be4e55043d4676fd4a2fb41433498_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1f9c64d9e2b9c6c1ae2fc5d00c83498a9bb8db3a0cf5fd3545a49cce65a998ef_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cc4a64957a3e97ee564e895c50d451dd0cd472ea635a258db2ea3a0bac83e242_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e8980b92b3c6c5fe6cb076121faba33f0c70bb980e349172c0d3732c52ab8c09_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:47e327e54e2dfd7b990a196e8864262ff2ce94e760caa96a163f44fb51119f18_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a1f93c08e02b3b2651f50bcdb8297a66a4f8a5221284f30c9a3a65a14784c824_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:cd984016e01cde762b5958b8e7f8ea9f17828348104f074424a3ed14604a2544_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:ed9b563d9a2133239537b37954bbba96ba6e17f9f64d899cfd51688b9bed040a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:3b19f8efe886a379fcad216b583de6c962a231159020f363323d531c330350de_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:53c55f81a10b84f6c7756a98c30f6c018736d8691440408ded75a9d60d20abd7_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:907981736598e7544bebfc8d174fea92cc9a7769d649cbe8ce3cc296e6953856_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:f2f9b7f06fe1847d49a1d94069e1052b021f2169fb036f2b886f2f70859914de_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d6728285a5552f62e96c93eb5b0eba181582890c4fce1a0b56758d2b3c4bbdcd_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:39a26364fc2794512c6862fd0333df158d8301ca82eabf53959561fc39fbbe0f_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:412a23db39debcda082d6d85807a7983aa474e3eea8f6780c619d0b371af16ae_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5e8ae98348f50d6a50ff31a3b099afb84109ea0892b9408d16f6f32b0b657048_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:63e2f0159c3521ea5d908f331979836af72c32f18104bcf915feab123e294dd1_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:6e048b97ef55a2ad081250608152c08613075713d9b10d7558becfb19ded8e45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:19951763d79334b5e566c8d9b5acf9524268d1e5864a574632363cf540678184_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:86224e8f5d9f5ede57e90166cde9802c1ef956737b711935b9269b387ea5b68b_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f2c4a003335692f84e68cb660d61581a68c89607ec92fca9ca08a7e98efc8c63_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f5050789c44ce9c4de52aa34acf375efe97708a313280e395e34a6d306e5d1e0_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:03a485b1c02f5155f22c7820c166889b3f7d7b479892bb4d106432fa2dbf217b_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:117876c6c6a12beb25983da60c8c1628f350a1797888b9f03c44b9dd737844fa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e82aac09336b0a36d5bc896826891ec41714ea1e05aac345a49abc4915b255ee_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f58b0c52270707e15747b431520150641019c9b215e864c8dfe8dec1f6e94caf_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion"
},
{
"cve": "CVE-2025-66471",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2025-12-05T17:02:21.597728+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:056dc564e4f8ee5ee816c008b962ca6e2de3b3e86c60fd2805654b6054948caa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:24eeadd822f6f30c5e587e9d3eba06f1856a2c2e9f47daf4bad706146f50382a_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:338cd06dcc742eb7f37b3ca02ff6c5902630e1466ce3dc6b73b49c1b2b8562fa_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:92e8d6d910fa92fb05e4e0a8046b03090643509fe2a67f8efc8e1bb2b93aba10_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:edc72269317914b4612ffe859a558a886b5a244d99c016896b126f1dd35fb299_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:11c27678e7d181621669548757d07cc9ed5be4e55043d4676fd4a2fb41433498_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1f9c64d9e2b9c6c1ae2fc5d00c83498a9bb8db3a0cf5fd3545a49cce65a998ef_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cc4a64957a3e97ee564e895c50d451dd0cd472ea635a258db2ea3a0bac83e242_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e8980b92b3c6c5fe6cb076121faba33f0c70bb980e349172c0d3732c52ab8c09_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:47e327e54e2dfd7b990a196e8864262ff2ce94e760caa96a163f44fb51119f18_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a1f93c08e02b3b2651f50bcdb8297a66a4f8a5221284f30c9a3a65a14784c824_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:cd984016e01cde762b5958b8e7f8ea9f17828348104f074424a3ed14604a2544_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:ed9b563d9a2133239537b37954bbba96ba6e17f9f64d899cfd51688b9bed040a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:3b19f8efe886a379fcad216b583de6c962a231159020f363323d531c330350de_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:53c55f81a10b84f6c7756a98c30f6c018736d8691440408ded75a9d60d20abd7_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:907981736598e7544bebfc8d174fea92cc9a7769d649cbe8ce3cc296e6953856_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:f2f9b7f06fe1847d49a1d94069e1052b021f2169fb036f2b886f2f70859914de_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d6728285a5552f62e96c93eb5b0eba181582890c4fce1a0b56758d2b3c4bbdcd_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:39a26364fc2794512c6862fd0333df158d8301ca82eabf53959561fc39fbbe0f_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:412a23db39debcda082d6d85807a7983aa474e3eea8f6780c619d0b371af16ae_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5e8ae98348f50d6a50ff31a3b099afb84109ea0892b9408d16f6f32b0b657048_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:63e2f0159c3521ea5d908f331979836af72c32f18104bcf915feab123e294dd1_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:6e048b97ef55a2ad081250608152c08613075713d9b10d7558becfb19ded8e45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:19951763d79334b5e566c8d9b5acf9524268d1e5864a574632363cf540678184_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:86224e8f5d9f5ede57e90166cde9802c1ef956737b711935b9269b387ea5b68b_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f2c4a003335692f84e68cb660d61581a68c89607ec92fca9ca08a7e98efc8c63_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f5050789c44ce9c4de52aa34acf375efe97708a313280e395e34a6d306e5d1e0_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419467"
}
],
"notes": [
{
"category": "description",
"text": "A decompression handling flaw has been discovered in urllib3. When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header (e.g., gzip, deflate, br, or zstd). The library must read compressed data from the network and decompress it until the requested chunk size is met. Any resulting decompressed data that exceeds the requested amount is held in an internal buffer for the next read operation. The decompression logic could cause urllib3 to fully decode a small amount of highly compressed data in a single operation. This can result in excessive resource consumption (high CPU usage and massive memory allocation for the decompressed data; CWE-409) on the client side, even if the application only requested a small chunk of data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3 Streaming API improperly handles highly compressed data",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:03a485b1c02f5155f22c7820c166889b3f7d7b479892bb4d106432fa2dbf217b_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:117876c6c6a12beb25983da60c8c1628f350a1797888b9f03c44b9dd737844fa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e82aac09336b0a36d5bc896826891ec41714ea1e05aac345a49abc4915b255ee_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f58b0c52270707e15747b431520150641019c9b215e864c8dfe8dec1f6e94caf_s390x"
],
"known_not_affected": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:056dc564e4f8ee5ee816c008b962ca6e2de3b3e86c60fd2805654b6054948caa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:24eeadd822f6f30c5e587e9d3eba06f1856a2c2e9f47daf4bad706146f50382a_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:338cd06dcc742eb7f37b3ca02ff6c5902630e1466ce3dc6b73b49c1b2b8562fa_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:92e8d6d910fa92fb05e4e0a8046b03090643509fe2a67f8efc8e1bb2b93aba10_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:edc72269317914b4612ffe859a558a886b5a244d99c016896b126f1dd35fb299_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:11c27678e7d181621669548757d07cc9ed5be4e55043d4676fd4a2fb41433498_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1f9c64d9e2b9c6c1ae2fc5d00c83498a9bb8db3a0cf5fd3545a49cce65a998ef_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cc4a64957a3e97ee564e895c50d451dd0cd472ea635a258db2ea3a0bac83e242_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e8980b92b3c6c5fe6cb076121faba33f0c70bb980e349172c0d3732c52ab8c09_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:47e327e54e2dfd7b990a196e8864262ff2ce94e760caa96a163f44fb51119f18_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a1f93c08e02b3b2651f50bcdb8297a66a4f8a5221284f30c9a3a65a14784c824_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:cd984016e01cde762b5958b8e7f8ea9f17828348104f074424a3ed14604a2544_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:ed9b563d9a2133239537b37954bbba96ba6e17f9f64d899cfd51688b9bed040a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:3b19f8efe886a379fcad216b583de6c962a231159020f363323d531c330350de_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:53c55f81a10b84f6c7756a98c30f6c018736d8691440408ded75a9d60d20abd7_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:907981736598e7544bebfc8d174fea92cc9a7769d649cbe8ce3cc296e6953856_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:f2f9b7f06fe1847d49a1d94069e1052b021f2169fb036f2b886f2f70859914de_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d6728285a5552f62e96c93eb5b0eba181582890c4fce1a0b56758d2b3c4bbdcd_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:39a26364fc2794512c6862fd0333df158d8301ca82eabf53959561fc39fbbe0f_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:412a23db39debcda082d6d85807a7983aa474e3eea8f6780c619d0b371af16ae_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5e8ae98348f50d6a50ff31a3b099afb84109ea0892b9408d16f6f32b0b657048_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:63e2f0159c3521ea5d908f331979836af72c32f18104bcf915feab123e294dd1_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:6e048b97ef55a2ad081250608152c08613075713d9b10d7558becfb19ded8e45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:19951763d79334b5e566c8d9b5acf9524268d1e5864a574632363cf540678184_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:86224e8f5d9f5ede57e90166cde9802c1ef956737b711935b9269b387ea5b68b_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f2c4a003335692f84e68cb660d61581a68c89607ec92fca9ca08a7e98efc8c63_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f5050789c44ce9c4de52aa34acf375efe97708a313280e395e34a6d306e5d1e0_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66471"
},
{
"category": "external",
"summary": "RHBZ#2419467",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419467"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66471",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66471"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66471",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66471"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/c19571de34c47de3a766541b041637ba5f716ed7",
"url": "https://github.com/urllib3/urllib3/commit/c19571de34c47de3a766541b041637ba5f716ed7"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37"
}
],
"release_date": "2025-12-05T16:06:08.531000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T15:52:56+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:03a485b1c02f5155f22c7820c166889b3f7d7b479892bb4d106432fa2dbf217b_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:117876c6c6a12beb25983da60c8c1628f350a1797888b9f03c44b9dd737844fa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e82aac09336b0a36d5bc896826891ec41714ea1e05aac345a49abc4915b255ee_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f58b0c52270707e15747b431520150641019c9b215e864c8dfe8dec1f6e94caf_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1730"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:056dc564e4f8ee5ee816c008b962ca6e2de3b3e86c60fd2805654b6054948caa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:24eeadd822f6f30c5e587e9d3eba06f1856a2c2e9f47daf4bad706146f50382a_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:338cd06dcc742eb7f37b3ca02ff6c5902630e1466ce3dc6b73b49c1b2b8562fa_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:92e8d6d910fa92fb05e4e0a8046b03090643509fe2a67f8efc8e1bb2b93aba10_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:edc72269317914b4612ffe859a558a886b5a244d99c016896b126f1dd35fb299_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:11c27678e7d181621669548757d07cc9ed5be4e55043d4676fd4a2fb41433498_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1f9c64d9e2b9c6c1ae2fc5d00c83498a9bb8db3a0cf5fd3545a49cce65a998ef_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cc4a64957a3e97ee564e895c50d451dd0cd472ea635a258db2ea3a0bac83e242_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e8980b92b3c6c5fe6cb076121faba33f0c70bb980e349172c0d3732c52ab8c09_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:47e327e54e2dfd7b990a196e8864262ff2ce94e760caa96a163f44fb51119f18_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a1f93c08e02b3b2651f50bcdb8297a66a4f8a5221284f30c9a3a65a14784c824_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:cd984016e01cde762b5958b8e7f8ea9f17828348104f074424a3ed14604a2544_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:ed9b563d9a2133239537b37954bbba96ba6e17f9f64d899cfd51688b9bed040a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:3b19f8efe886a379fcad216b583de6c962a231159020f363323d531c330350de_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:53c55f81a10b84f6c7756a98c30f6c018736d8691440408ded75a9d60d20abd7_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:907981736598e7544bebfc8d174fea92cc9a7769d649cbe8ce3cc296e6953856_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:f2f9b7f06fe1847d49a1d94069e1052b021f2169fb036f2b886f2f70859914de_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d6728285a5552f62e96c93eb5b0eba181582890c4fce1a0b56758d2b3c4bbdcd_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:39a26364fc2794512c6862fd0333df158d8301ca82eabf53959561fc39fbbe0f_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:412a23db39debcda082d6d85807a7983aa474e3eea8f6780c619d0b371af16ae_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5e8ae98348f50d6a50ff31a3b099afb84109ea0892b9408d16f6f32b0b657048_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:63e2f0159c3521ea5d908f331979836af72c32f18104bcf915feab123e294dd1_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:6e048b97ef55a2ad081250608152c08613075713d9b10d7558becfb19ded8e45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:19951763d79334b5e566c8d9b5acf9524268d1e5864a574632363cf540678184_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:86224e8f5d9f5ede57e90166cde9802c1ef956737b711935b9269b387ea5b68b_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f2c4a003335692f84e68cb660d61581a68c89607ec92fca9ca08a7e98efc8c63_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f5050789c44ce9c4de52aa34acf375efe97708a313280e395e34a6d306e5d1e0_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:03a485b1c02f5155f22c7820c166889b3f7d7b479892bb4d106432fa2dbf217b_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:117876c6c6a12beb25983da60c8c1628f350a1797888b9f03c44b9dd737844fa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e82aac09336b0a36d5bc896826891ec41714ea1e05aac345a49abc4915b255ee_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f58b0c52270707e15747b431520150641019c9b215e864c8dfe8dec1f6e94caf_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:056dc564e4f8ee5ee816c008b962ca6e2de3b3e86c60fd2805654b6054948caa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:24eeadd822f6f30c5e587e9d3eba06f1856a2c2e9f47daf4bad706146f50382a_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:338cd06dcc742eb7f37b3ca02ff6c5902630e1466ce3dc6b73b49c1b2b8562fa_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:92e8d6d910fa92fb05e4e0a8046b03090643509fe2a67f8efc8e1bb2b93aba10_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:edc72269317914b4612ffe859a558a886b5a244d99c016896b126f1dd35fb299_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:11c27678e7d181621669548757d07cc9ed5be4e55043d4676fd4a2fb41433498_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1f9c64d9e2b9c6c1ae2fc5d00c83498a9bb8db3a0cf5fd3545a49cce65a998ef_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cc4a64957a3e97ee564e895c50d451dd0cd472ea635a258db2ea3a0bac83e242_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e8980b92b3c6c5fe6cb076121faba33f0c70bb980e349172c0d3732c52ab8c09_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:47e327e54e2dfd7b990a196e8864262ff2ce94e760caa96a163f44fb51119f18_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a1f93c08e02b3b2651f50bcdb8297a66a4f8a5221284f30c9a3a65a14784c824_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:cd984016e01cde762b5958b8e7f8ea9f17828348104f074424a3ed14604a2544_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:ed9b563d9a2133239537b37954bbba96ba6e17f9f64d899cfd51688b9bed040a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:3b19f8efe886a379fcad216b583de6c962a231159020f363323d531c330350de_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:53c55f81a10b84f6c7756a98c30f6c018736d8691440408ded75a9d60d20abd7_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:907981736598e7544bebfc8d174fea92cc9a7769d649cbe8ce3cc296e6953856_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:f2f9b7f06fe1847d49a1d94069e1052b021f2169fb036f2b886f2f70859914de_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d6728285a5552f62e96c93eb5b0eba181582890c4fce1a0b56758d2b3c4bbdcd_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:39a26364fc2794512c6862fd0333df158d8301ca82eabf53959561fc39fbbe0f_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:412a23db39debcda082d6d85807a7983aa474e3eea8f6780c619d0b371af16ae_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5e8ae98348f50d6a50ff31a3b099afb84109ea0892b9408d16f6f32b0b657048_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:63e2f0159c3521ea5d908f331979836af72c32f18104bcf915feab123e294dd1_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:6e048b97ef55a2ad081250608152c08613075713d9b10d7558becfb19ded8e45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:19951763d79334b5e566c8d9b5acf9524268d1e5864a574632363cf540678184_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:86224e8f5d9f5ede57e90166cde9802c1ef956737b711935b9269b387ea5b68b_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f2c4a003335692f84e68cb660d61581a68c89607ec92fca9ca08a7e98efc8c63_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f5050789c44ce9c4de52aa34acf375efe97708a313280e395e34a6d306e5d1e0_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:03a485b1c02f5155f22c7820c166889b3f7d7b479892bb4d106432fa2dbf217b_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:117876c6c6a12beb25983da60c8c1628f350a1797888b9f03c44b9dd737844fa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e82aac09336b0a36d5bc896826891ec41714ea1e05aac345a49abc4915b255ee_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f58b0c52270707e15747b431520150641019c9b215e864c8dfe8dec1f6e94caf_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3 Streaming API improperly handles highly compressed data"
},
{
"cve": "CVE-2025-66506",
"cwe": {
"id": "CWE-405",
"name": "Asymmetric Resource Consumption (Amplification)"
},
"discovery_date": "2025-12-04T23:01:20.507333+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:056dc564e4f8ee5ee816c008b962ca6e2de3b3e86c60fd2805654b6054948caa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:24eeadd822f6f30c5e587e9d3eba06f1856a2c2e9f47daf4bad706146f50382a_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:338cd06dcc742eb7f37b3ca02ff6c5902630e1466ce3dc6b73b49c1b2b8562fa_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:92e8d6d910fa92fb05e4e0a8046b03090643509fe2a67f8efc8e1bb2b93aba10_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:edc72269317914b4612ffe859a558a886b5a244d99c016896b126f1dd35fb299_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:11c27678e7d181621669548757d07cc9ed5be4e55043d4676fd4a2fb41433498_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1f9c64d9e2b9c6c1ae2fc5d00c83498a9bb8db3a0cf5fd3545a49cce65a998ef_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cc4a64957a3e97ee564e895c50d451dd0cd472ea635a258db2ea3a0bac83e242_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e8980b92b3c6c5fe6cb076121faba33f0c70bb980e349172c0d3732c52ab8c09_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:47e327e54e2dfd7b990a196e8864262ff2ce94e760caa96a163f44fb51119f18_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a1f93c08e02b3b2651f50bcdb8297a66a4f8a5221284f30c9a3a65a14784c824_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:cd984016e01cde762b5958b8e7f8ea9f17828348104f074424a3ed14604a2544_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:ed9b563d9a2133239537b37954bbba96ba6e17f9f64d899cfd51688b9bed040a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:3b19f8efe886a379fcad216b583de6c962a231159020f363323d531c330350de_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:53c55f81a10b84f6c7756a98c30f6c018736d8691440408ded75a9d60d20abd7_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:907981736598e7544bebfc8d174fea92cc9a7769d649cbe8ce3cc296e6953856_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:f2f9b7f06fe1847d49a1d94069e1052b021f2169fb036f2b886f2f70859914de_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d6728285a5552f62e96c93eb5b0eba181582890c4fce1a0b56758d2b3c4bbdcd_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:39a26364fc2794512c6862fd0333df158d8301ca82eabf53959561fc39fbbe0f_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:412a23db39debcda082d6d85807a7983aa474e3eea8f6780c619d0b371af16ae_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5e8ae98348f50d6a50ff31a3b099afb84109ea0892b9408d16f6f32b0b657048_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:63e2f0159c3521ea5d908f331979836af72c32f18104bcf915feab123e294dd1_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:6e048b97ef55a2ad081250608152c08613075713d9b10d7558becfb19ded8e45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:19951763d79334b5e566c8d9b5acf9524268d1e5864a574632363cf540678184_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:86224e8f5d9f5ede57e90166cde9802c1ef956737b711935b9269b387ea5b68b_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f2c4a003335692f84e68cb660d61581a68c89607ec92fca9ca08a7e98efc8c63_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f5050789c44ce9c4de52aa34acf375efe97708a313280e395e34a6d306e5d1e0_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419056"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Fulcio, a free-to-use certificate authority. This vulnerability allows a denial of service (DoS) due to excessive memory allocation when processing a malicious OpenID Connect (OIDC) identity token containing numerous period characters.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/sigstore/fulcio: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat as Fulcio, a certificate authority used for issuing code signing certificates, is susceptible to a denial of service when processing a specially crafted OpenID Connect (OIDC) token. This could lead to resource exhaustion and service unavailability in affected Red Hat products that utilize Fulcio.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:03a485b1c02f5155f22c7820c166889b3f7d7b479892bb4d106432fa2dbf217b_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:117876c6c6a12beb25983da60c8c1628f350a1797888b9f03c44b9dd737844fa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e82aac09336b0a36d5bc896826891ec41714ea1e05aac345a49abc4915b255ee_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f58b0c52270707e15747b431520150641019c9b215e864c8dfe8dec1f6e94caf_s390x"
],
"known_not_affected": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:056dc564e4f8ee5ee816c008b962ca6e2de3b3e86c60fd2805654b6054948caa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:24eeadd822f6f30c5e587e9d3eba06f1856a2c2e9f47daf4bad706146f50382a_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:338cd06dcc742eb7f37b3ca02ff6c5902630e1466ce3dc6b73b49c1b2b8562fa_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:92e8d6d910fa92fb05e4e0a8046b03090643509fe2a67f8efc8e1bb2b93aba10_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:edc72269317914b4612ffe859a558a886b5a244d99c016896b126f1dd35fb299_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:11c27678e7d181621669548757d07cc9ed5be4e55043d4676fd4a2fb41433498_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1f9c64d9e2b9c6c1ae2fc5d00c83498a9bb8db3a0cf5fd3545a49cce65a998ef_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cc4a64957a3e97ee564e895c50d451dd0cd472ea635a258db2ea3a0bac83e242_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e8980b92b3c6c5fe6cb076121faba33f0c70bb980e349172c0d3732c52ab8c09_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:47e327e54e2dfd7b990a196e8864262ff2ce94e760caa96a163f44fb51119f18_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a1f93c08e02b3b2651f50bcdb8297a66a4f8a5221284f30c9a3a65a14784c824_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:cd984016e01cde762b5958b8e7f8ea9f17828348104f074424a3ed14604a2544_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:ed9b563d9a2133239537b37954bbba96ba6e17f9f64d899cfd51688b9bed040a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:3b19f8efe886a379fcad216b583de6c962a231159020f363323d531c330350de_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:53c55f81a10b84f6c7756a98c30f6c018736d8691440408ded75a9d60d20abd7_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:907981736598e7544bebfc8d174fea92cc9a7769d649cbe8ce3cc296e6953856_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:f2f9b7f06fe1847d49a1d94069e1052b021f2169fb036f2b886f2f70859914de_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d6728285a5552f62e96c93eb5b0eba181582890c4fce1a0b56758d2b3c4bbdcd_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:39a26364fc2794512c6862fd0333df158d8301ca82eabf53959561fc39fbbe0f_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:412a23db39debcda082d6d85807a7983aa474e3eea8f6780c619d0b371af16ae_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5e8ae98348f50d6a50ff31a3b099afb84109ea0892b9408d16f6f32b0b657048_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:63e2f0159c3521ea5d908f331979836af72c32f18104bcf915feab123e294dd1_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:6e048b97ef55a2ad081250608152c08613075713d9b10d7558becfb19ded8e45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:19951763d79334b5e566c8d9b5acf9524268d1e5864a574632363cf540678184_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:86224e8f5d9f5ede57e90166cde9802c1ef956737b711935b9269b387ea5b68b_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f2c4a003335692f84e68cb660d61581a68c89607ec92fca9ca08a7e98efc8c63_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f5050789c44ce9c4de52aa34acf375efe97708a313280e395e34a6d306e5d1e0_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66506"
},
{
"category": "external",
"summary": "RHBZ#2419056",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419056"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66506"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66506",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66506"
},
{
"category": "external",
"summary": "https://github.com/sigstore/fulcio/commit/765a0e57608b9ef390e1eeeea8595b9054c63a5a",
"url": "https://github.com/sigstore/fulcio/commit/765a0e57608b9ef390e1eeeea8595b9054c63a5a"
},
{
"category": "external",
"summary": "https://github.com/sigstore/fulcio/security/advisories/GHSA-f83f-xpx7-ffpw",
"url": "https://github.com/sigstore/fulcio/security/advisories/GHSA-f83f-xpx7-ffpw"
}
],
"release_date": "2025-12-04T22:04:41.637000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T15:52:56+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:03a485b1c02f5155f22c7820c166889b3f7d7b479892bb4d106432fa2dbf217b_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:117876c6c6a12beb25983da60c8c1628f350a1797888b9f03c44b9dd737844fa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e82aac09336b0a36d5bc896826891ec41714ea1e05aac345a49abc4915b255ee_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f58b0c52270707e15747b431520150641019c9b215e864c8dfe8dec1f6e94caf_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1730"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:056dc564e4f8ee5ee816c008b962ca6e2de3b3e86c60fd2805654b6054948caa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:24eeadd822f6f30c5e587e9d3eba06f1856a2c2e9f47daf4bad706146f50382a_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:338cd06dcc742eb7f37b3ca02ff6c5902630e1466ce3dc6b73b49c1b2b8562fa_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:92e8d6d910fa92fb05e4e0a8046b03090643509fe2a67f8efc8e1bb2b93aba10_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:edc72269317914b4612ffe859a558a886b5a244d99c016896b126f1dd35fb299_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:11c27678e7d181621669548757d07cc9ed5be4e55043d4676fd4a2fb41433498_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1f9c64d9e2b9c6c1ae2fc5d00c83498a9bb8db3a0cf5fd3545a49cce65a998ef_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cc4a64957a3e97ee564e895c50d451dd0cd472ea635a258db2ea3a0bac83e242_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e8980b92b3c6c5fe6cb076121faba33f0c70bb980e349172c0d3732c52ab8c09_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:47e327e54e2dfd7b990a196e8864262ff2ce94e760caa96a163f44fb51119f18_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a1f93c08e02b3b2651f50bcdb8297a66a4f8a5221284f30c9a3a65a14784c824_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:cd984016e01cde762b5958b8e7f8ea9f17828348104f074424a3ed14604a2544_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:ed9b563d9a2133239537b37954bbba96ba6e17f9f64d899cfd51688b9bed040a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:3b19f8efe886a379fcad216b583de6c962a231159020f363323d531c330350de_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:53c55f81a10b84f6c7756a98c30f6c018736d8691440408ded75a9d60d20abd7_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:907981736598e7544bebfc8d174fea92cc9a7769d649cbe8ce3cc296e6953856_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:f2f9b7f06fe1847d49a1d94069e1052b021f2169fb036f2b886f2f70859914de_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d6728285a5552f62e96c93eb5b0eba181582890c4fce1a0b56758d2b3c4bbdcd_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:39a26364fc2794512c6862fd0333df158d8301ca82eabf53959561fc39fbbe0f_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:412a23db39debcda082d6d85807a7983aa474e3eea8f6780c619d0b371af16ae_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5e8ae98348f50d6a50ff31a3b099afb84109ea0892b9408d16f6f32b0b657048_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:63e2f0159c3521ea5d908f331979836af72c32f18104bcf915feab123e294dd1_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:6e048b97ef55a2ad081250608152c08613075713d9b10d7558becfb19ded8e45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:19951763d79334b5e566c8d9b5acf9524268d1e5864a574632363cf540678184_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:86224e8f5d9f5ede57e90166cde9802c1ef956737b711935b9269b387ea5b68b_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f2c4a003335692f84e68cb660d61581a68c89607ec92fca9ca08a7e98efc8c63_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f5050789c44ce9c4de52aa34acf375efe97708a313280e395e34a6d306e5d1e0_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:03a485b1c02f5155f22c7820c166889b3f7d7b479892bb4d106432fa2dbf217b_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:117876c6c6a12beb25983da60c8c1628f350a1797888b9f03c44b9dd737844fa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e82aac09336b0a36d5bc896826891ec41714ea1e05aac345a49abc4915b255ee_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f58b0c52270707e15747b431520150641019c9b215e864c8dfe8dec1f6e94caf_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/sigstore/fulcio: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token"
},
{
"cve": "CVE-2026-21441",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2026-01-07T23:01:59.422078+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:056dc564e4f8ee5ee816c008b962ca6e2de3b3e86c60fd2805654b6054948caa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:24eeadd822f6f30c5e587e9d3eba06f1856a2c2e9f47daf4bad706146f50382a_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:338cd06dcc742eb7f37b3ca02ff6c5902630e1466ce3dc6b73b49c1b2b8562fa_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:92e8d6d910fa92fb05e4e0a8046b03090643509fe2a67f8efc8e1bb2b93aba10_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:edc72269317914b4612ffe859a558a886b5a244d99c016896b126f1dd35fb299_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:11c27678e7d181621669548757d07cc9ed5be4e55043d4676fd4a2fb41433498_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1f9c64d9e2b9c6c1ae2fc5d00c83498a9bb8db3a0cf5fd3545a49cce65a998ef_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cc4a64957a3e97ee564e895c50d451dd0cd472ea635a258db2ea3a0bac83e242_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e8980b92b3c6c5fe6cb076121faba33f0c70bb980e349172c0d3732c52ab8c09_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:47e327e54e2dfd7b990a196e8864262ff2ce94e760caa96a163f44fb51119f18_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a1f93c08e02b3b2651f50bcdb8297a66a4f8a5221284f30c9a3a65a14784c824_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:cd984016e01cde762b5958b8e7f8ea9f17828348104f074424a3ed14604a2544_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:ed9b563d9a2133239537b37954bbba96ba6e17f9f64d899cfd51688b9bed040a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:3b19f8efe886a379fcad216b583de6c962a231159020f363323d531c330350de_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:53c55f81a10b84f6c7756a98c30f6c018736d8691440408ded75a9d60d20abd7_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:907981736598e7544bebfc8d174fea92cc9a7769d649cbe8ce3cc296e6953856_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:f2f9b7f06fe1847d49a1d94069e1052b021f2169fb036f2b886f2f70859914de_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d6728285a5552f62e96c93eb5b0eba181582890c4fce1a0b56758d2b3c4bbdcd_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:39a26364fc2794512c6862fd0333df158d8301ca82eabf53959561fc39fbbe0f_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:412a23db39debcda082d6d85807a7983aa474e3eea8f6780c619d0b371af16ae_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5e8ae98348f50d6a50ff31a3b099afb84109ea0892b9408d16f6f32b0b657048_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:63e2f0159c3521ea5d908f331979836af72c32f18104bcf915feab123e294dd1_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:6e048b97ef55a2ad081250608152c08613075713d9b10d7558becfb19ded8e45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:19951763d79334b5e566c8d9b5acf9524268d1e5864a574632363cf540678184_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:86224e8f5d9f5ede57e90166cde9802c1ef956737b711935b9269b387ea5b68b_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f2c4a003335692f84e68cb660d61581a68c89607ec92fca9ca08a7e98efc8c63_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f5050789c44ce9c4de52aa34acf375efe97708a313280e395e34a6d306e5d1e0_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2427726"
}
],
"notes": [
{
"category": "description",
"text": "urllib3 is an HTTP client library for Python. urllib3\u0027s streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP `Content-Encoding` header (e.g., `gzip`, `deflate`, `br`, or `zstd`). When using the streaming API, the library decompresses only the necessary bytes, enabling partial content consumption. Starting in version 1.22 and prior to version 2.6.3, for HTTP redirect responses, the library would read the entire response body to drain the connection and decompress the content unnecessarily. This decompression occurred even before any read methods were called, and configured read limits did not restrict the amount of decompressed data. As a result, there was no safeguard against decompression bombs. A malicious server could exploit this to trigger excessive resource consumption on the client. Applications and libraries are affected when they stream content from untrusted sources by setting `preload_content=False` when they do not disable redirects. Users should upgrade to at least urllib3 v2.6.3, in which the library does not decode content of redirect responses when `preload_content=False`. If upgrading is not immediately possible, disable redirects by setting `redirect=False` for requests to untrusted source.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:03a485b1c02f5155f22c7820c166889b3f7d7b479892bb4d106432fa2dbf217b_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:117876c6c6a12beb25983da60c8c1628f350a1797888b9f03c44b9dd737844fa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e82aac09336b0a36d5bc896826891ec41714ea1e05aac345a49abc4915b255ee_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f58b0c52270707e15747b431520150641019c9b215e864c8dfe8dec1f6e94caf_s390x"
],
"known_not_affected": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:056dc564e4f8ee5ee816c008b962ca6e2de3b3e86c60fd2805654b6054948caa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:24eeadd822f6f30c5e587e9d3eba06f1856a2c2e9f47daf4bad706146f50382a_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:338cd06dcc742eb7f37b3ca02ff6c5902630e1466ce3dc6b73b49c1b2b8562fa_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:92e8d6d910fa92fb05e4e0a8046b03090643509fe2a67f8efc8e1bb2b93aba10_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:edc72269317914b4612ffe859a558a886b5a244d99c016896b126f1dd35fb299_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:11c27678e7d181621669548757d07cc9ed5be4e55043d4676fd4a2fb41433498_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1f9c64d9e2b9c6c1ae2fc5d00c83498a9bb8db3a0cf5fd3545a49cce65a998ef_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cc4a64957a3e97ee564e895c50d451dd0cd472ea635a258db2ea3a0bac83e242_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e8980b92b3c6c5fe6cb076121faba33f0c70bb980e349172c0d3732c52ab8c09_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:47e327e54e2dfd7b990a196e8864262ff2ce94e760caa96a163f44fb51119f18_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a1f93c08e02b3b2651f50bcdb8297a66a4f8a5221284f30c9a3a65a14784c824_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:cd984016e01cde762b5958b8e7f8ea9f17828348104f074424a3ed14604a2544_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:ed9b563d9a2133239537b37954bbba96ba6e17f9f64d899cfd51688b9bed040a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:3b19f8efe886a379fcad216b583de6c962a231159020f363323d531c330350de_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:53c55f81a10b84f6c7756a98c30f6c018736d8691440408ded75a9d60d20abd7_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:907981736598e7544bebfc8d174fea92cc9a7769d649cbe8ce3cc296e6953856_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:f2f9b7f06fe1847d49a1d94069e1052b021f2169fb036f2b886f2f70859914de_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d6728285a5552f62e96c93eb5b0eba181582890c4fce1a0b56758d2b3c4bbdcd_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:39a26364fc2794512c6862fd0333df158d8301ca82eabf53959561fc39fbbe0f_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:412a23db39debcda082d6d85807a7983aa474e3eea8f6780c619d0b371af16ae_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5e8ae98348f50d6a50ff31a3b099afb84109ea0892b9408d16f6f32b0b657048_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:63e2f0159c3521ea5d908f331979836af72c32f18104bcf915feab123e294dd1_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:6e048b97ef55a2ad081250608152c08613075713d9b10d7558becfb19ded8e45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:19951763d79334b5e566c8d9b5acf9524268d1e5864a574632363cf540678184_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:86224e8f5d9f5ede57e90166cde9802c1ef956737b711935b9269b387ea5b68b_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f2c4a003335692f84e68cb660d61581a68c89607ec92fca9ca08a7e98efc8c63_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f5050789c44ce9c4de52aa34acf375efe97708a313280e395e34a6d306e5d1e0_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-21441"
},
{
"category": "external",
"summary": "RHBZ#2427726",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2427726"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-21441",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21441"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-21441",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21441"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b",
"url": "https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99"
}
],
"release_date": "2026-01-07T22:09:01.936000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T15:52:56+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:03a485b1c02f5155f22c7820c166889b3f7d7b479892bb4d106432fa2dbf217b_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:117876c6c6a12beb25983da60c8c1628f350a1797888b9f03c44b9dd737844fa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e82aac09336b0a36d5bc896826891ec41714ea1e05aac345a49abc4915b255ee_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f58b0c52270707e15747b431520150641019c9b215e864c8dfe8dec1f6e94caf_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1730"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:056dc564e4f8ee5ee816c008b962ca6e2de3b3e86c60fd2805654b6054948caa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:24eeadd822f6f30c5e587e9d3eba06f1856a2c2e9f47daf4bad706146f50382a_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:338cd06dcc742eb7f37b3ca02ff6c5902630e1466ce3dc6b73b49c1b2b8562fa_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:92e8d6d910fa92fb05e4e0a8046b03090643509fe2a67f8efc8e1bb2b93aba10_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:edc72269317914b4612ffe859a558a886b5a244d99c016896b126f1dd35fb299_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:11c27678e7d181621669548757d07cc9ed5be4e55043d4676fd4a2fb41433498_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1f9c64d9e2b9c6c1ae2fc5d00c83498a9bb8db3a0cf5fd3545a49cce65a998ef_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cc4a64957a3e97ee564e895c50d451dd0cd472ea635a258db2ea3a0bac83e242_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:e8980b92b3c6c5fe6cb076121faba33f0c70bb980e349172c0d3732c52ab8c09_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:47e327e54e2dfd7b990a196e8864262ff2ce94e760caa96a163f44fb51119f18_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a1f93c08e02b3b2651f50bcdb8297a66a4f8a5221284f30c9a3a65a14784c824_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:cd984016e01cde762b5958b8e7f8ea9f17828348104f074424a3ed14604a2544_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:ed9b563d9a2133239537b37954bbba96ba6e17f9f64d899cfd51688b9bed040a_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:3b19f8efe886a379fcad216b583de6c962a231159020f363323d531c330350de_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:53c55f81a10b84f6c7756a98c30f6c018736d8691440408ded75a9d60d20abd7_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:907981736598e7544bebfc8d174fea92cc9a7769d649cbe8ce3cc296e6953856_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:f2f9b7f06fe1847d49a1d94069e1052b021f2169fb036f2b886f2f70859914de_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:d6728285a5552f62e96c93eb5b0eba181582890c4fce1a0b56758d2b3c4bbdcd_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:39a26364fc2794512c6862fd0333df158d8301ca82eabf53959561fc39fbbe0f_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:412a23db39debcda082d6d85807a7983aa474e3eea8f6780c619d0b371af16ae_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5e8ae98348f50d6a50ff31a3b099afb84109ea0892b9408d16f6f32b0b657048_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:63e2f0159c3521ea5d908f331979836af72c32f18104bcf915feab123e294dd1_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:6e048b97ef55a2ad081250608152c08613075713d9b10d7558becfb19ded8e45_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:19951763d79334b5e566c8d9b5acf9524268d1e5864a574632363cf540678184_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:86224e8f5d9f5ede57e90166cde9802c1ef956737b711935b9269b387ea5b68b_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f2c4a003335692f84e68cb660d61581a68c89607ec92fca9ca08a7e98efc8c63_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f5050789c44ce9c4de52aa34acf375efe97708a313280e395e34a6d306e5d1e0_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:03a485b1c02f5155f22c7820c166889b3f7d7b479892bb4d106432fa2dbf217b_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:117876c6c6a12beb25983da60c8c1628f350a1797888b9f03c44b9dd737844fa_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:e82aac09336b0a36d5bc896826891ec41714ea1e05aac345a49abc4915b255ee_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:f58b0c52270707e15747b431520150641019c9b215e864c8dfe8dec1f6e94caf_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)"
}
]
}
RHSA-2026:2695
Vulnerability from csaf_redhat - Published: 2026-02-12 22:43 - Updated: 2026-05-07 07:29Summary
Red Hat Security Advisory: RHOAI 2.25.2 - Red Hat OpenShift AI
Severity
Important
Notes
Topic: Updated images are now available for Red Hat OpenShift AI.
Details: Release of RHOAI 2.25.2 provides these changes:
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in Red Hat OpenShift AI (RHOAI) llama-stack-operator. This vulnerability allows unauthorized access to Llama Stack services deployed in other namespaces via direct network requests, because no NetworkPolicy restricts access to the llama-stack service endpoint. As a result, a user in one namespace can access another user’s Llama Stack instance and potentially view or manipulate sensitive data.
8.1 (High)
Vendor Fix
For Red Hat OpenShift AI 2.25.2 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:
https://docs.redhat.com/en/documentation/red_hat_openshift_ai/
https://access.redhat.com/errata/RHSA-2026:2695
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in node-forge. This vulnerability allows unauthenticated attackers to bypass downstream cryptographic verifications and security decisions via crafting ASN.1 (Abstract Syntax Notation One) structures to desynchronize schema validations, yielding a semantic divergence.
8.7 (High)
Vendor Fix
For Red Hat OpenShift AI 2.25.2 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:
https://docs.redhat.com/en/documentation/red_hat_openshift_ai/
https://access.redhat.com/errata/RHSA-2026:2695
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
A flaw was found in Hugging Face Accelerate. A remote attacker can achieve arbitrary code execution by exploiting a deserialization of untrusted data vulnerability. This occurs when the target visits a malicious page or opens a malicious file, leading to improper validation of user-supplied data during the parsing of checkpoints. Successful exploitation allows the attacker to execute code in the context of the current process.
7.8 (High)
Vendor Fix
For Red Hat OpenShift AI 2.25.2 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:
https://docs.redhat.com/en/documentation/red_hat_openshift_ai/
https://access.redhat.com/errata/RHSA-2026:2695
Workaround
To mitigate this issue, users should avoid processing untrusted checkpoint files or visiting untrusted web pages with applications utilizing Hugging Face Accelerate. Restricting the sources of input data for affected components can significantly reduce the attack surface. No service restart is required for this operational control.
A flaw was found in runc. This attack is a more sophisticated variant of CVE-2019-16884, which was a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process. The mitigation applied for CVE-2019-16884 was fairly limited and effectively only caused runc to verify that when we write LSM labels that those labels are actual procfs files.
8.2 (High)
Vendor Fix
For Red Hat OpenShift AI 2.25.2 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:
https://docs.redhat.com/en/documentation/red_hat_openshift_ai/
https://access.redhat.com/errata/RHSA-2026:2695
Workaround
Potential mitigations for this issue include:
* Using rootless containers, as doing so will block most of the inadvertent writes (runc would run with reduced privileges, making attempts to write to procfs files ineffective).
* Based on our analysis, neither AppArmor or SELinux can protect against the full version of the redirected write attack. The container runtime is generally privileged enough to write to arbitrary procfs files, which is more than sufficient to cause a container breakout.
This vulnerability in fontTools varLib allows a crafted .designspace file to trigger arbitrary file writes and XML-based content injection during variable-font generation. Because filenames are not sanitized, an attacker can use path traversal to overwrite files anywhere on the filesystem, and malicious payloads embedded in XML labelname elements can be injected directly into the generated output. When these overwritten files reside in executable or web-served locations, this can enable local remote-code execution or corruption of application or configuration files. The issue affects the varLib CLI and any code that invokes fontTools.varLib.main().
6.3 (Medium)
Vendor Fix
For Red Hat OpenShift AI 2.25.2 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:
https://docs.redhat.com/en/documentation/red_hat_openshift_ai/
https://access.redhat.com/errata/RHSA-2026:2695
Workaround
To mitigate this issue, avoid processing untrusted .designspace files with the fontTools varLib script or any application that invokes fontTools.varLib.main(). Restrict the execution environment of processes handling .designspace files to minimize potential impact from arbitrary file writes. If the fonttools package is not required, consider removing it.
A flaw was found in urllib3 Python library that could lead to a Denial of Service condition. A remote, malicious server can exploit this flaw by responding to a client request with an HTTP message that uses an excessive number of chained compression algorithms. This unlimited decompression chain causes the client system to consume a virtually unbounded amount of CPU resources and memory. The high resource usage leads to service disruption, making the application unresponsive.
7.5 (High)
Vendor Fix
For Red Hat OpenShift AI 2.25.2 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:
https://docs.redhat.com/en/documentation/red_hat_openshift_ai/
https://access.redhat.com/errata/RHSA-2026:2695
A decompression handling flaw has been discovered in urllib3. When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header (e.g., gzip, deflate, br, or zstd). The library must read compressed data from the network and decompress it until the requested chunk size is met. Any resulting decompressed data that exceeds the requested amount is held in an internal buffer for the next read operation. The decompression logic could cause urllib3 to fully decode a small amount of highly compressed data in a single operation. This can result in excessive resource consumption (high CPU usage and massive memory allocation for the decompressed data; CWE-409) on the client side, even if the application only requested a small chunk of data.
7.5 (High)
Vendor Fix
For Red Hat OpenShift AI 2.25.2 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:
https://docs.redhat.com/en/documentation/red_hat_openshift_ai/
https://access.redhat.com/errata/RHSA-2026:2695
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in Fulcio, a free-to-use certificate authority. This vulnerability allows a denial of service (DoS) due to excessive memory allocation when processing a malicious OpenID Connect (OIDC) identity token containing numerous period characters.
7.5 (High)
Vendor Fix
For Red Hat OpenShift AI 2.25.2 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:
https://docs.redhat.com/en/documentation/red_hat_openshift_ai/
https://access.redhat.com/errata/RHSA-2026:2695
A path traversal and arbitrary file overwrite vulnerability has been identified in Argo Workflows during the extraction of archived artifacts, where symbolic links inside a crafted archive are not safely validated before file extraction. An attacker could exploit this flaw by submitting a malicious archive containing symbolic links that point outside the intended extraction directory, causing files to be written or overwritten in unintended locations within the workflow pod. Successful exploitation may allow an attacker to overwrite execution control files and achieve arbitrary command execution during pod startup.
8.3 (High)
Vendor Fix
For Red Hat OpenShift AI 2.25.2 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:
https://docs.redhat.com/en/documentation/red_hat_openshift_ai/
https://access.redhat.com/errata/RHSA-2026:2695
Workaround
No mitigation is currently available that meets Red Hat Product Security’s standards for usability, deployment, applicability, or stability.
A flaw was found in Expr, an expression language and expression evaluation for Go. This vulnerability allows a denial of service (DoS) via recursive traversal over user-provided deeply nested or cyclic data structures without enforcing a maximum recursion depth, leading to a stack overflow panic and application crash.
7.5 (High)
Vendor Fix
For Red Hat OpenShift AI 2.25.2 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:
https://docs.redhat.com/en/documentation/red_hat_openshift_ai/
https://access.redhat.com/errata/RHSA-2026:2695
Workaround
To mitigate this issue, applications using the `Expr` library should ensure that evaluation environments do not contain cyclic references. Additionally, externally supplied data structures must be validated or sanitized before being passed to `Expr` for evaluation. As a last-resort defensive measure, expression evaluation can be wrapped with panic recovery to prevent a full process crash.
A flaw was found in KEDA, a Kubernetes-based Event Driven Autoscaling component. This arbitrary file read vulnerability allows an attacker with permissions to create or modify a TriggerAuthentication resource to read any file from the node's filesystem where the KEDA pod resides. This is due to insufficient path validation when handling Service Account Tokens during HashiCorp Vault authentication. Successful exploitation can lead to the exfiltration of sensitive system information, such as secrets or configuration files.
7.7 (High)
Vendor Fix
For Red Hat OpenShift AI 2.25.2 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:
https://docs.redhat.com/en/documentation/red_hat_openshift_ai/
https://access.redhat.com/errata/RHSA-2026:2695
A decompression based denial of service flaw has been discovered in the AIOHTTP python library. Library versions 3.13.2 and below allow a zip bomb to be used to execute a DoS against the AIOHTTP server. An attacker may be able to send a compressed request that when decompressed by AIOHTTP could exhaust the host's memory.
7.5 (High)
Vendor Fix
For Red Hat OpenShift AI 2.25.2 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:
https://docs.redhat.com/en/documentation/red_hat_openshift_ai/
https://access.redhat.com/errata/RHSA-2026:2695
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP `Content-Encoding` header (e.g., `gzip`, `deflate`, `br`, or `zstd`). When using the streaming API, the library decompresses only the necessary bytes, enabling partial content consumption. Starting in version 1.22 and prior to version 2.6.3, for HTTP redirect responses, the library would read the entire response body to drain the connection and decompress the content unnecessarily. This decompression occurred even before any read methods were called, and configured read limits did not restrict the amount of decompressed data. As a result, there was no safeguard against decompression bombs. A malicious server could exploit this to trigger excessive resource consumption on the client. Applications and libraries are affected when they stream content from untrusted sources by setting `preload_content=False` when they do not disable redirects. Users should upgrade to at least urllib3 v2.6.3, in which the library does not decode content of redirect responses when `preload_content=False`. If upgrading is not immediately possible, disable redirects by setting `redirect=False` for requests to untrusted source.
7.5 (High)
Vendor Fix
For Red Hat OpenShift AI 2.25.2 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:
https://docs.redhat.com/en/documentation/red_hat_openshift_ai/
https://access.redhat.com/errata/RHSA-2026:2695
A path traversal flaw has been discovered in the python wheel too. The unpack function is vulnerable to file permission modification through mishandling of file permissions after extraction. The logic blindly trusts the filename from the archive header for the chmod operation, even though the extraction process itself might have sanitized the path. Attackers can craft a malicious wheel file that, when unpacked, changes the permissions of critical system files (e.g., /etc/passwd, SSH keys, config files), allowing for Privilege Escalation or arbitrary code execution by modifying now-writable scripts.
7.1 (High)
Vendor Fix
For Red Hat OpenShift AI 2.25.2 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:
https://docs.redhat.com/en/documentation/red_hat_openshift_ai/
https://access.redhat.com/errata/RHSA-2026:2695
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
References
| URL | Category | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated images are now available for Red Hat OpenShift AI.",
"title": "Topic"
},
{
"category": "general",
"text": "Release of RHOAI 2.25.2 provides these changes:",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:2695",
"url": "https://access.redhat.com/errata/RHSA-2026:2695"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-12805",
"url": "https://access.redhat.com/security/cve/CVE-2025-12805"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-12816",
"url": "https://access.redhat.com/security/cve/CVE-2025-12816"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-14925",
"url": "https://access.redhat.com/security/cve/CVE-2025-14925"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-52881",
"url": "https://access.redhat.com/security/cve/CVE-2025-52881"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66034",
"url": "https://access.redhat.com/security/cve/CVE-2025-66034"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66418",
"url": "https://access.redhat.com/security/cve/CVE-2025-66418"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66471",
"url": "https://access.redhat.com/security/cve/CVE-2025-66471"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66506",
"url": "https://access.redhat.com/security/cve/CVE-2025-66506"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66626",
"url": "https://access.redhat.com/security/cve/CVE-2025-66626"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-68156",
"url": "https://access.redhat.com/security/cve/CVE-2025-68156"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-68476",
"url": "https://access.redhat.com/security/cve/CVE-2025-68476"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-69223",
"url": "https://access.redhat.com/security/cve/CVE-2025-69223"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-21441",
"url": "https://access.redhat.com/security/cve/CVE-2026-21441"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-24049",
"url": "https://access.redhat.com/security/cve/CVE-2026-24049"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"url": "https://docs.redhat.com/en/documentation/red_hat_openshift_ai/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_2695.json"
}
],
"title": "Red Hat Security Advisory: RHOAI 2.25.2 - Red Hat OpenShift AI",
"tracking": {
"current_release_date": "2026-05-07T07:29:46+00:00",
"generator": {
"date": "2026-05-07T07:29:46+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.9"
}
},
"id": "RHSA-2026:2695",
"initial_release_date": "2026-02-12T22:43:13+00:00",
"revision_history": [
{
"date": "2026-02-12T22:43:13+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-02-12T22:43:22+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-07T07:29:46+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift AI 2.25",
"product": {
"name": "Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_ai:2.25::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift AI"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:eedab7e6fd4adb2bd697e8cbcbd6703291d9fe5d2a3a048e8c34d9529586c93a_s390x",
"product": {
"name": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:eedab7e6fd4adb2bd697e8cbcbd6703291d9fe5d2a3a048e8c34d9529586c93a_s390x",
"product_id": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:eedab7e6fd4adb2bd697e8cbcbd6703291d9fe5d2a3a048e8c34d9529586c93a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odh-rhel9-operator@sha256%3Aeedab7e6fd4adb2bd697e8cbcbd6703291d9fe5d2a3a048e8c34d9529586c93a?arch=s390x\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770825519"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:a15b54532e9e06d91abce8fd7becf2aa3bfbce56f231036e25e9ffed15760f74_s390x",
"product": {
"name": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:a15b54532e9e06d91abce8fd7becf2aa3bfbce56f231036e25e9ffed15760f74_s390x",
"product_id": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:a15b54532e9e06d91abce8fd7becf2aa3bfbce56f231036e25e9ffed15760f74_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odh-dashboard-rhel9@sha256%3Aa15b54532e9e06d91abce8fd7becf2aa3bfbce56f231036e25e9ffed15760f74?arch=s390x\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770641923"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7f027d05df255e62828ab28d5f188655fc125bc4ead872c7a33cedaf47b12f8c_s390x",
"product": {
"name": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7f027d05df255e62828ab28d5f188655fc125bc4ead872c7a33cedaf47b12f8c_s390x",
"product_id": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7f027d05df255e62828ab28d5f188655fc125bc4ead872c7a33cedaf47b12f8c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odh-kf-notebook-controller-rhel9@sha256%3A7f027d05df255e62828ab28d5f188655fc125bc4ead872c7a33cedaf47b12f8c?arch=s390x\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770281700"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:56a321957afd15d357c8b53fc50299c0811981e8b925e64858dc7c4cfcea1993_s390x",
"product": {
"name": "registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:56a321957afd15d357c8b53fc50299c0811981e8b925e64858dc7c4cfcea1993_s390x",
"product_id": "registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:56a321957afd15d357c8b53fc50299c0811981e8b925e64858dc7c4cfcea1993_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odh-kueue-controller-rhel9@sha256%3A56a321957afd15d357c8b53fc50299c0811981e8b925e64858dc7c4cfcea1993?arch=s390x\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770282006"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:86ca44b014be65651b83a49a38c0784dee640b491b935e3ed5f3d49d84d55362_s390x",
"product": {
"name": "registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:86ca44b014be65651b83a49a38c0784dee640b491b935e3ed5f3d49d84d55362_s390x",
"product_id": "registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:86ca44b014be65651b83a49a38c0784dee640b491b935e3ed5f3d49d84d55362_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odh-mod-arch-model-registry-rhel9@sha256%3A86ca44b014be65651b83a49a38c0784dee640b491b935e3ed5f3d49d84d55362?arch=s390x\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770642057"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:29ff94de29714044377d060db9ad47f151afec858c8fc127c94ff04adbb984b7_s390x",
"product": {
"name": "registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:29ff94de29714044377d060db9ad47f151afec858c8fc127c94ff04adbb984b7_s390x",
"product_id": "registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:29ff94de29714044377d060db9ad47f151afec858c8fc127c94ff04adbb984b7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odh-model-controller-rhel9@sha256%3A29ff94de29714044377d060db9ad47f151afec858c8fc127c94ff04adbb984b7?arch=s390x\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770624309"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:25077a998c7b6ec7e8122026f2152419a0efe293a00899bb745a66a57f913848_s390x",
"product": {
"name": "registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:25077a998c7b6ec7e8122026f2152419a0efe293a00899bb745a66a57f913848_s390x",
"product_id": "registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:25077a998c7b6ec7e8122026f2152419a0efe293a00899bb745a66a57f913848_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odh-model-registry-job-async-upload-rhel9@sha256%3A25077a998c7b6ec7e8122026f2152419a0efe293a00899bb745a66a57f913848?arch=s390x\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770358847"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:e94a31493c7207846ab5d13387311e9a6d99ffa7885d1b8faa8602750059c2a3_s390x",
"product": {
"name": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:e94a31493c7207846ab5d13387311e9a6d99ffa7885d1b8faa8602750059c2a3_s390x",
"product_id": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:e94a31493c7207846ab5d13387311e9a6d99ffa7885d1b8faa8602750059c2a3_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odh-model-registry-operator-rhel9@sha256%3Ae94a31493c7207846ab5d13387311e9a6d99ffa7885d1b8faa8602750059c2a3?arch=s390x\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770297362"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:22c745e5d04f7a0d9b188bf6657b1de053c61d99d813f11f6819550ef2a96732_s390x",
"product": {
"name": "registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:22c745e5d04f7a0d9b188bf6657b1de053c61d99d813f11f6819550ef2a96732_s390x",
"product_id": "registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:22c745e5d04f7a0d9b188bf6657b1de053c61d99d813f11f6819550ef2a96732_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odh-model-registry-rhel9@sha256%3A22c745e5d04f7a0d9b188bf6657b1de053c61d99d813f11f6819550ef2a96732?arch=s390x\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770326269"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:b84eb1329e837895ca50d3284553e195918fefc71bdb9dc2550a90b2d927b6eb_s390x",
"product": {
"name": "registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:b84eb1329e837895ca50d3284553e195918fefc71bdb9dc2550a90b2d927b6eb_s390x",
"product_id": "registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:b84eb1329e837895ca50d3284553e195918fefc71bdb9dc2550a90b2d927b6eb_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odh-notebook-controller-rhel9@sha256%3Ab84eb1329e837895ca50d3284553e195918fefc71bdb9dc2550a90b2d927b6eb?arch=s390x\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770281702"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:05c7ffbd4dfa1f6ef760ed86f142d84d4c42583fa0b747eedc234763bef74ebb_s390x",
"product": {
"name": "registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:05c7ffbd4dfa1f6ef760ed86f142d84d4c42583fa0b747eedc234763bef74ebb_s390x",
"product_id": "registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:05c7ffbd4dfa1f6ef760ed86f142d84d4c42583fa0b747eedc234763bef74ebb_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odh-trustyai-service-rhel9@sha256%3A05c7ffbd4dfa1f6ef760ed86f142d84d4c42583fa0b747eedc234763bef74ebb?arch=s390x\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770313681"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:bab28cfa3596192875dbf305a4ed7432db0ebebec604053d30895931818740cd_s390x",
"product": {
"name": "registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:bab28cfa3596192875dbf305a4ed7432db0ebebec604053d30895931818740cd_s390x",
"product_id": "registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:bab28cfa3596192875dbf305a4ed7432db0ebebec604053d30895931818740cd_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odh-vllm-cpu-rhel9@sha256%3Abab28cfa3596192875dbf305a4ed7432db0ebebec604053d30895931818740cd?arch=s390x\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770816984"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:2c98b3b933276dbcead1fde142bfcd3f130d89e6812c6b433da7eed650ae2dbc_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:2c98b3b933276dbcead1fde142bfcd3f130d89e6812c6b433da7eed650ae2dbc_amd64",
"product_id": "registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:2c98b3b933276dbcead1fde142bfcd3f130d89e6812c6b433da7eed650ae2dbc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-codeflare-operator-rhel9@sha256%3A2c98b3b933276dbcead1fde142bfcd3f130d89e6812c6b433da7eed650ae2dbc?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770281761"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:ce1e29736422aa55f1a3837fc38a365fbc1096d58b6794cca84ff907da273917_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:ce1e29736422aa55f1a3837fc38a365fbc1096d58b6794cca84ff907da273917_amd64",
"product_id": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:ce1e29736422aa55f1a3837fc38a365fbc1096d58b6794cca84ff907da273917_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-dashboard-rhel9@sha256%3Ace1e29736422aa55f1a3837fc38a365fbc1096d58b6794cca84ff907da273917?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770641923"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:42f631d436d62d7399ca3ef8fd89a334c7839823c8e6ffafe2cdd32ee36493bb_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:42f631d436d62d7399ca3ef8fd89a334c7839823c8e6ffafe2cdd32ee36493bb_amd64",
"product_id": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:42f631d436d62d7399ca3ef8fd89a334c7839823c8e6ffafe2cdd32ee36493bb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-data-science-pipelines-argo-argoexec-rhel9@sha256%3A42f631d436d62d7399ca3ef8fd89a334c7839823c8e6ffafe2cdd32ee36493bb?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770281866"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:04a821296c01da5155ab36d9381b962866c26e9c7516f321ffe440b7fa13b4c5_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:04a821296c01da5155ab36d9381b962866c26e9c7516f321ffe440b7fa13b4c5_amd64",
"product_id": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:04a821296c01da5155ab36d9381b962866c26e9c7516f321ffe440b7fa13b4c5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256%3A04a821296c01da5155ab36d9381b962866c26e9c7516f321ffe440b7fa13b4c5?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770282201"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:c51fe06b557fa20d78af7b12cf6c6ddc3227f44f3957a52f3037c25700cfadb2_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:c51fe06b557fa20d78af7b12cf6c6ddc3227f44f3957a52f3037c25700cfadb2_amd64",
"product_id": "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:c51fe06b557fa20d78af7b12cf6c6ddc3227f44f3957a52f3037c25700cfadb2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-data-science-pipelines-operator-controller-rhel9@sha256%3Ac51fe06b557fa20d78af7b12cf6c6ddc3227f44f3957a52f3037c25700cfadb2?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770281698"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:cf586b7cb58dff92e7f31b8b9ebe5c971e55c67b8ba2c3320d2b71183c88fc7c_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:cf586b7cb58dff92e7f31b8b9ebe5c971e55c67b8ba2c3320d2b71183c88fc7c_amd64",
"product_id": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:cf586b7cb58dff92e7f31b8b9ebe5c971e55c67b8ba2c3320d2b71183c88fc7c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-kf-notebook-controller-rhel9@sha256%3Acf586b7cb58dff92e7f31b8b9ebe5c971e55c67b8ba2c3320d2b71183c88fc7c?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770281700"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:7af31fef4a2269c2cf444420048ea644c9949714e9a63417fe6d7288abee457b_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:7af31fef4a2269c2cf444420048ea644c9949714e9a63417fe6d7288abee457b_amd64",
"product_id": "registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:7af31fef4a2269c2cf444420048ea644c9949714e9a63417fe6d7288abee457b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-kuberay-operator-controller-rhel9@sha256%3A7af31fef4a2269c2cf444420048ea644c9949714e9a63417fe6d7288abee457b?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770786164"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:633bfd24f1396c150b5902407879e7b26e7681074772fbbfeccc4d48cbe77b19_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:633bfd24f1396c150b5902407879e7b26e7681074772fbbfeccc4d48cbe77b19_amd64",
"product_id": "registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:633bfd24f1396c150b5902407879e7b26e7681074772fbbfeccc4d48cbe77b19_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-kueue-controller-rhel9@sha256%3A633bfd24f1396c150b5902407879e7b26e7681074772fbbfeccc4d48cbe77b19?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770282006"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:e8ccea3bfafbde4d5b91cc7b7732b2b64d6aa08499b5ca63b4d8f1e980291351_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:e8ccea3bfafbde4d5b91cc7b7732b2b64d6aa08499b5ca63b4d8f1e980291351_amd64",
"product_id": "registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:e8ccea3bfafbde4d5b91cc7b7732b2b64d6aa08499b5ca63b4d8f1e980291351_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-llama-stack-k8s-operator-rhel9@sha256%3Ae8ccea3bfafbde4d5b91cc7b7732b2b64d6aa08499b5ca63b4d8f1e980291351?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770788315"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:ade80e2ecb6fa56c20539e11677c29e57a1e20b5ce60f8414fd8ff3e83c9bc28_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:ade80e2ecb6fa56c20539e11677c29e57a1e20b5ce60f8414fd8ff3e83c9bc28_amd64",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:ade80e2ecb6fa56c20539e11677c29e57a1e20b5ce60f8414fd8ff3e83c9bc28_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-api-server-v2-rhel9@sha256%3Aade80e2ecb6fa56c20539e11677c29e57a1e20b5ce60f8414fd8ff3e83c9bc28?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770296268"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:820fd80dbce2d9d9cdf38989ce84ee5601e862786a732ad108fc319e28131944_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:820fd80dbce2d9d9cdf38989ce84ee5601e862786a732ad108fc319e28131944_amd64",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:820fd80dbce2d9d9cdf38989ce84ee5601e862786a732ad108fc319e28131944_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-driver-rhel9@sha256%3A820fd80dbce2d9d9cdf38989ce84ee5601e862786a732ad108fc319e28131944?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770296001"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:f01860f904557f887d8aafe42143c63352d6cb496dc727c265f14e3c2d296e06_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:f01860f904557f887d8aafe42143c63352d6cb496dc727c265f14e3c2d296e06_amd64",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:f01860f904557f887d8aafe42143c63352d6cb496dc727c265f14e3c2d296e06_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-launcher-rhel9@sha256%3Af01860f904557f887d8aafe42143c63352d6cb496dc727c265f14e3c2d296e06?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770295985"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:7f362050312693129d3a15b6eed4fa06576d6529a99bc864f273c55145ae14ec_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:7f362050312693129d3a15b6eed4fa06576d6529a99bc864f273c55145ae14ec_amd64",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:7f362050312693129d3a15b6eed4fa06576d6529a99bc864f273c55145ae14ec_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256%3A7f362050312693129d3a15b6eed4fa06576d6529a99bc864f273c55145ae14ec?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770296071"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:114fd9b55f5ea28a16c3fe2eef773a4cb4693c1885ef6193399cfea278191acb_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:114fd9b55f5ea28a16c3fe2eef773a4cb4693c1885ef6193399cfea278191acb_amd64",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:114fd9b55f5ea28a16c3fe2eef773a4cb4693c1885ef6193399cfea278191acb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-runtime-generic-rhel9@sha256%3A114fd9b55f5ea28a16c3fe2eef773a4cb4693c1885ef6193399cfea278191acb?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770786633"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:9c061b939c8094f4939cd183da381ad8e49d878cc2fdd373b8d26eecae07ab6d_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:9c061b939c8094f4939cd183da381ad8e49d878cc2fdd373b8d26eecae07ab6d_amd64",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:9c061b939c8094f4939cd183da381ad8e49d878cc2fdd373b8d26eecae07ab6d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256%3A9c061b939c8094f4939cd183da381ad8e49d878cc2fdd373b8d26eecae07ab6d?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770296052"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:5924a7e64d6031aa926f9ecb9ee3be30d8251c4705813a9bef6716d18b7411b4_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:5924a7e64d6031aa926f9ecb9ee3be30d8251c4705813a9bef6716d18b7411b4_amd64",
"product_id": "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:5924a7e64d6031aa926f9ecb9ee3be30d8251c4705813a9bef6716d18b7411b4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-mlmd-grpc-server-rhel9@sha256%3A5924a7e64d6031aa926f9ecb9ee3be30d8251c4705813a9bef6716d18b7411b4?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770297372"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:af7bbec8e30b0e0d8393fe1e2bd656d7630b7c9828536be6664fa848fac61505_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:af7bbec8e30b0e0d8393fe1e2bd656d7630b7c9828536be6664fa848fac61505_amd64",
"product_id": "registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:af7bbec8e30b0e0d8393fe1e2bd656d7630b7c9828536be6664fa848fac61505_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-mm-rest-proxy-rhel9@sha256%3Aaf7bbec8e30b0e0d8393fe1e2bd656d7630b7c9828536be6664fa848fac61505?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770296950"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f9ee33c1c4d7f2a872861c9ad1dbb78ba8fed3ab562ae90f12f06a892147e367_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f9ee33c1c4d7f2a872861c9ad1dbb78ba8fed3ab562ae90f12f06a892147e367_amd64",
"product_id": "registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f9ee33c1c4d7f2a872861c9ad1dbb78ba8fed3ab562ae90f12f06a892147e367_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-mod-arch-model-registry-rhel9@sha256%3Af9ee33c1c4d7f2a872861c9ad1dbb78ba8fed3ab562ae90f12f06a892147e367?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770642057"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:0ea603487b204f43ebddb1514500cdeaa02a0b763a627e4e10979deec60b7d28_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:0ea603487b204f43ebddb1514500cdeaa02a0b763a627e4e10979deec60b7d28_amd64",
"product_id": "registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:0ea603487b204f43ebddb1514500cdeaa02a0b763a627e4e10979deec60b7d28_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-model-controller-rhel9@sha256%3A0ea603487b204f43ebddb1514500cdeaa02a0b763a627e4e10979deec60b7d28?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770624309"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:9070f6741e667a4a145ede8dc67d4f7545944ef5fe4937fdcb1a08e9f537e068_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:9070f6741e667a4a145ede8dc67d4f7545944ef5fe4937fdcb1a08e9f537e068_amd64",
"product_id": "registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:9070f6741e667a4a145ede8dc67d4f7545944ef5fe4937fdcb1a08e9f537e068_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-model-registry-job-async-upload-rhel9@sha256%3A9070f6741e667a4a145ede8dc67d4f7545944ef5fe4937fdcb1a08e9f537e068?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770358847"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:eb0500f30373c5bcf3e10e27b081f97e5ce8b29a71dde9ff9b7e1066fd5dd80e_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:eb0500f30373c5bcf3e10e27b081f97e5ce8b29a71dde9ff9b7e1066fd5dd80e_amd64",
"product_id": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:eb0500f30373c5bcf3e10e27b081f97e5ce8b29a71dde9ff9b7e1066fd5dd80e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-model-registry-operator-rhel9@sha256%3Aeb0500f30373c5bcf3e10e27b081f97e5ce8b29a71dde9ff9b7e1066fd5dd80e?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770297362"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:741b836350d9ec48109468382c81066f401ebb4712ca414d44e3042894111419_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:741b836350d9ec48109468382c81066f401ebb4712ca414d44e3042894111419_amd64",
"product_id": "registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:741b836350d9ec48109468382c81066f401ebb4712ca414d44e3042894111419_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-model-registry-rhel9@sha256%3A741b836350d9ec48109468382c81066f401ebb4712ca414d44e3042894111419?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770326269"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:4a356900b1daca75092b8eac5c1d16f38703941caebba5ddec48120e854bd7e9_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:4a356900b1daca75092b8eac5c1d16f38703941caebba5ddec48120e854bd7e9_amd64",
"product_id": "registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:4a356900b1daca75092b8eac5c1d16f38703941caebba5ddec48120e854bd7e9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-modelmesh-runtime-adapter-rhel9@sha256%3A4a356900b1daca75092b8eac5c1d16f38703941caebba5ddec48120e854bd7e9?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770298324"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef72689e332c4e224a80603ffbcc1603cdf8fe4230b9fd60e7713f0b5c2d5045_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef72689e332c4e224a80603ffbcc1603cdf8fe4230b9fd60e7713f0b5c2d5045_amd64",
"product_id": "registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef72689e332c4e224a80603ffbcc1603cdf8fe4230b9fd60e7713f0b5c2d5045_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-modelmesh-serving-controller-rhel9@sha256%3Aef72689e332c4e224a80603ffbcc1603cdf8fe4230b9fd60e7713f0b5c2d5045?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770297416"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:3dd54b885e3d63e5882284bf4878aa723c1fef6833601ed5d5a091b6b74c68d1_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:3dd54b885e3d63e5882284bf4878aa723c1fef6833601ed5d5a091b6b74c68d1_amd64",
"product_id": "registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:3dd54b885e3d63e5882284bf4878aa723c1fef6833601ed5d5a091b6b74c68d1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-modelmesh-rhel9@sha256%3A3dd54b885e3d63e5882284bf4878aa723c1fef6833601ed5d5a091b6b74c68d1?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770341154"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:6f44d3b3973c34677d347a67841dbfabd23817de1b5c26967f1b9952c27b48c8_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:6f44d3b3973c34677d347a67841dbfabd23817de1b5c26967f1b9952c27b48c8_amd64",
"product_id": "registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:6f44d3b3973c34677d347a67841dbfabd23817de1b5c26967f1b9952c27b48c8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-notebook-controller-rhel9@sha256%3A6f44d3b3973c34677d347a67841dbfabd23817de1b5c26967f1b9952c27b48c8?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770281702"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:84739168d6ea2813c5b9666773166649a6b328a279dac80b61c51311a6a2943a_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:84739168d6ea2813c5b9666773166649a6b328a279dac80b61c51311a6a2943a_amd64",
"product_id": "registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:84739168d6ea2813c5b9666773166649a6b328a279dac80b61c51311a6a2943a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-openvino-model-server-rhel9@sha256%3A84739168d6ea2813c5b9666773166649a6b328a279dac80b61c51311a6a2943a?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770621450"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-operator-bundle@sha256:74968eea50e067a335e830cfde6d8bf3cd130a9eba77ce918e25e252b7c1541e_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-operator-bundle@sha256:74968eea50e067a335e830cfde6d8bf3cd130a9eba77ce918e25e252b7c1541e_amd64",
"product_id": "registry.redhat.io/rhoai/odh-operator-bundle@sha256:74968eea50e067a335e830cfde6d8bf3cd130a9eba77ce918e25e252b7c1541e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-operator-bundle@sha256%3A74968eea50e067a335e830cfde6d8bf3cd130a9eba77ce918e25e252b7c1541e?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770828479"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:53a8389250e59e7c9f5a9a61914cac361946b256132649bd45f775c8f36b486a_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:53a8389250e59e7c9f5a9a61914cac361946b256132649bd45f775c8f36b486a_amd64",
"product_id": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:53a8389250e59e7c9f5a9a61914cac361946b256132649bd45f775c8f36b486a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-rhel9-operator@sha256%3A53a8389250e59e7c9f5a9a61914cac361946b256132649bd45f775c8f36b486a?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770825519"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:ba6188d3d284f030f90e117c87501a8d08c4b356383429ad39806472113aa41b_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:ba6188d3d284f030f90e117c87501a8d08c4b356383429ad39806472113aa41b_amd64",
"product_id": "registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:ba6188d3d284f030f90e117c87501a8d08c4b356383429ad39806472113aa41b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-training-operator-rhel9@sha256%3Aba6188d3d284f030f90e117c87501a8d08c4b356383429ad39806472113aa41b?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770313067"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:883f4ae255413c1409d3fb607f91fdf13badf534c5e8f78d9905c8da69cdeeed_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:883f4ae255413c1409d3fb607f91fdf13badf534c5e8f78d9905c8da69cdeeed_amd64",
"product_id": "registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:883f4ae255413c1409d3fb607f91fdf13badf534c5e8f78d9905c8da69cdeeed_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-trustyai-service-rhel9@sha256%3A883f4ae255413c1409d3fb607f91fdf13badf534c5e8f78d9905c8da69cdeeed?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770313681"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:53c79641084ebe6c98274b31e34cc1a759b1443b96cf7dc45317008a30b1fc8d_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:53c79641084ebe6c98274b31e34cc1a759b1443b96cf7dc45317008a30b1fc8d_arm64",
"product_id": "registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:53c79641084ebe6c98274b31e34cc1a759b1443b96cf7dc45317008a30b1fc8d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-codeflare-operator-rhel9@sha256%3A53c79641084ebe6c98274b31e34cc1a759b1443b96cf7dc45317008a30b1fc8d?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770281761"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4519eccf48b1f2393bab39980fadde7e398cfff1933b78e9565029f95296ff05_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4519eccf48b1f2393bab39980fadde7e398cfff1933b78e9565029f95296ff05_arm64",
"product_id": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4519eccf48b1f2393bab39980fadde7e398cfff1933b78e9565029f95296ff05_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-dashboard-rhel9@sha256%3A4519eccf48b1f2393bab39980fadde7e398cfff1933b78e9565029f95296ff05?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770641923"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:56615395c62e26f3ef9bd267c0d5245331b8c67508df4bd8bbc83d72c4ef3b99_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:56615395c62e26f3ef9bd267c0d5245331b8c67508df4bd8bbc83d72c4ef3b99_arm64",
"product_id": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:56615395c62e26f3ef9bd267c0d5245331b8c67508df4bd8bbc83d72c4ef3b99_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-data-science-pipelines-argo-argoexec-rhel9@sha256%3A56615395c62e26f3ef9bd267c0d5245331b8c67508df4bd8bbc83d72c4ef3b99?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770281866"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:33aaad4cc22d1e2998e4710cc644f4032bec8f140e5236fdc83d520a869626ef_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:33aaad4cc22d1e2998e4710cc644f4032bec8f140e5236fdc83d520a869626ef_arm64",
"product_id": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:33aaad4cc22d1e2998e4710cc644f4032bec8f140e5236fdc83d520a869626ef_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256%3A33aaad4cc22d1e2998e4710cc644f4032bec8f140e5236fdc83d520a869626ef?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770282201"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:12d3d74ffbd7eb3a4817952835ab9bf5b89edf4fc9af661a28ec009f3251a519_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:12d3d74ffbd7eb3a4817952835ab9bf5b89edf4fc9af661a28ec009f3251a519_arm64",
"product_id": "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:12d3d74ffbd7eb3a4817952835ab9bf5b89edf4fc9af661a28ec009f3251a519_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-data-science-pipelines-operator-controller-rhel9@sha256%3A12d3d74ffbd7eb3a4817952835ab9bf5b89edf4fc9af661a28ec009f3251a519?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770281698"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:72f613c382aac012e2e79e800df50c210f41693cc2aaa5b99cb28ab38f1966c8_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:72f613c382aac012e2e79e800df50c210f41693cc2aaa5b99cb28ab38f1966c8_arm64",
"product_id": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:72f613c382aac012e2e79e800df50c210f41693cc2aaa5b99cb28ab38f1966c8_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-kf-notebook-controller-rhel9@sha256%3A72f613c382aac012e2e79e800df50c210f41693cc2aaa5b99cb28ab38f1966c8?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770281700"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:2df297674884e6ac297bae685f80741489ddf1e1d0ae1d5ec354917dff1acdda_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:2df297674884e6ac297bae685f80741489ddf1e1d0ae1d5ec354917dff1acdda_arm64",
"product_id": "registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:2df297674884e6ac297bae685f80741489ddf1e1d0ae1d5ec354917dff1acdda_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-kuberay-operator-controller-rhel9@sha256%3A2df297674884e6ac297bae685f80741489ddf1e1d0ae1d5ec354917dff1acdda?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770786164"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:ff09ee957797fa15208f9130e246ae006c385cc799573a71d31aff9ddf0e805d_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:ff09ee957797fa15208f9130e246ae006c385cc799573a71d31aff9ddf0e805d_arm64",
"product_id": "registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:ff09ee957797fa15208f9130e246ae006c385cc799573a71d31aff9ddf0e805d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-kueue-controller-rhel9@sha256%3Aff09ee957797fa15208f9130e246ae006c385cc799573a71d31aff9ddf0e805d?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770282006"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:1d258fe98c2477e4256a9b936f412f2501fb7ca9e3b810347f9712e0d5ce5c92_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:1d258fe98c2477e4256a9b936f412f2501fb7ca9e3b810347f9712e0d5ce5c92_arm64",
"product_id": "registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:1d258fe98c2477e4256a9b936f412f2501fb7ca9e3b810347f9712e0d5ce5c92_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-llama-stack-k8s-operator-rhel9@sha256%3A1d258fe98c2477e4256a9b936f412f2501fb7ca9e3b810347f9712e0d5ce5c92?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770788315"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:8b34aaf5a7729ef1ccd01f2b1b1e3439b304343f3403de67f68255015206fbf4_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:8b34aaf5a7729ef1ccd01f2b1b1e3439b304343f3403de67f68255015206fbf4_arm64",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:8b34aaf5a7729ef1ccd01f2b1b1e3439b304343f3403de67f68255015206fbf4_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-api-server-v2-rhel9@sha256%3A8b34aaf5a7729ef1ccd01f2b1b1e3439b304343f3403de67f68255015206fbf4?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770296268"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:3439c67a60c8323eb88f0181e8f811e5bdd7b51169f8b8cc687ab2148d1bfabe_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:3439c67a60c8323eb88f0181e8f811e5bdd7b51169f8b8cc687ab2148d1bfabe_arm64",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:3439c67a60c8323eb88f0181e8f811e5bdd7b51169f8b8cc687ab2148d1bfabe_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-driver-rhel9@sha256%3A3439c67a60c8323eb88f0181e8f811e5bdd7b51169f8b8cc687ab2148d1bfabe?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770296001"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:8e9dbdc213745aa0990f47e50b1d899ac2121951b9346420131d76cc393a493a_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:8e9dbdc213745aa0990f47e50b1d899ac2121951b9346420131d76cc393a493a_arm64",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:8e9dbdc213745aa0990f47e50b1d899ac2121951b9346420131d76cc393a493a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-launcher-rhel9@sha256%3A8e9dbdc213745aa0990f47e50b1d899ac2121951b9346420131d76cc393a493a?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770295985"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:1c76d957c8588ea2987d4b551bbefc2ef07c546cbaeb3148caff06f640b35ade_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:1c76d957c8588ea2987d4b551bbefc2ef07c546cbaeb3148caff06f640b35ade_arm64",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:1c76d957c8588ea2987d4b551bbefc2ef07c546cbaeb3148caff06f640b35ade_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256%3A1c76d957c8588ea2987d4b551bbefc2ef07c546cbaeb3148caff06f640b35ade?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770296071"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:816d8f81196bb0acfe5bbc792f9768916724bdecea3671172412eeb6948c4ff7_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:816d8f81196bb0acfe5bbc792f9768916724bdecea3671172412eeb6948c4ff7_arm64",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:816d8f81196bb0acfe5bbc792f9768916724bdecea3671172412eeb6948c4ff7_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-runtime-generic-rhel9@sha256%3A816d8f81196bb0acfe5bbc792f9768916724bdecea3671172412eeb6948c4ff7?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770786633"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f0511f3768e51b6801b66c91b302010e6197facb71a0b7777c4d3ad3039b6c88_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f0511f3768e51b6801b66c91b302010e6197facb71a0b7777c4d3ad3039b6c88_arm64",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f0511f3768e51b6801b66c91b302010e6197facb71a0b7777c4d3ad3039b6c88_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256%3Af0511f3768e51b6801b66c91b302010e6197facb71a0b7777c4d3ad3039b6c88?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770296052"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:3e70ae3e8b5f776ad3e2a184a1f2f572de5c46386f34edb99e2b9d1d9249ae41_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:3e70ae3e8b5f776ad3e2a184a1f2f572de5c46386f34edb99e2b9d1d9249ae41_arm64",
"product_id": "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:3e70ae3e8b5f776ad3e2a184a1f2f572de5c46386f34edb99e2b9d1d9249ae41_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-mlmd-grpc-server-rhel9@sha256%3A3e70ae3e8b5f776ad3e2a184a1f2f572de5c46386f34edb99e2b9d1d9249ae41?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770297372"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:cf4e879101bc4e3666649dda0926de8bbd95e641dc6832c29dc457128256eb6c_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:cf4e879101bc4e3666649dda0926de8bbd95e641dc6832c29dc457128256eb6c_arm64",
"product_id": "registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:cf4e879101bc4e3666649dda0926de8bbd95e641dc6832c29dc457128256eb6c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-mm-rest-proxy-rhel9@sha256%3Acf4e879101bc4e3666649dda0926de8bbd95e641dc6832c29dc457128256eb6c?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770296950"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:5e83e352d083892699338da3fa4c9b8218561e7167b4dff102d22e401cbc7f75_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:5e83e352d083892699338da3fa4c9b8218561e7167b4dff102d22e401cbc7f75_arm64",
"product_id": "registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:5e83e352d083892699338da3fa4c9b8218561e7167b4dff102d22e401cbc7f75_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-mod-arch-model-registry-rhel9@sha256%3A5e83e352d083892699338da3fa4c9b8218561e7167b4dff102d22e401cbc7f75?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770642057"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:e7c4da685e08c79d5b49e9f12ff5efa7cc7d9e26a03c91ab19f86c99e9f4ac23_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:e7c4da685e08c79d5b49e9f12ff5efa7cc7d9e26a03c91ab19f86c99e9f4ac23_arm64",
"product_id": "registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:e7c4da685e08c79d5b49e9f12ff5efa7cc7d9e26a03c91ab19f86c99e9f4ac23_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-model-controller-rhel9@sha256%3Ae7c4da685e08c79d5b49e9f12ff5efa7cc7d9e26a03c91ab19f86c99e9f4ac23?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770624309"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:a7efdef6ef06af0aa97de86ebd0c0ccfc316719195289dfa835261da53b06589_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:a7efdef6ef06af0aa97de86ebd0c0ccfc316719195289dfa835261da53b06589_arm64",
"product_id": "registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:a7efdef6ef06af0aa97de86ebd0c0ccfc316719195289dfa835261da53b06589_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-model-registry-job-async-upload-rhel9@sha256%3Aa7efdef6ef06af0aa97de86ebd0c0ccfc316719195289dfa835261da53b06589?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770358847"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:37938821d832d7b957aa6f9b4a468c0eed785625c2bb8257726b4dc094bab9bd_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:37938821d832d7b957aa6f9b4a468c0eed785625c2bb8257726b4dc094bab9bd_arm64",
"product_id": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:37938821d832d7b957aa6f9b4a468c0eed785625c2bb8257726b4dc094bab9bd_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-model-registry-operator-rhel9@sha256%3A37938821d832d7b957aa6f9b4a468c0eed785625c2bb8257726b4dc094bab9bd?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770297362"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:49495dd44b7956a5e1bed226a896be649a07cd1b1f915de31d39041a77f6cdb5_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:49495dd44b7956a5e1bed226a896be649a07cd1b1f915de31d39041a77f6cdb5_arm64",
"product_id": "registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:49495dd44b7956a5e1bed226a896be649a07cd1b1f915de31d39041a77f6cdb5_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-model-registry-rhel9@sha256%3A49495dd44b7956a5e1bed226a896be649a07cd1b1f915de31d39041a77f6cdb5?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770326269"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:a26699523e44b43a0f237ee664b3574cbea8d11576bd4bc884c3766c0effb8df_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:a26699523e44b43a0f237ee664b3574cbea8d11576bd4bc884c3766c0effb8df_arm64",
"product_id": "registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:a26699523e44b43a0f237ee664b3574cbea8d11576bd4bc884c3766c0effb8df_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-modelmesh-runtime-adapter-rhel9@sha256%3Aa26699523e44b43a0f237ee664b3574cbea8d11576bd4bc884c3766c0effb8df?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770298324"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:1a85e42e32534b58410c519b4d8f7d84fe6ff96567612f18f4bd558fa3c895a6_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:1a85e42e32534b58410c519b4d8f7d84fe6ff96567612f18f4bd558fa3c895a6_arm64",
"product_id": "registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:1a85e42e32534b58410c519b4d8f7d84fe6ff96567612f18f4bd558fa3c895a6_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-modelmesh-serving-controller-rhel9@sha256%3A1a85e42e32534b58410c519b4d8f7d84fe6ff96567612f18f4bd558fa3c895a6?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770297416"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:83f773633a864b707c7e371bd554f79622b999a1ecef4b1cd368e0dd72b7a9ad_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:83f773633a864b707c7e371bd554f79622b999a1ecef4b1cd368e0dd72b7a9ad_arm64",
"product_id": "registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:83f773633a864b707c7e371bd554f79622b999a1ecef4b1cd368e0dd72b7a9ad_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-modelmesh-rhel9@sha256%3A83f773633a864b707c7e371bd554f79622b999a1ecef4b1cd368e0dd72b7a9ad?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770341154"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:659acd52802b6f2300c223bcde827f1d9b80ac9a93fdb6f574fcb5a08b92607c_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:659acd52802b6f2300c223bcde827f1d9b80ac9a93fdb6f574fcb5a08b92607c_arm64",
"product_id": "registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:659acd52802b6f2300c223bcde827f1d9b80ac9a93fdb6f574fcb5a08b92607c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-notebook-controller-rhel9@sha256%3A659acd52802b6f2300c223bcde827f1d9b80ac9a93fdb6f574fcb5a08b92607c?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770281702"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:890b0e4467cdfd68985af367a6d015ff7e92a2b6a1f46e2c2bf233c3d621f1a8_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:890b0e4467cdfd68985af367a6d015ff7e92a2b6a1f46e2c2bf233c3d621f1a8_arm64",
"product_id": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:890b0e4467cdfd68985af367a6d015ff7e92a2b6a1f46e2c2bf233c3d621f1a8_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-rhel9-operator@sha256%3A890b0e4467cdfd68985af367a6d015ff7e92a2b6a1f46e2c2bf233c3d621f1a8?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770825519"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:4318d360c3a968ee79ef68979105ee5ffb93137757a3b4a6c42c15e6cf6b11ba_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:4318d360c3a968ee79ef68979105ee5ffb93137757a3b4a6c42c15e6cf6b11ba_arm64",
"product_id": "registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:4318d360c3a968ee79ef68979105ee5ffb93137757a3b4a6c42c15e6cf6b11ba_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-training-operator-rhel9@sha256%3A4318d360c3a968ee79ef68979105ee5ffb93137757a3b4a6c42c15e6cf6b11ba?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770313067"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:b7f375f2f1f4eb828ee8255143143385c4662aab967c007a89954903c8a7c27f_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:b7f375f2f1f4eb828ee8255143143385c4662aab967c007a89954903c8a7c27f_arm64",
"product_id": "registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:b7f375f2f1f4eb828ee8255143143385c4662aab967c007a89954903c8a7c27f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-trustyai-service-rhel9@sha256%3Ab7f375f2f1f4eb828ee8255143143385c4662aab967c007a89954903c8a7c27f?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770313681"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4333242b1f6f25f8656bd612870d02868f3724d80cf542c8d78ada49a8ad9cb2_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4333242b1f6f25f8656bd612870d02868f3724d80cf542c8d78ada49a8ad9cb2_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4333242b1f6f25f8656bd612870d02868f3724d80cf542c8d78ada49a8ad9cb2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-dashboard-rhel9@sha256%3A4333242b1f6f25f8656bd612870d02868f3724d80cf542c8d78ada49a8ad9cb2?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770641923"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:84a87320bee17439c05d2c6a1edf3b7e83b2f7ebfdd850399d12635e58da4d55_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:84a87320bee17439c05d2c6a1edf3b7e83b2f7ebfdd850399d12635e58da4d55_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:84a87320bee17439c05d2c6a1edf3b7e83b2f7ebfdd850399d12635e58da4d55_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-data-science-pipelines-argo-argoexec-rhel9@sha256%3A84a87320bee17439c05d2c6a1edf3b7e83b2f7ebfdd850399d12635e58da4d55?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770281866"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:d2cb739f949dc4ec9617bb9470a8482a8011077043e06e735ab0c9d7d1cac381_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:d2cb739f949dc4ec9617bb9470a8482a8011077043e06e735ab0c9d7d1cac381_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:d2cb739f949dc4ec9617bb9470a8482a8011077043e06e735ab0c9d7d1cac381_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256%3Ad2cb739f949dc4ec9617bb9470a8482a8011077043e06e735ab0c9d7d1cac381?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770282201"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:1fb43684436f6b55152aab553177df048d5bb267c5efbc61f0f27cdbb0848957_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:1fb43684436f6b55152aab553177df048d5bb267c5efbc61f0f27cdbb0848957_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:1fb43684436f6b55152aab553177df048d5bb267c5efbc61f0f27cdbb0848957_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-data-science-pipelines-operator-controller-rhel9@sha256%3A1fb43684436f6b55152aab553177df048d5bb267c5efbc61f0f27cdbb0848957?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770281698"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:1e1d5fad0aecf93b79b21112360aa0c308654c5b5df829cd3144488f8e217af4_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:1e1d5fad0aecf93b79b21112360aa0c308654c5b5df829cd3144488f8e217af4_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:1e1d5fad0aecf93b79b21112360aa0c308654c5b5df829cd3144488f8e217af4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-kf-notebook-controller-rhel9@sha256%3A1e1d5fad0aecf93b79b21112360aa0c308654c5b5df829cd3144488f8e217af4?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770281700"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:3ca10a19a0706af65bb590403adad92114810bf0ac64a89d6ac1d862e4cec671_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:3ca10a19a0706af65bb590403adad92114810bf0ac64a89d6ac1d862e4cec671_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:3ca10a19a0706af65bb590403adad92114810bf0ac64a89d6ac1d862e4cec671_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-kueue-controller-rhel9@sha256%3A3ca10a19a0706af65bb590403adad92114810bf0ac64a89d6ac1d862e4cec671?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770282006"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:5bd1065dca1978c49c0143e2be4e921465c6a67fa786ab2a9254f0790259096e_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:5bd1065dca1978c49c0143e2be4e921465c6a67fa786ab2a9254f0790259096e_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:5bd1065dca1978c49c0143e2be4e921465c6a67fa786ab2a9254f0790259096e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-api-server-v2-rhel9@sha256%3A5bd1065dca1978c49c0143e2be4e921465c6a67fa786ab2a9254f0790259096e?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770296268"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:d9a6959a71074ffc5ec0fa324af389fbd8277efbd22a827cef8a439b18cd2bcf_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:d9a6959a71074ffc5ec0fa324af389fbd8277efbd22a827cef8a439b18cd2bcf_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:d9a6959a71074ffc5ec0fa324af389fbd8277efbd22a827cef8a439b18cd2bcf_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-driver-rhel9@sha256%3Ad9a6959a71074ffc5ec0fa324af389fbd8277efbd22a827cef8a439b18cd2bcf?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770296001"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:95ca9b1ecee8f11d6edabd7af76f60d2987df91d11fd0fb4c6578df735717422_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:95ca9b1ecee8f11d6edabd7af76f60d2987df91d11fd0fb4c6578df735717422_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:95ca9b1ecee8f11d6edabd7af76f60d2987df91d11fd0fb4c6578df735717422_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-launcher-rhel9@sha256%3A95ca9b1ecee8f11d6edabd7af76f60d2987df91d11fd0fb4c6578df735717422?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770295985"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:68e9797f37f8e4de817ee4e1cba7d583b541db2373c5d250ccc3344820720b85_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:68e9797f37f8e4de817ee4e1cba7d583b541db2373c5d250ccc3344820720b85_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:68e9797f37f8e4de817ee4e1cba7d583b541db2373c5d250ccc3344820720b85_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256%3A68e9797f37f8e4de817ee4e1cba7d583b541db2373c5d250ccc3344820720b85?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770296071"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:6490c1848b373efe6c327f8959e06b66b1ac3fe0f90fa697f7309d9f48c66765_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:6490c1848b373efe6c327f8959e06b66b1ac3fe0f90fa697f7309d9f48c66765_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:6490c1848b373efe6c327f8959e06b66b1ac3fe0f90fa697f7309d9f48c66765_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-runtime-generic-rhel9@sha256%3A6490c1848b373efe6c327f8959e06b66b1ac3fe0f90fa697f7309d9f48c66765?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770786633"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:1e66abc3373c50b5ef69b0c63bf877a978e3aa0a368630973cf0a2be7374becf_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:1e66abc3373c50b5ef69b0c63bf877a978e3aa0a368630973cf0a2be7374becf_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:1e66abc3373c50b5ef69b0c63bf877a978e3aa0a368630973cf0a2be7374becf_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256%3A1e66abc3373c50b5ef69b0c63bf877a978e3aa0a368630973cf0a2be7374becf?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770296052"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:f441a07265d87fb59ee375723e98fbc9af5f3fd5a2c09761692b0e271205f0bb_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:f441a07265d87fb59ee375723e98fbc9af5f3fd5a2c09761692b0e271205f0bb_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:f441a07265d87fb59ee375723e98fbc9af5f3fd5a2c09761692b0e271205f0bb_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-mlmd-grpc-server-rhel9@sha256%3Af441a07265d87fb59ee375723e98fbc9af5f3fd5a2c09761692b0e271205f0bb?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770297372"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:331f8435e1bd3dec98947a24346873d09056e37e2d7ed83a463098dbf9f31a47_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:331f8435e1bd3dec98947a24346873d09056e37e2d7ed83a463098dbf9f31a47_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:331f8435e1bd3dec98947a24346873d09056e37e2d7ed83a463098dbf9f31a47_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-mod-arch-model-registry-rhel9@sha256%3A331f8435e1bd3dec98947a24346873d09056e37e2d7ed83a463098dbf9f31a47?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770642057"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:2b6c00ee23df974d22c185b592ef4d7babbb76bcadc129a04c869f9983630103_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:2b6c00ee23df974d22c185b592ef4d7babbb76bcadc129a04c869f9983630103_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:2b6c00ee23df974d22c185b592ef4d7babbb76bcadc129a04c869f9983630103_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-model-controller-rhel9@sha256%3A2b6c00ee23df974d22c185b592ef4d7babbb76bcadc129a04c869f9983630103?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770624309"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:5178d3800d74d84a6282a7ddc888eea9b81d62c8a385ad57bb742fa28fb0f575_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:5178d3800d74d84a6282a7ddc888eea9b81d62c8a385ad57bb742fa28fb0f575_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:5178d3800d74d84a6282a7ddc888eea9b81d62c8a385ad57bb742fa28fb0f575_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-model-registry-job-async-upload-rhel9@sha256%3A5178d3800d74d84a6282a7ddc888eea9b81d62c8a385ad57bb742fa28fb0f575?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770358847"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2dd15cd61e1e5d98791a68bb513572b82ce5d799dd3fa864d43a8134536b19ff_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2dd15cd61e1e5d98791a68bb513572b82ce5d799dd3fa864d43a8134536b19ff_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2dd15cd61e1e5d98791a68bb513572b82ce5d799dd3fa864d43a8134536b19ff_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-model-registry-operator-rhel9@sha256%3A2dd15cd61e1e5d98791a68bb513572b82ce5d799dd3fa864d43a8134536b19ff?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770297362"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:9cf7f5bdebf6b53fce9cfed4fe530c380f36bb1d60120b53c06043371863d4e6_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:9cf7f5bdebf6b53fce9cfed4fe530c380f36bb1d60120b53c06043371863d4e6_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:9cf7f5bdebf6b53fce9cfed4fe530c380f36bb1d60120b53c06043371863d4e6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-model-registry-rhel9@sha256%3A9cf7f5bdebf6b53fce9cfed4fe530c380f36bb1d60120b53c06043371863d4e6?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770326269"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:1c15c95b65bfbcc620d4d429431eabca8f4714d32a38aa68cb15c549e1a6ce4c_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:1c15c95b65bfbcc620d4d429431eabca8f4714d32a38aa68cb15c549e1a6ce4c_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:1c15c95b65bfbcc620d4d429431eabca8f4714d32a38aa68cb15c549e1a6ce4c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-notebook-controller-rhel9@sha256%3A1c15c95b65bfbcc620d4d429431eabca8f4714d32a38aa68cb15c549e1a6ce4c?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770281702"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:9f667eb88f5b085ec40b8b06e5f42cf6a0ced0913d7d2b0402cd0472eb4b428c_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:9f667eb88f5b085ec40b8b06e5f42cf6a0ced0913d7d2b0402cd0472eb4b428c_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:9f667eb88f5b085ec40b8b06e5f42cf6a0ced0913d7d2b0402cd0472eb4b428c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-rhel9-operator@sha256%3A9f667eb88f5b085ec40b8b06e5f42cf6a0ced0913d7d2b0402cd0472eb4b428c?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770825519"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:12ac94419811458fb309d417091e279d485c4a665899d3a7d3157b8b32c1b03d_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:12ac94419811458fb309d417091e279d485c4a665899d3a7d3157b8b32c1b03d_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:12ac94419811458fb309d417091e279d485c4a665899d3a7d3157b8b32c1b03d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-training-operator-rhel9@sha256%3A12ac94419811458fb309d417091e279d485c4a665899d3a7d3157b8b32c1b03d?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770313067"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:d29d106e6c0f6a3ae971903a16cf4a564950bcf5336219eb6665cae98b824d33_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:d29d106e6c0f6a3ae971903a16cf4a564950bcf5336219eb6665cae98b824d33_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:d29d106e6c0f6a3ae971903a16cf4a564950bcf5336219eb6665cae98b824d33_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-trustyai-service-rhel9@sha256%3Ad29d106e6c0f6a3ae971903a16cf4a564950bcf5336219eb6665cae98b824d33?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770313681"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:5a2db37676e0f0b05fe2a8c5f82bb489ff3c8dd80f94b9fb3540488ab39ff6ca_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:5a2db37676e0f0b05fe2a8c5f82bb489ff3c8dd80f94b9fb3540488ab39ff6ca_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:5a2db37676e0f0b05fe2a8c5f82bb489ff3c8dd80f94b9fb3540488ab39ff6ca_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-vllm-cpu-rhel9@sha256%3A5a2db37676e0f0b05fe2a8c5f82bb489ff3c8dd80f94b9fb3540488ab39ff6ca?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770816984"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:2c98b3b933276dbcead1fde142bfcd3f130d89e6812c6b433da7eed650ae2dbc_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:2c98b3b933276dbcead1fde142bfcd3f130d89e6812c6b433da7eed650ae2dbc_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:2c98b3b933276dbcead1fde142bfcd3f130d89e6812c6b433da7eed650ae2dbc_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:53c79641084ebe6c98274b31e34cc1a759b1443b96cf7dc45317008a30b1fc8d_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:53c79641084ebe6c98274b31e34cc1a759b1443b96cf7dc45317008a30b1fc8d_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:53c79641084ebe6c98274b31e34cc1a759b1443b96cf7dc45317008a30b1fc8d_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4333242b1f6f25f8656bd612870d02868f3724d80cf542c8d78ada49a8ad9cb2_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4333242b1f6f25f8656bd612870d02868f3724d80cf542c8d78ada49a8ad9cb2_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4333242b1f6f25f8656bd612870d02868f3724d80cf542c8d78ada49a8ad9cb2_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4519eccf48b1f2393bab39980fadde7e398cfff1933b78e9565029f95296ff05_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4519eccf48b1f2393bab39980fadde7e398cfff1933b78e9565029f95296ff05_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4519eccf48b1f2393bab39980fadde7e398cfff1933b78e9565029f95296ff05_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:a15b54532e9e06d91abce8fd7becf2aa3bfbce56f231036e25e9ffed15760f74_s390x as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:a15b54532e9e06d91abce8fd7becf2aa3bfbce56f231036e25e9ffed15760f74_s390x"
},
"product_reference": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:a15b54532e9e06d91abce8fd7becf2aa3bfbce56f231036e25e9ffed15760f74_s390x",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:ce1e29736422aa55f1a3837fc38a365fbc1096d58b6794cca84ff907da273917_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:ce1e29736422aa55f1a3837fc38a365fbc1096d58b6794cca84ff907da273917_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:ce1e29736422aa55f1a3837fc38a365fbc1096d58b6794cca84ff907da273917_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:42f631d436d62d7399ca3ef8fd89a334c7839823c8e6ffafe2cdd32ee36493bb_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:42f631d436d62d7399ca3ef8fd89a334c7839823c8e6ffafe2cdd32ee36493bb_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:42f631d436d62d7399ca3ef8fd89a334c7839823c8e6ffafe2cdd32ee36493bb_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:56615395c62e26f3ef9bd267c0d5245331b8c67508df4bd8bbc83d72c4ef3b99_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:56615395c62e26f3ef9bd267c0d5245331b8c67508df4bd8bbc83d72c4ef3b99_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:56615395c62e26f3ef9bd267c0d5245331b8c67508df4bd8bbc83d72c4ef3b99_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:84a87320bee17439c05d2c6a1edf3b7e83b2f7ebfdd850399d12635e58da4d55_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:84a87320bee17439c05d2c6a1edf3b7e83b2f7ebfdd850399d12635e58da4d55_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:84a87320bee17439c05d2c6a1edf3b7e83b2f7ebfdd850399d12635e58da4d55_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:04a821296c01da5155ab36d9381b962866c26e9c7516f321ffe440b7fa13b4c5_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:04a821296c01da5155ab36d9381b962866c26e9c7516f321ffe440b7fa13b4c5_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:04a821296c01da5155ab36d9381b962866c26e9c7516f321ffe440b7fa13b4c5_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:33aaad4cc22d1e2998e4710cc644f4032bec8f140e5236fdc83d520a869626ef_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:33aaad4cc22d1e2998e4710cc644f4032bec8f140e5236fdc83d520a869626ef_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:33aaad4cc22d1e2998e4710cc644f4032bec8f140e5236fdc83d520a869626ef_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:d2cb739f949dc4ec9617bb9470a8482a8011077043e06e735ab0c9d7d1cac381_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:d2cb739f949dc4ec9617bb9470a8482a8011077043e06e735ab0c9d7d1cac381_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:d2cb739f949dc4ec9617bb9470a8482a8011077043e06e735ab0c9d7d1cac381_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:12d3d74ffbd7eb3a4817952835ab9bf5b89edf4fc9af661a28ec009f3251a519_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:12d3d74ffbd7eb3a4817952835ab9bf5b89edf4fc9af661a28ec009f3251a519_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:12d3d74ffbd7eb3a4817952835ab9bf5b89edf4fc9af661a28ec009f3251a519_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:1fb43684436f6b55152aab553177df048d5bb267c5efbc61f0f27cdbb0848957_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:1fb43684436f6b55152aab553177df048d5bb267c5efbc61f0f27cdbb0848957_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:1fb43684436f6b55152aab553177df048d5bb267c5efbc61f0f27cdbb0848957_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:c51fe06b557fa20d78af7b12cf6c6ddc3227f44f3957a52f3037c25700cfadb2_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:c51fe06b557fa20d78af7b12cf6c6ddc3227f44f3957a52f3037c25700cfadb2_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:c51fe06b557fa20d78af7b12cf6c6ddc3227f44f3957a52f3037c25700cfadb2_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:1e1d5fad0aecf93b79b21112360aa0c308654c5b5df829cd3144488f8e217af4_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:1e1d5fad0aecf93b79b21112360aa0c308654c5b5df829cd3144488f8e217af4_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:1e1d5fad0aecf93b79b21112360aa0c308654c5b5df829cd3144488f8e217af4_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:72f613c382aac012e2e79e800df50c210f41693cc2aaa5b99cb28ab38f1966c8_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:72f613c382aac012e2e79e800df50c210f41693cc2aaa5b99cb28ab38f1966c8_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:72f613c382aac012e2e79e800df50c210f41693cc2aaa5b99cb28ab38f1966c8_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7f027d05df255e62828ab28d5f188655fc125bc4ead872c7a33cedaf47b12f8c_s390x as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7f027d05df255e62828ab28d5f188655fc125bc4ead872c7a33cedaf47b12f8c_s390x"
},
"product_reference": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7f027d05df255e62828ab28d5f188655fc125bc4ead872c7a33cedaf47b12f8c_s390x",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:cf586b7cb58dff92e7f31b8b9ebe5c971e55c67b8ba2c3320d2b71183c88fc7c_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:cf586b7cb58dff92e7f31b8b9ebe5c971e55c67b8ba2c3320d2b71183c88fc7c_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:cf586b7cb58dff92e7f31b8b9ebe5c971e55c67b8ba2c3320d2b71183c88fc7c_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:2df297674884e6ac297bae685f80741489ddf1e1d0ae1d5ec354917dff1acdda_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:2df297674884e6ac297bae685f80741489ddf1e1d0ae1d5ec354917dff1acdda_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:2df297674884e6ac297bae685f80741489ddf1e1d0ae1d5ec354917dff1acdda_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:7af31fef4a2269c2cf444420048ea644c9949714e9a63417fe6d7288abee457b_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:7af31fef4a2269c2cf444420048ea644c9949714e9a63417fe6d7288abee457b_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:7af31fef4a2269c2cf444420048ea644c9949714e9a63417fe6d7288abee457b_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:3ca10a19a0706af65bb590403adad92114810bf0ac64a89d6ac1d862e4cec671_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:3ca10a19a0706af65bb590403adad92114810bf0ac64a89d6ac1d862e4cec671_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:3ca10a19a0706af65bb590403adad92114810bf0ac64a89d6ac1d862e4cec671_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:56a321957afd15d357c8b53fc50299c0811981e8b925e64858dc7c4cfcea1993_s390x as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:56a321957afd15d357c8b53fc50299c0811981e8b925e64858dc7c4cfcea1993_s390x"
},
"product_reference": "registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:56a321957afd15d357c8b53fc50299c0811981e8b925e64858dc7c4cfcea1993_s390x",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:633bfd24f1396c150b5902407879e7b26e7681074772fbbfeccc4d48cbe77b19_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:633bfd24f1396c150b5902407879e7b26e7681074772fbbfeccc4d48cbe77b19_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:633bfd24f1396c150b5902407879e7b26e7681074772fbbfeccc4d48cbe77b19_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:ff09ee957797fa15208f9130e246ae006c385cc799573a71d31aff9ddf0e805d_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:ff09ee957797fa15208f9130e246ae006c385cc799573a71d31aff9ddf0e805d_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:ff09ee957797fa15208f9130e246ae006c385cc799573a71d31aff9ddf0e805d_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:1d258fe98c2477e4256a9b936f412f2501fb7ca9e3b810347f9712e0d5ce5c92_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:1d258fe98c2477e4256a9b936f412f2501fb7ca9e3b810347f9712e0d5ce5c92_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:1d258fe98c2477e4256a9b936f412f2501fb7ca9e3b810347f9712e0d5ce5c92_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:e8ccea3bfafbde4d5b91cc7b7732b2b64d6aa08499b5ca63b4d8f1e980291351_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:e8ccea3bfafbde4d5b91cc7b7732b2b64d6aa08499b5ca63b4d8f1e980291351_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:e8ccea3bfafbde4d5b91cc7b7732b2b64d6aa08499b5ca63b4d8f1e980291351_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:5bd1065dca1978c49c0143e2be4e921465c6a67fa786ab2a9254f0790259096e_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:5bd1065dca1978c49c0143e2be4e921465c6a67fa786ab2a9254f0790259096e_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:5bd1065dca1978c49c0143e2be4e921465c6a67fa786ab2a9254f0790259096e_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:8b34aaf5a7729ef1ccd01f2b1b1e3439b304343f3403de67f68255015206fbf4_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:8b34aaf5a7729ef1ccd01f2b1b1e3439b304343f3403de67f68255015206fbf4_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:8b34aaf5a7729ef1ccd01f2b1b1e3439b304343f3403de67f68255015206fbf4_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:ade80e2ecb6fa56c20539e11677c29e57a1e20b5ce60f8414fd8ff3e83c9bc28_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:ade80e2ecb6fa56c20539e11677c29e57a1e20b5ce60f8414fd8ff3e83c9bc28_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:ade80e2ecb6fa56c20539e11677c29e57a1e20b5ce60f8414fd8ff3e83c9bc28_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:3439c67a60c8323eb88f0181e8f811e5bdd7b51169f8b8cc687ab2148d1bfabe_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:3439c67a60c8323eb88f0181e8f811e5bdd7b51169f8b8cc687ab2148d1bfabe_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:3439c67a60c8323eb88f0181e8f811e5bdd7b51169f8b8cc687ab2148d1bfabe_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:820fd80dbce2d9d9cdf38989ce84ee5601e862786a732ad108fc319e28131944_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:820fd80dbce2d9d9cdf38989ce84ee5601e862786a732ad108fc319e28131944_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:820fd80dbce2d9d9cdf38989ce84ee5601e862786a732ad108fc319e28131944_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:d9a6959a71074ffc5ec0fa324af389fbd8277efbd22a827cef8a439b18cd2bcf_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:d9a6959a71074ffc5ec0fa324af389fbd8277efbd22a827cef8a439b18cd2bcf_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:d9a6959a71074ffc5ec0fa324af389fbd8277efbd22a827cef8a439b18cd2bcf_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:8e9dbdc213745aa0990f47e50b1d899ac2121951b9346420131d76cc393a493a_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:8e9dbdc213745aa0990f47e50b1d899ac2121951b9346420131d76cc393a493a_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:8e9dbdc213745aa0990f47e50b1d899ac2121951b9346420131d76cc393a493a_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:95ca9b1ecee8f11d6edabd7af76f60d2987df91d11fd0fb4c6578df735717422_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:95ca9b1ecee8f11d6edabd7af76f60d2987df91d11fd0fb4c6578df735717422_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:95ca9b1ecee8f11d6edabd7af76f60d2987df91d11fd0fb4c6578df735717422_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:f01860f904557f887d8aafe42143c63352d6cb496dc727c265f14e3c2d296e06_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:f01860f904557f887d8aafe42143c63352d6cb496dc727c265f14e3c2d296e06_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:f01860f904557f887d8aafe42143c63352d6cb496dc727c265f14e3c2d296e06_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:1c76d957c8588ea2987d4b551bbefc2ef07c546cbaeb3148caff06f640b35ade_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:1c76d957c8588ea2987d4b551bbefc2ef07c546cbaeb3148caff06f640b35ade_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:1c76d957c8588ea2987d4b551bbefc2ef07c546cbaeb3148caff06f640b35ade_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:68e9797f37f8e4de817ee4e1cba7d583b541db2373c5d250ccc3344820720b85_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:68e9797f37f8e4de817ee4e1cba7d583b541db2373c5d250ccc3344820720b85_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:68e9797f37f8e4de817ee4e1cba7d583b541db2373c5d250ccc3344820720b85_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:7f362050312693129d3a15b6eed4fa06576d6529a99bc864f273c55145ae14ec_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:7f362050312693129d3a15b6eed4fa06576d6529a99bc864f273c55145ae14ec_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:7f362050312693129d3a15b6eed4fa06576d6529a99bc864f273c55145ae14ec_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:114fd9b55f5ea28a16c3fe2eef773a4cb4693c1885ef6193399cfea278191acb_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:114fd9b55f5ea28a16c3fe2eef773a4cb4693c1885ef6193399cfea278191acb_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:114fd9b55f5ea28a16c3fe2eef773a4cb4693c1885ef6193399cfea278191acb_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:6490c1848b373efe6c327f8959e06b66b1ac3fe0f90fa697f7309d9f48c66765_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:6490c1848b373efe6c327f8959e06b66b1ac3fe0f90fa697f7309d9f48c66765_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:6490c1848b373efe6c327f8959e06b66b1ac3fe0f90fa697f7309d9f48c66765_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:816d8f81196bb0acfe5bbc792f9768916724bdecea3671172412eeb6948c4ff7_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:816d8f81196bb0acfe5bbc792f9768916724bdecea3671172412eeb6948c4ff7_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:816d8f81196bb0acfe5bbc792f9768916724bdecea3671172412eeb6948c4ff7_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:1e66abc3373c50b5ef69b0c63bf877a978e3aa0a368630973cf0a2be7374becf_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:1e66abc3373c50b5ef69b0c63bf877a978e3aa0a368630973cf0a2be7374becf_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:1e66abc3373c50b5ef69b0c63bf877a978e3aa0a368630973cf0a2be7374becf_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:9c061b939c8094f4939cd183da381ad8e49d878cc2fdd373b8d26eecae07ab6d_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:9c061b939c8094f4939cd183da381ad8e49d878cc2fdd373b8d26eecae07ab6d_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:9c061b939c8094f4939cd183da381ad8e49d878cc2fdd373b8d26eecae07ab6d_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f0511f3768e51b6801b66c91b302010e6197facb71a0b7777c4d3ad3039b6c88_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f0511f3768e51b6801b66c91b302010e6197facb71a0b7777c4d3ad3039b6c88_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f0511f3768e51b6801b66c91b302010e6197facb71a0b7777c4d3ad3039b6c88_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:3e70ae3e8b5f776ad3e2a184a1f2f572de5c46386f34edb99e2b9d1d9249ae41_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:3e70ae3e8b5f776ad3e2a184a1f2f572de5c46386f34edb99e2b9d1d9249ae41_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:3e70ae3e8b5f776ad3e2a184a1f2f572de5c46386f34edb99e2b9d1d9249ae41_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:5924a7e64d6031aa926f9ecb9ee3be30d8251c4705813a9bef6716d18b7411b4_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:5924a7e64d6031aa926f9ecb9ee3be30d8251c4705813a9bef6716d18b7411b4_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:5924a7e64d6031aa926f9ecb9ee3be30d8251c4705813a9bef6716d18b7411b4_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:f441a07265d87fb59ee375723e98fbc9af5f3fd5a2c09761692b0e271205f0bb_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:f441a07265d87fb59ee375723e98fbc9af5f3fd5a2c09761692b0e271205f0bb_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:f441a07265d87fb59ee375723e98fbc9af5f3fd5a2c09761692b0e271205f0bb_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:af7bbec8e30b0e0d8393fe1e2bd656d7630b7c9828536be6664fa848fac61505_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:af7bbec8e30b0e0d8393fe1e2bd656d7630b7c9828536be6664fa848fac61505_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:af7bbec8e30b0e0d8393fe1e2bd656d7630b7c9828536be6664fa848fac61505_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:cf4e879101bc4e3666649dda0926de8bbd95e641dc6832c29dc457128256eb6c_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:cf4e879101bc4e3666649dda0926de8bbd95e641dc6832c29dc457128256eb6c_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:cf4e879101bc4e3666649dda0926de8bbd95e641dc6832c29dc457128256eb6c_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:331f8435e1bd3dec98947a24346873d09056e37e2d7ed83a463098dbf9f31a47_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:331f8435e1bd3dec98947a24346873d09056e37e2d7ed83a463098dbf9f31a47_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:331f8435e1bd3dec98947a24346873d09056e37e2d7ed83a463098dbf9f31a47_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:5e83e352d083892699338da3fa4c9b8218561e7167b4dff102d22e401cbc7f75_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:5e83e352d083892699338da3fa4c9b8218561e7167b4dff102d22e401cbc7f75_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:5e83e352d083892699338da3fa4c9b8218561e7167b4dff102d22e401cbc7f75_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:86ca44b014be65651b83a49a38c0784dee640b491b935e3ed5f3d49d84d55362_s390x as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:86ca44b014be65651b83a49a38c0784dee640b491b935e3ed5f3d49d84d55362_s390x"
},
"product_reference": "registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:86ca44b014be65651b83a49a38c0784dee640b491b935e3ed5f3d49d84d55362_s390x",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f9ee33c1c4d7f2a872861c9ad1dbb78ba8fed3ab562ae90f12f06a892147e367_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f9ee33c1c4d7f2a872861c9ad1dbb78ba8fed3ab562ae90f12f06a892147e367_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f9ee33c1c4d7f2a872861c9ad1dbb78ba8fed3ab562ae90f12f06a892147e367_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:0ea603487b204f43ebddb1514500cdeaa02a0b763a627e4e10979deec60b7d28_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:0ea603487b204f43ebddb1514500cdeaa02a0b763a627e4e10979deec60b7d28_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:0ea603487b204f43ebddb1514500cdeaa02a0b763a627e4e10979deec60b7d28_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:29ff94de29714044377d060db9ad47f151afec858c8fc127c94ff04adbb984b7_s390x as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:29ff94de29714044377d060db9ad47f151afec858c8fc127c94ff04adbb984b7_s390x"
},
"product_reference": "registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:29ff94de29714044377d060db9ad47f151afec858c8fc127c94ff04adbb984b7_s390x",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:2b6c00ee23df974d22c185b592ef4d7babbb76bcadc129a04c869f9983630103_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:2b6c00ee23df974d22c185b592ef4d7babbb76bcadc129a04c869f9983630103_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:2b6c00ee23df974d22c185b592ef4d7babbb76bcadc129a04c869f9983630103_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:e7c4da685e08c79d5b49e9f12ff5efa7cc7d9e26a03c91ab19f86c99e9f4ac23_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:e7c4da685e08c79d5b49e9f12ff5efa7cc7d9e26a03c91ab19f86c99e9f4ac23_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:e7c4da685e08c79d5b49e9f12ff5efa7cc7d9e26a03c91ab19f86c99e9f4ac23_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:25077a998c7b6ec7e8122026f2152419a0efe293a00899bb745a66a57f913848_s390x as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:25077a998c7b6ec7e8122026f2152419a0efe293a00899bb745a66a57f913848_s390x"
},
"product_reference": "registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:25077a998c7b6ec7e8122026f2152419a0efe293a00899bb745a66a57f913848_s390x",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:5178d3800d74d84a6282a7ddc888eea9b81d62c8a385ad57bb742fa28fb0f575_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:5178d3800d74d84a6282a7ddc888eea9b81d62c8a385ad57bb742fa28fb0f575_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:5178d3800d74d84a6282a7ddc888eea9b81d62c8a385ad57bb742fa28fb0f575_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:9070f6741e667a4a145ede8dc67d4f7545944ef5fe4937fdcb1a08e9f537e068_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:9070f6741e667a4a145ede8dc67d4f7545944ef5fe4937fdcb1a08e9f537e068_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:9070f6741e667a4a145ede8dc67d4f7545944ef5fe4937fdcb1a08e9f537e068_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:a7efdef6ef06af0aa97de86ebd0c0ccfc316719195289dfa835261da53b06589_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:a7efdef6ef06af0aa97de86ebd0c0ccfc316719195289dfa835261da53b06589_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:a7efdef6ef06af0aa97de86ebd0c0ccfc316719195289dfa835261da53b06589_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2dd15cd61e1e5d98791a68bb513572b82ce5d799dd3fa864d43a8134536b19ff_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2dd15cd61e1e5d98791a68bb513572b82ce5d799dd3fa864d43a8134536b19ff_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2dd15cd61e1e5d98791a68bb513572b82ce5d799dd3fa864d43a8134536b19ff_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:37938821d832d7b957aa6f9b4a468c0eed785625c2bb8257726b4dc094bab9bd_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:37938821d832d7b957aa6f9b4a468c0eed785625c2bb8257726b4dc094bab9bd_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:37938821d832d7b957aa6f9b4a468c0eed785625c2bb8257726b4dc094bab9bd_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:e94a31493c7207846ab5d13387311e9a6d99ffa7885d1b8faa8602750059c2a3_s390x as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:e94a31493c7207846ab5d13387311e9a6d99ffa7885d1b8faa8602750059c2a3_s390x"
},
"product_reference": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:e94a31493c7207846ab5d13387311e9a6d99ffa7885d1b8faa8602750059c2a3_s390x",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:eb0500f30373c5bcf3e10e27b081f97e5ce8b29a71dde9ff9b7e1066fd5dd80e_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:eb0500f30373c5bcf3e10e27b081f97e5ce8b29a71dde9ff9b7e1066fd5dd80e_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:eb0500f30373c5bcf3e10e27b081f97e5ce8b29a71dde9ff9b7e1066fd5dd80e_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:22c745e5d04f7a0d9b188bf6657b1de053c61d99d813f11f6819550ef2a96732_s390x as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:22c745e5d04f7a0d9b188bf6657b1de053c61d99d813f11f6819550ef2a96732_s390x"
},
"product_reference": "registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:22c745e5d04f7a0d9b188bf6657b1de053c61d99d813f11f6819550ef2a96732_s390x",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:49495dd44b7956a5e1bed226a896be649a07cd1b1f915de31d39041a77f6cdb5_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:49495dd44b7956a5e1bed226a896be649a07cd1b1f915de31d39041a77f6cdb5_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:49495dd44b7956a5e1bed226a896be649a07cd1b1f915de31d39041a77f6cdb5_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:741b836350d9ec48109468382c81066f401ebb4712ca414d44e3042894111419_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:741b836350d9ec48109468382c81066f401ebb4712ca414d44e3042894111419_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:741b836350d9ec48109468382c81066f401ebb4712ca414d44e3042894111419_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:9cf7f5bdebf6b53fce9cfed4fe530c380f36bb1d60120b53c06043371863d4e6_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:9cf7f5bdebf6b53fce9cfed4fe530c380f36bb1d60120b53c06043371863d4e6_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:9cf7f5bdebf6b53fce9cfed4fe530c380f36bb1d60120b53c06043371863d4e6_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:3dd54b885e3d63e5882284bf4878aa723c1fef6833601ed5d5a091b6b74c68d1_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:3dd54b885e3d63e5882284bf4878aa723c1fef6833601ed5d5a091b6b74c68d1_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:3dd54b885e3d63e5882284bf4878aa723c1fef6833601ed5d5a091b6b74c68d1_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:83f773633a864b707c7e371bd554f79622b999a1ecef4b1cd368e0dd72b7a9ad_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:83f773633a864b707c7e371bd554f79622b999a1ecef4b1cd368e0dd72b7a9ad_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:83f773633a864b707c7e371bd554f79622b999a1ecef4b1cd368e0dd72b7a9ad_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:4a356900b1daca75092b8eac5c1d16f38703941caebba5ddec48120e854bd7e9_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:4a356900b1daca75092b8eac5c1d16f38703941caebba5ddec48120e854bd7e9_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:4a356900b1daca75092b8eac5c1d16f38703941caebba5ddec48120e854bd7e9_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:a26699523e44b43a0f237ee664b3574cbea8d11576bd4bc884c3766c0effb8df_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:a26699523e44b43a0f237ee664b3574cbea8d11576bd4bc884c3766c0effb8df_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:a26699523e44b43a0f237ee664b3574cbea8d11576bd4bc884c3766c0effb8df_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:1a85e42e32534b58410c519b4d8f7d84fe6ff96567612f18f4bd558fa3c895a6_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:1a85e42e32534b58410c519b4d8f7d84fe6ff96567612f18f4bd558fa3c895a6_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:1a85e42e32534b58410c519b4d8f7d84fe6ff96567612f18f4bd558fa3c895a6_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef72689e332c4e224a80603ffbcc1603cdf8fe4230b9fd60e7713f0b5c2d5045_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef72689e332c4e224a80603ffbcc1603cdf8fe4230b9fd60e7713f0b5c2d5045_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef72689e332c4e224a80603ffbcc1603cdf8fe4230b9fd60e7713f0b5c2d5045_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:1c15c95b65bfbcc620d4d429431eabca8f4714d32a38aa68cb15c549e1a6ce4c_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:1c15c95b65bfbcc620d4d429431eabca8f4714d32a38aa68cb15c549e1a6ce4c_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:1c15c95b65bfbcc620d4d429431eabca8f4714d32a38aa68cb15c549e1a6ce4c_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:659acd52802b6f2300c223bcde827f1d9b80ac9a93fdb6f574fcb5a08b92607c_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:659acd52802b6f2300c223bcde827f1d9b80ac9a93fdb6f574fcb5a08b92607c_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:659acd52802b6f2300c223bcde827f1d9b80ac9a93fdb6f574fcb5a08b92607c_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:6f44d3b3973c34677d347a67841dbfabd23817de1b5c26967f1b9952c27b48c8_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:6f44d3b3973c34677d347a67841dbfabd23817de1b5c26967f1b9952c27b48c8_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:6f44d3b3973c34677d347a67841dbfabd23817de1b5c26967f1b9952c27b48c8_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:b84eb1329e837895ca50d3284553e195918fefc71bdb9dc2550a90b2d927b6eb_s390x as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:b84eb1329e837895ca50d3284553e195918fefc71bdb9dc2550a90b2d927b6eb_s390x"
},
"product_reference": "registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:b84eb1329e837895ca50d3284553e195918fefc71bdb9dc2550a90b2d927b6eb_s390x",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:84739168d6ea2813c5b9666773166649a6b328a279dac80b61c51311a6a2943a_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:84739168d6ea2813c5b9666773166649a6b328a279dac80b61c51311a6a2943a_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:84739168d6ea2813c5b9666773166649a6b328a279dac80b61c51311a6a2943a_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-operator-bundle@sha256:74968eea50e067a335e830cfde6d8bf3cd130a9eba77ce918e25e252b7c1541e_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-operator-bundle@sha256:74968eea50e067a335e830cfde6d8bf3cd130a9eba77ce918e25e252b7c1541e_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-operator-bundle@sha256:74968eea50e067a335e830cfde6d8bf3cd130a9eba77ce918e25e252b7c1541e_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:53a8389250e59e7c9f5a9a61914cac361946b256132649bd45f775c8f36b486a_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:53a8389250e59e7c9f5a9a61914cac361946b256132649bd45f775c8f36b486a_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:53a8389250e59e7c9f5a9a61914cac361946b256132649bd45f775c8f36b486a_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:890b0e4467cdfd68985af367a6d015ff7e92a2b6a1f46e2c2bf233c3d621f1a8_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:890b0e4467cdfd68985af367a6d015ff7e92a2b6a1f46e2c2bf233c3d621f1a8_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:890b0e4467cdfd68985af367a6d015ff7e92a2b6a1f46e2c2bf233c3d621f1a8_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:9f667eb88f5b085ec40b8b06e5f42cf6a0ced0913d7d2b0402cd0472eb4b428c_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:9f667eb88f5b085ec40b8b06e5f42cf6a0ced0913d7d2b0402cd0472eb4b428c_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:9f667eb88f5b085ec40b8b06e5f42cf6a0ced0913d7d2b0402cd0472eb4b428c_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:eedab7e6fd4adb2bd697e8cbcbd6703291d9fe5d2a3a048e8c34d9529586c93a_s390x as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:eedab7e6fd4adb2bd697e8cbcbd6703291d9fe5d2a3a048e8c34d9529586c93a_s390x"
},
"product_reference": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:eedab7e6fd4adb2bd697e8cbcbd6703291d9fe5d2a3a048e8c34d9529586c93a_s390x",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:12ac94419811458fb309d417091e279d485c4a665899d3a7d3157b8b32c1b03d_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:12ac94419811458fb309d417091e279d485c4a665899d3a7d3157b8b32c1b03d_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:12ac94419811458fb309d417091e279d485c4a665899d3a7d3157b8b32c1b03d_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:4318d360c3a968ee79ef68979105ee5ffb93137757a3b4a6c42c15e6cf6b11ba_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:4318d360c3a968ee79ef68979105ee5ffb93137757a3b4a6c42c15e6cf6b11ba_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:4318d360c3a968ee79ef68979105ee5ffb93137757a3b4a6c42c15e6cf6b11ba_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:ba6188d3d284f030f90e117c87501a8d08c4b356383429ad39806472113aa41b_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:ba6188d3d284f030f90e117c87501a8d08c4b356383429ad39806472113aa41b_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:ba6188d3d284f030f90e117c87501a8d08c4b356383429ad39806472113aa41b_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:05c7ffbd4dfa1f6ef760ed86f142d84d4c42583fa0b747eedc234763bef74ebb_s390x as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:05c7ffbd4dfa1f6ef760ed86f142d84d4c42583fa0b747eedc234763bef74ebb_s390x"
},
"product_reference": "registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:05c7ffbd4dfa1f6ef760ed86f142d84d4c42583fa0b747eedc234763bef74ebb_s390x",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:883f4ae255413c1409d3fb607f91fdf13badf534c5e8f78d9905c8da69cdeeed_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:883f4ae255413c1409d3fb607f91fdf13badf534c5e8f78d9905c8da69cdeeed_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:883f4ae255413c1409d3fb607f91fdf13badf534c5e8f78d9905c8da69cdeeed_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:b7f375f2f1f4eb828ee8255143143385c4662aab967c007a89954903c8a7c27f_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:b7f375f2f1f4eb828ee8255143143385c4662aab967c007a89954903c8a7c27f_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:b7f375f2f1f4eb828ee8255143143385c4662aab967c007a89954903c8a7c27f_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:d29d106e6c0f6a3ae971903a16cf4a564950bcf5336219eb6665cae98b824d33_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:d29d106e6c0f6a3ae971903a16cf4a564950bcf5336219eb6665cae98b824d33_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:d29d106e6c0f6a3ae971903a16cf4a564950bcf5336219eb6665cae98b824d33_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:5a2db37676e0f0b05fe2a8c5f82bb489ff3c8dd80f94b9fb3540488ab39ff6ca_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:5a2db37676e0f0b05fe2a8c5f82bb489ff3c8dd80f94b9fb3540488ab39ff6ca_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:5a2db37676e0f0b05fe2a8c5f82bb489ff3c8dd80f94b9fb3540488ab39ff6ca_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:bab28cfa3596192875dbf305a4ed7432db0ebebec604053d30895931818740cd_s390x as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:bab28cfa3596192875dbf305a4ed7432db0ebebec604053d30895931818740cd_s390x"
},
"product_reference": "registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:bab28cfa3596192875dbf305a4ed7432db0ebebec604053d30895931818740cd_s390x",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-12805",
"cwe": {
"id": "CWE-653",
"name": "Improper Isolation or Compartmentalization"
},
"discovery_date": "2025-11-06T13:38:39.035000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:2c98b3b933276dbcead1fde142bfcd3f130d89e6812c6b433da7eed650ae2dbc_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:53c79641084ebe6c98274b31e34cc1a759b1443b96cf7dc45317008a30b1fc8d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4333242b1f6f25f8656bd612870d02868f3724d80cf542c8d78ada49a8ad9cb2_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4519eccf48b1f2393bab39980fadde7e398cfff1933b78e9565029f95296ff05_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:a15b54532e9e06d91abce8fd7becf2aa3bfbce56f231036e25e9ffed15760f74_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:ce1e29736422aa55f1a3837fc38a365fbc1096d58b6794cca84ff907da273917_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:42f631d436d62d7399ca3ef8fd89a334c7839823c8e6ffafe2cdd32ee36493bb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:56615395c62e26f3ef9bd267c0d5245331b8c67508df4bd8bbc83d72c4ef3b99_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:84a87320bee17439c05d2c6a1edf3b7e83b2f7ebfdd850399d12635e58da4d55_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:04a821296c01da5155ab36d9381b962866c26e9c7516f321ffe440b7fa13b4c5_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:33aaad4cc22d1e2998e4710cc644f4032bec8f140e5236fdc83d520a869626ef_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:d2cb739f949dc4ec9617bb9470a8482a8011077043e06e735ab0c9d7d1cac381_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:12d3d74ffbd7eb3a4817952835ab9bf5b89edf4fc9af661a28ec009f3251a519_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:1fb43684436f6b55152aab553177df048d5bb267c5efbc61f0f27cdbb0848957_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:c51fe06b557fa20d78af7b12cf6c6ddc3227f44f3957a52f3037c25700cfadb2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:1e1d5fad0aecf93b79b21112360aa0c308654c5b5df829cd3144488f8e217af4_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:72f613c382aac012e2e79e800df50c210f41693cc2aaa5b99cb28ab38f1966c8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7f027d05df255e62828ab28d5f188655fc125bc4ead872c7a33cedaf47b12f8c_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:cf586b7cb58dff92e7f31b8b9ebe5c971e55c67b8ba2c3320d2b71183c88fc7c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:2df297674884e6ac297bae685f80741489ddf1e1d0ae1d5ec354917dff1acdda_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:7af31fef4a2269c2cf444420048ea644c9949714e9a63417fe6d7288abee457b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:3ca10a19a0706af65bb590403adad92114810bf0ac64a89d6ac1d862e4cec671_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:56a321957afd15d357c8b53fc50299c0811981e8b925e64858dc7c4cfcea1993_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:633bfd24f1396c150b5902407879e7b26e7681074772fbbfeccc4d48cbe77b19_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:ff09ee957797fa15208f9130e246ae006c385cc799573a71d31aff9ddf0e805d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:5bd1065dca1978c49c0143e2be4e921465c6a67fa786ab2a9254f0790259096e_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:8b34aaf5a7729ef1ccd01f2b1b1e3439b304343f3403de67f68255015206fbf4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:ade80e2ecb6fa56c20539e11677c29e57a1e20b5ce60f8414fd8ff3e83c9bc28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:3439c67a60c8323eb88f0181e8f811e5bdd7b51169f8b8cc687ab2148d1bfabe_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:820fd80dbce2d9d9cdf38989ce84ee5601e862786a732ad108fc319e28131944_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:d9a6959a71074ffc5ec0fa324af389fbd8277efbd22a827cef8a439b18cd2bcf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:8e9dbdc213745aa0990f47e50b1d899ac2121951b9346420131d76cc393a493a_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:95ca9b1ecee8f11d6edabd7af76f60d2987df91d11fd0fb4c6578df735717422_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:f01860f904557f887d8aafe42143c63352d6cb496dc727c265f14e3c2d296e06_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:1c76d957c8588ea2987d4b551bbefc2ef07c546cbaeb3148caff06f640b35ade_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:68e9797f37f8e4de817ee4e1cba7d583b541db2373c5d250ccc3344820720b85_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:7f362050312693129d3a15b6eed4fa06576d6529a99bc864f273c55145ae14ec_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:114fd9b55f5ea28a16c3fe2eef773a4cb4693c1885ef6193399cfea278191acb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:6490c1848b373efe6c327f8959e06b66b1ac3fe0f90fa697f7309d9f48c66765_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:816d8f81196bb0acfe5bbc792f9768916724bdecea3671172412eeb6948c4ff7_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:1e66abc3373c50b5ef69b0c63bf877a978e3aa0a368630973cf0a2be7374becf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:9c061b939c8094f4939cd183da381ad8e49d878cc2fdd373b8d26eecae07ab6d_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f0511f3768e51b6801b66c91b302010e6197facb71a0b7777c4d3ad3039b6c88_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:3e70ae3e8b5f776ad3e2a184a1f2f572de5c46386f34edb99e2b9d1d9249ae41_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:5924a7e64d6031aa926f9ecb9ee3be30d8251c4705813a9bef6716d18b7411b4_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:f441a07265d87fb59ee375723e98fbc9af5f3fd5a2c09761692b0e271205f0bb_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:af7bbec8e30b0e0d8393fe1e2bd656d7630b7c9828536be6664fa848fac61505_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:cf4e879101bc4e3666649dda0926de8bbd95e641dc6832c29dc457128256eb6c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:331f8435e1bd3dec98947a24346873d09056e37e2d7ed83a463098dbf9f31a47_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:5e83e352d083892699338da3fa4c9b8218561e7167b4dff102d22e401cbc7f75_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:86ca44b014be65651b83a49a38c0784dee640b491b935e3ed5f3d49d84d55362_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f9ee33c1c4d7f2a872861c9ad1dbb78ba8fed3ab562ae90f12f06a892147e367_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:0ea603487b204f43ebddb1514500cdeaa02a0b763a627e4e10979deec60b7d28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:29ff94de29714044377d060db9ad47f151afec858c8fc127c94ff04adbb984b7_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:2b6c00ee23df974d22c185b592ef4d7babbb76bcadc129a04c869f9983630103_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:e7c4da685e08c79d5b49e9f12ff5efa7cc7d9e26a03c91ab19f86c99e9f4ac23_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:25077a998c7b6ec7e8122026f2152419a0efe293a00899bb745a66a57f913848_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:5178d3800d74d84a6282a7ddc888eea9b81d62c8a385ad57bb742fa28fb0f575_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:9070f6741e667a4a145ede8dc67d4f7545944ef5fe4937fdcb1a08e9f537e068_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:a7efdef6ef06af0aa97de86ebd0c0ccfc316719195289dfa835261da53b06589_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2dd15cd61e1e5d98791a68bb513572b82ce5d799dd3fa864d43a8134536b19ff_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:37938821d832d7b957aa6f9b4a468c0eed785625c2bb8257726b4dc094bab9bd_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:e94a31493c7207846ab5d13387311e9a6d99ffa7885d1b8faa8602750059c2a3_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:eb0500f30373c5bcf3e10e27b081f97e5ce8b29a71dde9ff9b7e1066fd5dd80e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:22c745e5d04f7a0d9b188bf6657b1de053c61d99d813f11f6819550ef2a96732_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:49495dd44b7956a5e1bed226a896be649a07cd1b1f915de31d39041a77f6cdb5_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:741b836350d9ec48109468382c81066f401ebb4712ca414d44e3042894111419_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:9cf7f5bdebf6b53fce9cfed4fe530c380f36bb1d60120b53c06043371863d4e6_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:3dd54b885e3d63e5882284bf4878aa723c1fef6833601ed5d5a091b6b74c68d1_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:83f773633a864b707c7e371bd554f79622b999a1ecef4b1cd368e0dd72b7a9ad_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:4a356900b1daca75092b8eac5c1d16f38703941caebba5ddec48120e854bd7e9_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:a26699523e44b43a0f237ee664b3574cbea8d11576bd4bc884c3766c0effb8df_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:1a85e42e32534b58410c519b4d8f7d84fe6ff96567612f18f4bd558fa3c895a6_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef72689e332c4e224a80603ffbcc1603cdf8fe4230b9fd60e7713f0b5c2d5045_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:1c15c95b65bfbcc620d4d429431eabca8f4714d32a38aa68cb15c549e1a6ce4c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:659acd52802b6f2300c223bcde827f1d9b80ac9a93fdb6f574fcb5a08b92607c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:6f44d3b3973c34677d347a67841dbfabd23817de1b5c26967f1b9952c27b48c8_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:b84eb1329e837895ca50d3284553e195918fefc71bdb9dc2550a90b2d927b6eb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:84739168d6ea2813c5b9666773166649a6b328a279dac80b61c51311a6a2943a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-operator-bundle@sha256:74968eea50e067a335e830cfde6d8bf3cd130a9eba77ce918e25e252b7c1541e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:53a8389250e59e7c9f5a9a61914cac361946b256132649bd45f775c8f36b486a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:890b0e4467cdfd68985af367a6d015ff7e92a2b6a1f46e2c2bf233c3d621f1a8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:9f667eb88f5b085ec40b8b06e5f42cf6a0ced0913d7d2b0402cd0472eb4b428c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:eedab7e6fd4adb2bd697e8cbcbd6703291d9fe5d2a3a048e8c34d9529586c93a_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:12ac94419811458fb309d417091e279d485c4a665899d3a7d3157b8b32c1b03d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:4318d360c3a968ee79ef68979105ee5ffb93137757a3b4a6c42c15e6cf6b11ba_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:ba6188d3d284f030f90e117c87501a8d08c4b356383429ad39806472113aa41b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:05c7ffbd4dfa1f6ef760ed86f142d84d4c42583fa0b747eedc234763bef74ebb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:883f4ae255413c1409d3fb607f91fdf13badf534c5e8f78d9905c8da69cdeeed_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:b7f375f2f1f4eb828ee8255143143385c4662aab967c007a89954903c8a7c27f_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:d29d106e6c0f6a3ae971903a16cf4a564950bcf5336219eb6665cae98b824d33_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:5a2db37676e0f0b05fe2a8c5f82bb489ff3c8dd80f94b9fb3540488ab39ff6ca_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:bab28cfa3596192875dbf305a4ed7432db0ebebec604053d30895931818740cd_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2413101"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Red Hat OpenShift AI (RHOAI) llama-stack-operator. This vulnerability allows unauthorized access to Llama Stack services deployed in other namespaces via direct network requests, because no NetworkPolicy restricts access to the llama-stack service endpoint. As a result, a user in one namespace can access another user\u2019s Llama Stack instance and potentially view or manipulate sensitive data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "llama-stack-k8s-operator: Llama Stack service exposed across namespaces due to missing NetworkPolicy",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an IMPORTANT flaw in Red Hat OpenShift AI (RHOAI). The `llama-stack-operator` fails to implement a `NetworkPolicy`, enabling unauthorized access to Llama Stack services across different namespaces. This allows users to potentially view or manipulate sensitive data belonging to other users within the same RHOAI instance.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:1d258fe98c2477e4256a9b936f412f2501fb7ca9e3b810347f9712e0d5ce5c92_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:e8ccea3bfafbde4d5b91cc7b7732b2b64d6aa08499b5ca63b4d8f1e980291351_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:2c98b3b933276dbcead1fde142bfcd3f130d89e6812c6b433da7eed650ae2dbc_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:53c79641084ebe6c98274b31e34cc1a759b1443b96cf7dc45317008a30b1fc8d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4333242b1f6f25f8656bd612870d02868f3724d80cf542c8d78ada49a8ad9cb2_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4519eccf48b1f2393bab39980fadde7e398cfff1933b78e9565029f95296ff05_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:a15b54532e9e06d91abce8fd7becf2aa3bfbce56f231036e25e9ffed15760f74_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:ce1e29736422aa55f1a3837fc38a365fbc1096d58b6794cca84ff907da273917_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:42f631d436d62d7399ca3ef8fd89a334c7839823c8e6ffafe2cdd32ee36493bb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:56615395c62e26f3ef9bd267c0d5245331b8c67508df4bd8bbc83d72c4ef3b99_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:84a87320bee17439c05d2c6a1edf3b7e83b2f7ebfdd850399d12635e58da4d55_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:04a821296c01da5155ab36d9381b962866c26e9c7516f321ffe440b7fa13b4c5_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:33aaad4cc22d1e2998e4710cc644f4032bec8f140e5236fdc83d520a869626ef_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:d2cb739f949dc4ec9617bb9470a8482a8011077043e06e735ab0c9d7d1cac381_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:12d3d74ffbd7eb3a4817952835ab9bf5b89edf4fc9af661a28ec009f3251a519_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:1fb43684436f6b55152aab553177df048d5bb267c5efbc61f0f27cdbb0848957_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:c51fe06b557fa20d78af7b12cf6c6ddc3227f44f3957a52f3037c25700cfadb2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:1e1d5fad0aecf93b79b21112360aa0c308654c5b5df829cd3144488f8e217af4_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:72f613c382aac012e2e79e800df50c210f41693cc2aaa5b99cb28ab38f1966c8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7f027d05df255e62828ab28d5f188655fc125bc4ead872c7a33cedaf47b12f8c_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:cf586b7cb58dff92e7f31b8b9ebe5c971e55c67b8ba2c3320d2b71183c88fc7c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:2df297674884e6ac297bae685f80741489ddf1e1d0ae1d5ec354917dff1acdda_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:7af31fef4a2269c2cf444420048ea644c9949714e9a63417fe6d7288abee457b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:3ca10a19a0706af65bb590403adad92114810bf0ac64a89d6ac1d862e4cec671_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:56a321957afd15d357c8b53fc50299c0811981e8b925e64858dc7c4cfcea1993_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:633bfd24f1396c150b5902407879e7b26e7681074772fbbfeccc4d48cbe77b19_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:ff09ee957797fa15208f9130e246ae006c385cc799573a71d31aff9ddf0e805d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:5bd1065dca1978c49c0143e2be4e921465c6a67fa786ab2a9254f0790259096e_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:8b34aaf5a7729ef1ccd01f2b1b1e3439b304343f3403de67f68255015206fbf4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:ade80e2ecb6fa56c20539e11677c29e57a1e20b5ce60f8414fd8ff3e83c9bc28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:3439c67a60c8323eb88f0181e8f811e5bdd7b51169f8b8cc687ab2148d1bfabe_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:820fd80dbce2d9d9cdf38989ce84ee5601e862786a732ad108fc319e28131944_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:d9a6959a71074ffc5ec0fa324af389fbd8277efbd22a827cef8a439b18cd2bcf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:8e9dbdc213745aa0990f47e50b1d899ac2121951b9346420131d76cc393a493a_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:95ca9b1ecee8f11d6edabd7af76f60d2987df91d11fd0fb4c6578df735717422_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:f01860f904557f887d8aafe42143c63352d6cb496dc727c265f14e3c2d296e06_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:1c76d957c8588ea2987d4b551bbefc2ef07c546cbaeb3148caff06f640b35ade_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:68e9797f37f8e4de817ee4e1cba7d583b541db2373c5d250ccc3344820720b85_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:7f362050312693129d3a15b6eed4fa06576d6529a99bc864f273c55145ae14ec_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:114fd9b55f5ea28a16c3fe2eef773a4cb4693c1885ef6193399cfea278191acb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:6490c1848b373efe6c327f8959e06b66b1ac3fe0f90fa697f7309d9f48c66765_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:816d8f81196bb0acfe5bbc792f9768916724bdecea3671172412eeb6948c4ff7_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:1e66abc3373c50b5ef69b0c63bf877a978e3aa0a368630973cf0a2be7374becf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:9c061b939c8094f4939cd183da381ad8e49d878cc2fdd373b8d26eecae07ab6d_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f0511f3768e51b6801b66c91b302010e6197facb71a0b7777c4d3ad3039b6c88_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:3e70ae3e8b5f776ad3e2a184a1f2f572de5c46386f34edb99e2b9d1d9249ae41_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:5924a7e64d6031aa926f9ecb9ee3be30d8251c4705813a9bef6716d18b7411b4_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:f441a07265d87fb59ee375723e98fbc9af5f3fd5a2c09761692b0e271205f0bb_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:af7bbec8e30b0e0d8393fe1e2bd656d7630b7c9828536be6664fa848fac61505_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:cf4e879101bc4e3666649dda0926de8bbd95e641dc6832c29dc457128256eb6c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:331f8435e1bd3dec98947a24346873d09056e37e2d7ed83a463098dbf9f31a47_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:5e83e352d083892699338da3fa4c9b8218561e7167b4dff102d22e401cbc7f75_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:86ca44b014be65651b83a49a38c0784dee640b491b935e3ed5f3d49d84d55362_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f9ee33c1c4d7f2a872861c9ad1dbb78ba8fed3ab562ae90f12f06a892147e367_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:0ea603487b204f43ebddb1514500cdeaa02a0b763a627e4e10979deec60b7d28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:29ff94de29714044377d060db9ad47f151afec858c8fc127c94ff04adbb984b7_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:2b6c00ee23df974d22c185b592ef4d7babbb76bcadc129a04c869f9983630103_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:e7c4da685e08c79d5b49e9f12ff5efa7cc7d9e26a03c91ab19f86c99e9f4ac23_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:25077a998c7b6ec7e8122026f2152419a0efe293a00899bb745a66a57f913848_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:5178d3800d74d84a6282a7ddc888eea9b81d62c8a385ad57bb742fa28fb0f575_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:9070f6741e667a4a145ede8dc67d4f7545944ef5fe4937fdcb1a08e9f537e068_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:a7efdef6ef06af0aa97de86ebd0c0ccfc316719195289dfa835261da53b06589_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2dd15cd61e1e5d98791a68bb513572b82ce5d799dd3fa864d43a8134536b19ff_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:37938821d832d7b957aa6f9b4a468c0eed785625c2bb8257726b4dc094bab9bd_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:e94a31493c7207846ab5d13387311e9a6d99ffa7885d1b8faa8602750059c2a3_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:eb0500f30373c5bcf3e10e27b081f97e5ce8b29a71dde9ff9b7e1066fd5dd80e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:22c745e5d04f7a0d9b188bf6657b1de053c61d99d813f11f6819550ef2a96732_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:49495dd44b7956a5e1bed226a896be649a07cd1b1f915de31d39041a77f6cdb5_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:741b836350d9ec48109468382c81066f401ebb4712ca414d44e3042894111419_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:9cf7f5bdebf6b53fce9cfed4fe530c380f36bb1d60120b53c06043371863d4e6_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:3dd54b885e3d63e5882284bf4878aa723c1fef6833601ed5d5a091b6b74c68d1_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:83f773633a864b707c7e371bd554f79622b999a1ecef4b1cd368e0dd72b7a9ad_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:4a356900b1daca75092b8eac5c1d16f38703941caebba5ddec48120e854bd7e9_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:a26699523e44b43a0f237ee664b3574cbea8d11576bd4bc884c3766c0effb8df_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:1a85e42e32534b58410c519b4d8f7d84fe6ff96567612f18f4bd558fa3c895a6_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef72689e332c4e224a80603ffbcc1603cdf8fe4230b9fd60e7713f0b5c2d5045_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:1c15c95b65bfbcc620d4d429431eabca8f4714d32a38aa68cb15c549e1a6ce4c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:659acd52802b6f2300c223bcde827f1d9b80ac9a93fdb6f574fcb5a08b92607c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:6f44d3b3973c34677d347a67841dbfabd23817de1b5c26967f1b9952c27b48c8_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:b84eb1329e837895ca50d3284553e195918fefc71bdb9dc2550a90b2d927b6eb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:84739168d6ea2813c5b9666773166649a6b328a279dac80b61c51311a6a2943a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-operator-bundle@sha256:74968eea50e067a335e830cfde6d8bf3cd130a9eba77ce918e25e252b7c1541e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:53a8389250e59e7c9f5a9a61914cac361946b256132649bd45f775c8f36b486a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:890b0e4467cdfd68985af367a6d015ff7e92a2b6a1f46e2c2bf233c3d621f1a8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:9f667eb88f5b085ec40b8b06e5f42cf6a0ced0913d7d2b0402cd0472eb4b428c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:eedab7e6fd4adb2bd697e8cbcbd6703291d9fe5d2a3a048e8c34d9529586c93a_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:12ac94419811458fb309d417091e279d485c4a665899d3a7d3157b8b32c1b03d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:4318d360c3a968ee79ef68979105ee5ffb93137757a3b4a6c42c15e6cf6b11ba_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:ba6188d3d284f030f90e117c87501a8d08c4b356383429ad39806472113aa41b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:05c7ffbd4dfa1f6ef760ed86f142d84d4c42583fa0b747eedc234763bef74ebb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:883f4ae255413c1409d3fb607f91fdf13badf534c5e8f78d9905c8da69cdeeed_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:b7f375f2f1f4eb828ee8255143143385c4662aab967c007a89954903c8a7c27f_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:d29d106e6c0f6a3ae971903a16cf4a564950bcf5336219eb6665cae98b824d33_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:5a2db37676e0f0b05fe2a8c5f82bb489ff3c8dd80f94b9fb3540488ab39ff6ca_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:bab28cfa3596192875dbf305a4ed7432db0ebebec604053d30895931818740cd_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-12805"
},
{
"category": "external",
"summary": "RHBZ#2413101",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413101"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-12805",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12805"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-12805",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12805"
}
],
"release_date": "2025-12-31T23:59:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-12T22:43:13+00:00",
"details": "For Red Hat OpenShift AI 2.25.2 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:1d258fe98c2477e4256a9b936f412f2501fb7ca9e3b810347f9712e0d5ce5c92_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:e8ccea3bfafbde4d5b91cc7b7732b2b64d6aa08499b5ca63b4d8f1e980291351_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2695"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:2c98b3b933276dbcead1fde142bfcd3f130d89e6812c6b433da7eed650ae2dbc_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:53c79641084ebe6c98274b31e34cc1a759b1443b96cf7dc45317008a30b1fc8d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4333242b1f6f25f8656bd612870d02868f3724d80cf542c8d78ada49a8ad9cb2_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4519eccf48b1f2393bab39980fadde7e398cfff1933b78e9565029f95296ff05_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:a15b54532e9e06d91abce8fd7becf2aa3bfbce56f231036e25e9ffed15760f74_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:ce1e29736422aa55f1a3837fc38a365fbc1096d58b6794cca84ff907da273917_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:42f631d436d62d7399ca3ef8fd89a334c7839823c8e6ffafe2cdd32ee36493bb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:56615395c62e26f3ef9bd267c0d5245331b8c67508df4bd8bbc83d72c4ef3b99_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:84a87320bee17439c05d2c6a1edf3b7e83b2f7ebfdd850399d12635e58da4d55_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:04a821296c01da5155ab36d9381b962866c26e9c7516f321ffe440b7fa13b4c5_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:33aaad4cc22d1e2998e4710cc644f4032bec8f140e5236fdc83d520a869626ef_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:d2cb739f949dc4ec9617bb9470a8482a8011077043e06e735ab0c9d7d1cac381_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:12d3d74ffbd7eb3a4817952835ab9bf5b89edf4fc9af661a28ec009f3251a519_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:1fb43684436f6b55152aab553177df048d5bb267c5efbc61f0f27cdbb0848957_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:c51fe06b557fa20d78af7b12cf6c6ddc3227f44f3957a52f3037c25700cfadb2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:1e1d5fad0aecf93b79b21112360aa0c308654c5b5df829cd3144488f8e217af4_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:72f613c382aac012e2e79e800df50c210f41693cc2aaa5b99cb28ab38f1966c8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7f027d05df255e62828ab28d5f188655fc125bc4ead872c7a33cedaf47b12f8c_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:cf586b7cb58dff92e7f31b8b9ebe5c971e55c67b8ba2c3320d2b71183c88fc7c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:2df297674884e6ac297bae685f80741489ddf1e1d0ae1d5ec354917dff1acdda_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:7af31fef4a2269c2cf444420048ea644c9949714e9a63417fe6d7288abee457b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:3ca10a19a0706af65bb590403adad92114810bf0ac64a89d6ac1d862e4cec671_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:56a321957afd15d357c8b53fc50299c0811981e8b925e64858dc7c4cfcea1993_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:633bfd24f1396c150b5902407879e7b26e7681074772fbbfeccc4d48cbe77b19_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:ff09ee957797fa15208f9130e246ae006c385cc799573a71d31aff9ddf0e805d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:1d258fe98c2477e4256a9b936f412f2501fb7ca9e3b810347f9712e0d5ce5c92_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:e8ccea3bfafbde4d5b91cc7b7732b2b64d6aa08499b5ca63b4d8f1e980291351_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:5bd1065dca1978c49c0143e2be4e921465c6a67fa786ab2a9254f0790259096e_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:8b34aaf5a7729ef1ccd01f2b1b1e3439b304343f3403de67f68255015206fbf4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:ade80e2ecb6fa56c20539e11677c29e57a1e20b5ce60f8414fd8ff3e83c9bc28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:3439c67a60c8323eb88f0181e8f811e5bdd7b51169f8b8cc687ab2148d1bfabe_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:820fd80dbce2d9d9cdf38989ce84ee5601e862786a732ad108fc319e28131944_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:d9a6959a71074ffc5ec0fa324af389fbd8277efbd22a827cef8a439b18cd2bcf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:8e9dbdc213745aa0990f47e50b1d899ac2121951b9346420131d76cc393a493a_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:95ca9b1ecee8f11d6edabd7af76f60d2987df91d11fd0fb4c6578df735717422_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:f01860f904557f887d8aafe42143c63352d6cb496dc727c265f14e3c2d296e06_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:1c76d957c8588ea2987d4b551bbefc2ef07c546cbaeb3148caff06f640b35ade_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:68e9797f37f8e4de817ee4e1cba7d583b541db2373c5d250ccc3344820720b85_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:7f362050312693129d3a15b6eed4fa06576d6529a99bc864f273c55145ae14ec_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:114fd9b55f5ea28a16c3fe2eef773a4cb4693c1885ef6193399cfea278191acb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:6490c1848b373efe6c327f8959e06b66b1ac3fe0f90fa697f7309d9f48c66765_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:816d8f81196bb0acfe5bbc792f9768916724bdecea3671172412eeb6948c4ff7_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:1e66abc3373c50b5ef69b0c63bf877a978e3aa0a368630973cf0a2be7374becf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:9c061b939c8094f4939cd183da381ad8e49d878cc2fdd373b8d26eecae07ab6d_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f0511f3768e51b6801b66c91b302010e6197facb71a0b7777c4d3ad3039b6c88_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:3e70ae3e8b5f776ad3e2a184a1f2f572de5c46386f34edb99e2b9d1d9249ae41_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:5924a7e64d6031aa926f9ecb9ee3be30d8251c4705813a9bef6716d18b7411b4_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:f441a07265d87fb59ee375723e98fbc9af5f3fd5a2c09761692b0e271205f0bb_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:af7bbec8e30b0e0d8393fe1e2bd656d7630b7c9828536be6664fa848fac61505_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:cf4e879101bc4e3666649dda0926de8bbd95e641dc6832c29dc457128256eb6c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:331f8435e1bd3dec98947a24346873d09056e37e2d7ed83a463098dbf9f31a47_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:5e83e352d083892699338da3fa4c9b8218561e7167b4dff102d22e401cbc7f75_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:86ca44b014be65651b83a49a38c0784dee640b491b935e3ed5f3d49d84d55362_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f9ee33c1c4d7f2a872861c9ad1dbb78ba8fed3ab562ae90f12f06a892147e367_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:0ea603487b204f43ebddb1514500cdeaa02a0b763a627e4e10979deec60b7d28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:29ff94de29714044377d060db9ad47f151afec858c8fc127c94ff04adbb984b7_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:2b6c00ee23df974d22c185b592ef4d7babbb76bcadc129a04c869f9983630103_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:e7c4da685e08c79d5b49e9f12ff5efa7cc7d9e26a03c91ab19f86c99e9f4ac23_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:25077a998c7b6ec7e8122026f2152419a0efe293a00899bb745a66a57f913848_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:5178d3800d74d84a6282a7ddc888eea9b81d62c8a385ad57bb742fa28fb0f575_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:9070f6741e667a4a145ede8dc67d4f7545944ef5fe4937fdcb1a08e9f537e068_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:a7efdef6ef06af0aa97de86ebd0c0ccfc316719195289dfa835261da53b06589_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2dd15cd61e1e5d98791a68bb513572b82ce5d799dd3fa864d43a8134536b19ff_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:37938821d832d7b957aa6f9b4a468c0eed785625c2bb8257726b4dc094bab9bd_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:e94a31493c7207846ab5d13387311e9a6d99ffa7885d1b8faa8602750059c2a3_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:eb0500f30373c5bcf3e10e27b081f97e5ce8b29a71dde9ff9b7e1066fd5dd80e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:22c745e5d04f7a0d9b188bf6657b1de053c61d99d813f11f6819550ef2a96732_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:49495dd44b7956a5e1bed226a896be649a07cd1b1f915de31d39041a77f6cdb5_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:741b836350d9ec48109468382c81066f401ebb4712ca414d44e3042894111419_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:9cf7f5bdebf6b53fce9cfed4fe530c380f36bb1d60120b53c06043371863d4e6_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:3dd54b885e3d63e5882284bf4878aa723c1fef6833601ed5d5a091b6b74c68d1_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:83f773633a864b707c7e371bd554f79622b999a1ecef4b1cd368e0dd72b7a9ad_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:4a356900b1daca75092b8eac5c1d16f38703941caebba5ddec48120e854bd7e9_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:a26699523e44b43a0f237ee664b3574cbea8d11576bd4bc884c3766c0effb8df_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:1a85e42e32534b58410c519b4d8f7d84fe6ff96567612f18f4bd558fa3c895a6_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef72689e332c4e224a80603ffbcc1603cdf8fe4230b9fd60e7713f0b5c2d5045_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:1c15c95b65bfbcc620d4d429431eabca8f4714d32a38aa68cb15c549e1a6ce4c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:659acd52802b6f2300c223bcde827f1d9b80ac9a93fdb6f574fcb5a08b92607c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:6f44d3b3973c34677d347a67841dbfabd23817de1b5c26967f1b9952c27b48c8_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:b84eb1329e837895ca50d3284553e195918fefc71bdb9dc2550a90b2d927b6eb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:84739168d6ea2813c5b9666773166649a6b328a279dac80b61c51311a6a2943a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-operator-bundle@sha256:74968eea50e067a335e830cfde6d8bf3cd130a9eba77ce918e25e252b7c1541e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:53a8389250e59e7c9f5a9a61914cac361946b256132649bd45f775c8f36b486a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:890b0e4467cdfd68985af367a6d015ff7e92a2b6a1f46e2c2bf233c3d621f1a8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:9f667eb88f5b085ec40b8b06e5f42cf6a0ced0913d7d2b0402cd0472eb4b428c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:eedab7e6fd4adb2bd697e8cbcbd6703291d9fe5d2a3a048e8c34d9529586c93a_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:12ac94419811458fb309d417091e279d485c4a665899d3a7d3157b8b32c1b03d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:4318d360c3a968ee79ef68979105ee5ffb93137757a3b4a6c42c15e6cf6b11ba_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:ba6188d3d284f030f90e117c87501a8d08c4b356383429ad39806472113aa41b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:05c7ffbd4dfa1f6ef760ed86f142d84d4c42583fa0b747eedc234763bef74ebb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:883f4ae255413c1409d3fb607f91fdf13badf534c5e8f78d9905c8da69cdeeed_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:b7f375f2f1f4eb828ee8255143143385c4662aab967c007a89954903c8a7c27f_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:d29d106e6c0f6a3ae971903a16cf4a564950bcf5336219eb6665cae98b824d33_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:5a2db37676e0f0b05fe2a8c5f82bb489ff3c8dd80f94b9fb3540488ab39ff6ca_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:bab28cfa3596192875dbf305a4ed7432db0ebebec604053d30895931818740cd_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:2c98b3b933276dbcead1fde142bfcd3f130d89e6812c6b433da7eed650ae2dbc_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:53c79641084ebe6c98274b31e34cc1a759b1443b96cf7dc45317008a30b1fc8d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4333242b1f6f25f8656bd612870d02868f3724d80cf542c8d78ada49a8ad9cb2_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4519eccf48b1f2393bab39980fadde7e398cfff1933b78e9565029f95296ff05_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:a15b54532e9e06d91abce8fd7becf2aa3bfbce56f231036e25e9ffed15760f74_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:ce1e29736422aa55f1a3837fc38a365fbc1096d58b6794cca84ff907da273917_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:42f631d436d62d7399ca3ef8fd89a334c7839823c8e6ffafe2cdd32ee36493bb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:56615395c62e26f3ef9bd267c0d5245331b8c67508df4bd8bbc83d72c4ef3b99_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:84a87320bee17439c05d2c6a1edf3b7e83b2f7ebfdd850399d12635e58da4d55_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:04a821296c01da5155ab36d9381b962866c26e9c7516f321ffe440b7fa13b4c5_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:33aaad4cc22d1e2998e4710cc644f4032bec8f140e5236fdc83d520a869626ef_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:d2cb739f949dc4ec9617bb9470a8482a8011077043e06e735ab0c9d7d1cac381_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:12d3d74ffbd7eb3a4817952835ab9bf5b89edf4fc9af661a28ec009f3251a519_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:1fb43684436f6b55152aab553177df048d5bb267c5efbc61f0f27cdbb0848957_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:c51fe06b557fa20d78af7b12cf6c6ddc3227f44f3957a52f3037c25700cfadb2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:1e1d5fad0aecf93b79b21112360aa0c308654c5b5df829cd3144488f8e217af4_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:72f613c382aac012e2e79e800df50c210f41693cc2aaa5b99cb28ab38f1966c8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7f027d05df255e62828ab28d5f188655fc125bc4ead872c7a33cedaf47b12f8c_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:cf586b7cb58dff92e7f31b8b9ebe5c971e55c67b8ba2c3320d2b71183c88fc7c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:2df297674884e6ac297bae685f80741489ddf1e1d0ae1d5ec354917dff1acdda_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:7af31fef4a2269c2cf444420048ea644c9949714e9a63417fe6d7288abee457b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:3ca10a19a0706af65bb590403adad92114810bf0ac64a89d6ac1d862e4cec671_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:56a321957afd15d357c8b53fc50299c0811981e8b925e64858dc7c4cfcea1993_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:633bfd24f1396c150b5902407879e7b26e7681074772fbbfeccc4d48cbe77b19_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:ff09ee957797fa15208f9130e246ae006c385cc799573a71d31aff9ddf0e805d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:1d258fe98c2477e4256a9b936f412f2501fb7ca9e3b810347f9712e0d5ce5c92_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:e8ccea3bfafbde4d5b91cc7b7732b2b64d6aa08499b5ca63b4d8f1e980291351_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:5bd1065dca1978c49c0143e2be4e921465c6a67fa786ab2a9254f0790259096e_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:8b34aaf5a7729ef1ccd01f2b1b1e3439b304343f3403de67f68255015206fbf4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:ade80e2ecb6fa56c20539e11677c29e57a1e20b5ce60f8414fd8ff3e83c9bc28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:3439c67a60c8323eb88f0181e8f811e5bdd7b51169f8b8cc687ab2148d1bfabe_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:820fd80dbce2d9d9cdf38989ce84ee5601e862786a732ad108fc319e28131944_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:d9a6959a71074ffc5ec0fa324af389fbd8277efbd22a827cef8a439b18cd2bcf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:8e9dbdc213745aa0990f47e50b1d899ac2121951b9346420131d76cc393a493a_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:95ca9b1ecee8f11d6edabd7af76f60d2987df91d11fd0fb4c6578df735717422_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:f01860f904557f887d8aafe42143c63352d6cb496dc727c265f14e3c2d296e06_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:1c76d957c8588ea2987d4b551bbefc2ef07c546cbaeb3148caff06f640b35ade_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:68e9797f37f8e4de817ee4e1cba7d583b541db2373c5d250ccc3344820720b85_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:7f362050312693129d3a15b6eed4fa06576d6529a99bc864f273c55145ae14ec_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:114fd9b55f5ea28a16c3fe2eef773a4cb4693c1885ef6193399cfea278191acb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:6490c1848b373efe6c327f8959e06b66b1ac3fe0f90fa697f7309d9f48c66765_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:816d8f81196bb0acfe5bbc792f9768916724bdecea3671172412eeb6948c4ff7_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:1e66abc3373c50b5ef69b0c63bf877a978e3aa0a368630973cf0a2be7374becf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:9c061b939c8094f4939cd183da381ad8e49d878cc2fdd373b8d26eecae07ab6d_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f0511f3768e51b6801b66c91b302010e6197facb71a0b7777c4d3ad3039b6c88_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:3e70ae3e8b5f776ad3e2a184a1f2f572de5c46386f34edb99e2b9d1d9249ae41_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:5924a7e64d6031aa926f9ecb9ee3be30d8251c4705813a9bef6716d18b7411b4_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:f441a07265d87fb59ee375723e98fbc9af5f3fd5a2c09761692b0e271205f0bb_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:af7bbec8e30b0e0d8393fe1e2bd656d7630b7c9828536be6664fa848fac61505_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:cf4e879101bc4e3666649dda0926de8bbd95e641dc6832c29dc457128256eb6c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:331f8435e1bd3dec98947a24346873d09056e37e2d7ed83a463098dbf9f31a47_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:5e83e352d083892699338da3fa4c9b8218561e7167b4dff102d22e401cbc7f75_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:86ca44b014be65651b83a49a38c0784dee640b491b935e3ed5f3d49d84d55362_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f9ee33c1c4d7f2a872861c9ad1dbb78ba8fed3ab562ae90f12f06a892147e367_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:0ea603487b204f43ebddb1514500cdeaa02a0b763a627e4e10979deec60b7d28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:29ff94de29714044377d060db9ad47f151afec858c8fc127c94ff04adbb984b7_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:2b6c00ee23df974d22c185b592ef4d7babbb76bcadc129a04c869f9983630103_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:e7c4da685e08c79d5b49e9f12ff5efa7cc7d9e26a03c91ab19f86c99e9f4ac23_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:25077a998c7b6ec7e8122026f2152419a0efe293a00899bb745a66a57f913848_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:5178d3800d74d84a6282a7ddc888eea9b81d62c8a385ad57bb742fa28fb0f575_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:9070f6741e667a4a145ede8dc67d4f7545944ef5fe4937fdcb1a08e9f537e068_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:a7efdef6ef06af0aa97de86ebd0c0ccfc316719195289dfa835261da53b06589_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2dd15cd61e1e5d98791a68bb513572b82ce5d799dd3fa864d43a8134536b19ff_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:37938821d832d7b957aa6f9b4a468c0eed785625c2bb8257726b4dc094bab9bd_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:e94a31493c7207846ab5d13387311e9a6d99ffa7885d1b8faa8602750059c2a3_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:eb0500f30373c5bcf3e10e27b081f97e5ce8b29a71dde9ff9b7e1066fd5dd80e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:22c745e5d04f7a0d9b188bf6657b1de053c61d99d813f11f6819550ef2a96732_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:49495dd44b7956a5e1bed226a896be649a07cd1b1f915de31d39041a77f6cdb5_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:741b836350d9ec48109468382c81066f401ebb4712ca414d44e3042894111419_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:9cf7f5bdebf6b53fce9cfed4fe530c380f36bb1d60120b53c06043371863d4e6_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:3dd54b885e3d63e5882284bf4878aa723c1fef6833601ed5d5a091b6b74c68d1_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:83f773633a864b707c7e371bd554f79622b999a1ecef4b1cd368e0dd72b7a9ad_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:4a356900b1daca75092b8eac5c1d16f38703941caebba5ddec48120e854bd7e9_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:a26699523e44b43a0f237ee664b3574cbea8d11576bd4bc884c3766c0effb8df_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:1a85e42e32534b58410c519b4d8f7d84fe6ff96567612f18f4bd558fa3c895a6_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef72689e332c4e224a80603ffbcc1603cdf8fe4230b9fd60e7713f0b5c2d5045_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:1c15c95b65bfbcc620d4d429431eabca8f4714d32a38aa68cb15c549e1a6ce4c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:659acd52802b6f2300c223bcde827f1d9b80ac9a93fdb6f574fcb5a08b92607c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:6f44d3b3973c34677d347a67841dbfabd23817de1b5c26967f1b9952c27b48c8_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:b84eb1329e837895ca50d3284553e195918fefc71bdb9dc2550a90b2d927b6eb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:84739168d6ea2813c5b9666773166649a6b328a279dac80b61c51311a6a2943a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-operator-bundle@sha256:74968eea50e067a335e830cfde6d8bf3cd130a9eba77ce918e25e252b7c1541e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:53a8389250e59e7c9f5a9a61914cac361946b256132649bd45f775c8f36b486a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:890b0e4467cdfd68985af367a6d015ff7e92a2b6a1f46e2c2bf233c3d621f1a8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:9f667eb88f5b085ec40b8b06e5f42cf6a0ced0913d7d2b0402cd0472eb4b428c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:eedab7e6fd4adb2bd697e8cbcbd6703291d9fe5d2a3a048e8c34d9529586c93a_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:12ac94419811458fb309d417091e279d485c4a665899d3a7d3157b8b32c1b03d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:4318d360c3a968ee79ef68979105ee5ffb93137757a3b4a6c42c15e6cf6b11ba_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:ba6188d3d284f030f90e117c87501a8d08c4b356383429ad39806472113aa41b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:05c7ffbd4dfa1f6ef760ed86f142d84d4c42583fa0b747eedc234763bef74ebb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:883f4ae255413c1409d3fb607f91fdf13badf534c5e8f78d9905c8da69cdeeed_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:b7f375f2f1f4eb828ee8255143143385c4662aab967c007a89954903c8a7c27f_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:d29d106e6c0f6a3ae971903a16cf4a564950bcf5336219eb6665cae98b824d33_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:5a2db37676e0f0b05fe2a8c5f82bb489ff3c8dd80f94b9fb3540488ab39ff6ca_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:bab28cfa3596192875dbf305a4ed7432db0ebebec604053d30895931818740cd_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "llama-stack-k8s-operator: Llama Stack service exposed across namespaces due to missing NetworkPolicy"
},
{
"cve": "CVE-2025-12816",
"cwe": {
"id": "CWE-179",
"name": "Incorrect Behavior Order: Early Validation"
},
"discovery_date": "2025-11-25T20:01:05.875196+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:2c98b3b933276dbcead1fde142bfcd3f130d89e6812c6b433da7eed650ae2dbc_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:53c79641084ebe6c98274b31e34cc1a759b1443b96cf7dc45317008a30b1fc8d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:42f631d436d62d7399ca3ef8fd89a334c7839823c8e6ffafe2cdd32ee36493bb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:56615395c62e26f3ef9bd267c0d5245331b8c67508df4bd8bbc83d72c4ef3b99_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:84a87320bee17439c05d2c6a1edf3b7e83b2f7ebfdd850399d12635e58da4d55_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:04a821296c01da5155ab36d9381b962866c26e9c7516f321ffe440b7fa13b4c5_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:33aaad4cc22d1e2998e4710cc644f4032bec8f140e5236fdc83d520a869626ef_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:d2cb739f949dc4ec9617bb9470a8482a8011077043e06e735ab0c9d7d1cac381_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:12d3d74ffbd7eb3a4817952835ab9bf5b89edf4fc9af661a28ec009f3251a519_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:1fb43684436f6b55152aab553177df048d5bb267c5efbc61f0f27cdbb0848957_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:c51fe06b557fa20d78af7b12cf6c6ddc3227f44f3957a52f3037c25700cfadb2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:1e1d5fad0aecf93b79b21112360aa0c308654c5b5df829cd3144488f8e217af4_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:72f613c382aac012e2e79e800df50c210f41693cc2aaa5b99cb28ab38f1966c8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7f027d05df255e62828ab28d5f188655fc125bc4ead872c7a33cedaf47b12f8c_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:cf586b7cb58dff92e7f31b8b9ebe5c971e55c67b8ba2c3320d2b71183c88fc7c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:2df297674884e6ac297bae685f80741489ddf1e1d0ae1d5ec354917dff1acdda_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:7af31fef4a2269c2cf444420048ea644c9949714e9a63417fe6d7288abee457b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:3ca10a19a0706af65bb590403adad92114810bf0ac64a89d6ac1d862e4cec671_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:56a321957afd15d357c8b53fc50299c0811981e8b925e64858dc7c4cfcea1993_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:633bfd24f1396c150b5902407879e7b26e7681074772fbbfeccc4d48cbe77b19_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:ff09ee957797fa15208f9130e246ae006c385cc799573a71d31aff9ddf0e805d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:1d258fe98c2477e4256a9b936f412f2501fb7ca9e3b810347f9712e0d5ce5c92_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:e8ccea3bfafbde4d5b91cc7b7732b2b64d6aa08499b5ca63b4d8f1e980291351_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:5bd1065dca1978c49c0143e2be4e921465c6a67fa786ab2a9254f0790259096e_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:8b34aaf5a7729ef1ccd01f2b1b1e3439b304343f3403de67f68255015206fbf4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:ade80e2ecb6fa56c20539e11677c29e57a1e20b5ce60f8414fd8ff3e83c9bc28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:3439c67a60c8323eb88f0181e8f811e5bdd7b51169f8b8cc687ab2148d1bfabe_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:820fd80dbce2d9d9cdf38989ce84ee5601e862786a732ad108fc319e28131944_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:d9a6959a71074ffc5ec0fa324af389fbd8277efbd22a827cef8a439b18cd2bcf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:8e9dbdc213745aa0990f47e50b1d899ac2121951b9346420131d76cc393a493a_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:95ca9b1ecee8f11d6edabd7af76f60d2987df91d11fd0fb4c6578df735717422_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:f01860f904557f887d8aafe42143c63352d6cb496dc727c265f14e3c2d296e06_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:1c76d957c8588ea2987d4b551bbefc2ef07c546cbaeb3148caff06f640b35ade_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:68e9797f37f8e4de817ee4e1cba7d583b541db2373c5d250ccc3344820720b85_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:7f362050312693129d3a15b6eed4fa06576d6529a99bc864f273c55145ae14ec_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:114fd9b55f5ea28a16c3fe2eef773a4cb4693c1885ef6193399cfea278191acb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:6490c1848b373efe6c327f8959e06b66b1ac3fe0f90fa697f7309d9f48c66765_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:816d8f81196bb0acfe5bbc792f9768916724bdecea3671172412eeb6948c4ff7_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:1e66abc3373c50b5ef69b0c63bf877a978e3aa0a368630973cf0a2be7374becf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:9c061b939c8094f4939cd183da381ad8e49d878cc2fdd373b8d26eecae07ab6d_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f0511f3768e51b6801b66c91b302010e6197facb71a0b7777c4d3ad3039b6c88_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:3e70ae3e8b5f776ad3e2a184a1f2f572de5c46386f34edb99e2b9d1d9249ae41_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:5924a7e64d6031aa926f9ecb9ee3be30d8251c4705813a9bef6716d18b7411b4_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:f441a07265d87fb59ee375723e98fbc9af5f3fd5a2c09761692b0e271205f0bb_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:af7bbec8e30b0e0d8393fe1e2bd656d7630b7c9828536be6664fa848fac61505_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:cf4e879101bc4e3666649dda0926de8bbd95e641dc6832c29dc457128256eb6c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:0ea603487b204f43ebddb1514500cdeaa02a0b763a627e4e10979deec60b7d28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:29ff94de29714044377d060db9ad47f151afec858c8fc127c94ff04adbb984b7_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:2b6c00ee23df974d22c185b592ef4d7babbb76bcadc129a04c869f9983630103_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:e7c4da685e08c79d5b49e9f12ff5efa7cc7d9e26a03c91ab19f86c99e9f4ac23_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:25077a998c7b6ec7e8122026f2152419a0efe293a00899bb745a66a57f913848_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:5178d3800d74d84a6282a7ddc888eea9b81d62c8a385ad57bb742fa28fb0f575_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:9070f6741e667a4a145ede8dc67d4f7545944ef5fe4937fdcb1a08e9f537e068_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:a7efdef6ef06af0aa97de86ebd0c0ccfc316719195289dfa835261da53b06589_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2dd15cd61e1e5d98791a68bb513572b82ce5d799dd3fa864d43a8134536b19ff_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:37938821d832d7b957aa6f9b4a468c0eed785625c2bb8257726b4dc094bab9bd_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:e94a31493c7207846ab5d13387311e9a6d99ffa7885d1b8faa8602750059c2a3_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:eb0500f30373c5bcf3e10e27b081f97e5ce8b29a71dde9ff9b7e1066fd5dd80e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:22c745e5d04f7a0d9b188bf6657b1de053c61d99d813f11f6819550ef2a96732_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:49495dd44b7956a5e1bed226a896be649a07cd1b1f915de31d39041a77f6cdb5_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:741b836350d9ec48109468382c81066f401ebb4712ca414d44e3042894111419_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:9cf7f5bdebf6b53fce9cfed4fe530c380f36bb1d60120b53c06043371863d4e6_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:3dd54b885e3d63e5882284bf4878aa723c1fef6833601ed5d5a091b6b74c68d1_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:83f773633a864b707c7e371bd554f79622b999a1ecef4b1cd368e0dd72b7a9ad_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:4a356900b1daca75092b8eac5c1d16f38703941caebba5ddec48120e854bd7e9_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:a26699523e44b43a0f237ee664b3574cbea8d11576bd4bc884c3766c0effb8df_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:1a85e42e32534b58410c519b4d8f7d84fe6ff96567612f18f4bd558fa3c895a6_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef72689e332c4e224a80603ffbcc1603cdf8fe4230b9fd60e7713f0b5c2d5045_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:1c15c95b65bfbcc620d4d429431eabca8f4714d32a38aa68cb15c549e1a6ce4c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:659acd52802b6f2300c223bcde827f1d9b80ac9a93fdb6f574fcb5a08b92607c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:6f44d3b3973c34677d347a67841dbfabd23817de1b5c26967f1b9952c27b48c8_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:b84eb1329e837895ca50d3284553e195918fefc71bdb9dc2550a90b2d927b6eb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:84739168d6ea2813c5b9666773166649a6b328a279dac80b61c51311a6a2943a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-operator-bundle@sha256:74968eea50e067a335e830cfde6d8bf3cd130a9eba77ce918e25e252b7c1541e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:53a8389250e59e7c9f5a9a61914cac361946b256132649bd45f775c8f36b486a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:890b0e4467cdfd68985af367a6d015ff7e92a2b6a1f46e2c2bf233c3d621f1a8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:9f667eb88f5b085ec40b8b06e5f42cf6a0ced0913d7d2b0402cd0472eb4b428c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:eedab7e6fd4adb2bd697e8cbcbd6703291d9fe5d2a3a048e8c34d9529586c93a_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:12ac94419811458fb309d417091e279d485c4a665899d3a7d3157b8b32c1b03d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:4318d360c3a968ee79ef68979105ee5ffb93137757a3b4a6c42c15e6cf6b11ba_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:ba6188d3d284f030f90e117c87501a8d08c4b356383429ad39806472113aa41b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:05c7ffbd4dfa1f6ef760ed86f142d84d4c42583fa0b747eedc234763bef74ebb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:883f4ae255413c1409d3fb607f91fdf13badf534c5e8f78d9905c8da69cdeeed_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:b7f375f2f1f4eb828ee8255143143385c4662aab967c007a89954903c8a7c27f_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:d29d106e6c0f6a3ae971903a16cf4a564950bcf5336219eb6665cae98b824d33_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:5a2db37676e0f0b05fe2a8c5f82bb489ff3c8dd80f94b9fb3540488ab39ff6ca_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:bab28cfa3596192875dbf305a4ed7432db0ebebec604053d30895931818740cd_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2417097"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in node-forge. This vulnerability allows unauthenticated attackers to bypass downstream cryptographic verifications and security decisions via crafting ASN.1 (Abstract Syntax Notation One) structures to desynchronize schema validations, yielding a semantic divergence.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: node-forge: Interpretation conflict vulnerability allows bypassing cryptographic verifications",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products due to an interpretation conflict in the node-forge library. An unauthenticated attacker could exploit this flaw by crafting malicious ASN.1 structures, leading to a bypass of cryptographic verifications and security decisions in affected applications. This impacts various Red Hat products that utilize node-forge for cryptographic operations.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4333242b1f6f25f8656bd612870d02868f3724d80cf542c8d78ada49a8ad9cb2_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4519eccf48b1f2393bab39980fadde7e398cfff1933b78e9565029f95296ff05_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:a15b54532e9e06d91abce8fd7becf2aa3bfbce56f231036e25e9ffed15760f74_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:ce1e29736422aa55f1a3837fc38a365fbc1096d58b6794cca84ff907da273917_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:331f8435e1bd3dec98947a24346873d09056e37e2d7ed83a463098dbf9f31a47_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:5e83e352d083892699338da3fa4c9b8218561e7167b4dff102d22e401cbc7f75_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:86ca44b014be65651b83a49a38c0784dee640b491b935e3ed5f3d49d84d55362_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f9ee33c1c4d7f2a872861c9ad1dbb78ba8fed3ab562ae90f12f06a892147e367_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:2c98b3b933276dbcead1fde142bfcd3f130d89e6812c6b433da7eed650ae2dbc_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:53c79641084ebe6c98274b31e34cc1a759b1443b96cf7dc45317008a30b1fc8d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:42f631d436d62d7399ca3ef8fd89a334c7839823c8e6ffafe2cdd32ee36493bb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:56615395c62e26f3ef9bd267c0d5245331b8c67508df4bd8bbc83d72c4ef3b99_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:84a87320bee17439c05d2c6a1edf3b7e83b2f7ebfdd850399d12635e58da4d55_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:04a821296c01da5155ab36d9381b962866c26e9c7516f321ffe440b7fa13b4c5_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:33aaad4cc22d1e2998e4710cc644f4032bec8f140e5236fdc83d520a869626ef_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:d2cb739f949dc4ec9617bb9470a8482a8011077043e06e735ab0c9d7d1cac381_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:12d3d74ffbd7eb3a4817952835ab9bf5b89edf4fc9af661a28ec009f3251a519_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:1fb43684436f6b55152aab553177df048d5bb267c5efbc61f0f27cdbb0848957_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:c51fe06b557fa20d78af7b12cf6c6ddc3227f44f3957a52f3037c25700cfadb2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:1e1d5fad0aecf93b79b21112360aa0c308654c5b5df829cd3144488f8e217af4_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:72f613c382aac012e2e79e800df50c210f41693cc2aaa5b99cb28ab38f1966c8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7f027d05df255e62828ab28d5f188655fc125bc4ead872c7a33cedaf47b12f8c_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:cf586b7cb58dff92e7f31b8b9ebe5c971e55c67b8ba2c3320d2b71183c88fc7c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:2df297674884e6ac297bae685f80741489ddf1e1d0ae1d5ec354917dff1acdda_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:7af31fef4a2269c2cf444420048ea644c9949714e9a63417fe6d7288abee457b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:3ca10a19a0706af65bb590403adad92114810bf0ac64a89d6ac1d862e4cec671_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:56a321957afd15d357c8b53fc50299c0811981e8b925e64858dc7c4cfcea1993_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:633bfd24f1396c150b5902407879e7b26e7681074772fbbfeccc4d48cbe77b19_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:ff09ee957797fa15208f9130e246ae006c385cc799573a71d31aff9ddf0e805d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:1d258fe98c2477e4256a9b936f412f2501fb7ca9e3b810347f9712e0d5ce5c92_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:e8ccea3bfafbde4d5b91cc7b7732b2b64d6aa08499b5ca63b4d8f1e980291351_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:5bd1065dca1978c49c0143e2be4e921465c6a67fa786ab2a9254f0790259096e_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:8b34aaf5a7729ef1ccd01f2b1b1e3439b304343f3403de67f68255015206fbf4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:ade80e2ecb6fa56c20539e11677c29e57a1e20b5ce60f8414fd8ff3e83c9bc28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:3439c67a60c8323eb88f0181e8f811e5bdd7b51169f8b8cc687ab2148d1bfabe_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:820fd80dbce2d9d9cdf38989ce84ee5601e862786a732ad108fc319e28131944_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:d9a6959a71074ffc5ec0fa324af389fbd8277efbd22a827cef8a439b18cd2bcf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:8e9dbdc213745aa0990f47e50b1d899ac2121951b9346420131d76cc393a493a_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:95ca9b1ecee8f11d6edabd7af76f60d2987df91d11fd0fb4c6578df735717422_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:f01860f904557f887d8aafe42143c63352d6cb496dc727c265f14e3c2d296e06_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:1c76d957c8588ea2987d4b551bbefc2ef07c546cbaeb3148caff06f640b35ade_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:68e9797f37f8e4de817ee4e1cba7d583b541db2373c5d250ccc3344820720b85_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:7f362050312693129d3a15b6eed4fa06576d6529a99bc864f273c55145ae14ec_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:114fd9b55f5ea28a16c3fe2eef773a4cb4693c1885ef6193399cfea278191acb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:6490c1848b373efe6c327f8959e06b66b1ac3fe0f90fa697f7309d9f48c66765_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:816d8f81196bb0acfe5bbc792f9768916724bdecea3671172412eeb6948c4ff7_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:1e66abc3373c50b5ef69b0c63bf877a978e3aa0a368630973cf0a2be7374becf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:9c061b939c8094f4939cd183da381ad8e49d878cc2fdd373b8d26eecae07ab6d_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f0511f3768e51b6801b66c91b302010e6197facb71a0b7777c4d3ad3039b6c88_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:3e70ae3e8b5f776ad3e2a184a1f2f572de5c46386f34edb99e2b9d1d9249ae41_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:5924a7e64d6031aa926f9ecb9ee3be30d8251c4705813a9bef6716d18b7411b4_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:f441a07265d87fb59ee375723e98fbc9af5f3fd5a2c09761692b0e271205f0bb_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:af7bbec8e30b0e0d8393fe1e2bd656d7630b7c9828536be6664fa848fac61505_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:cf4e879101bc4e3666649dda0926de8bbd95e641dc6832c29dc457128256eb6c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:0ea603487b204f43ebddb1514500cdeaa02a0b763a627e4e10979deec60b7d28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:29ff94de29714044377d060db9ad47f151afec858c8fc127c94ff04adbb984b7_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:2b6c00ee23df974d22c185b592ef4d7babbb76bcadc129a04c869f9983630103_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:e7c4da685e08c79d5b49e9f12ff5efa7cc7d9e26a03c91ab19f86c99e9f4ac23_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:25077a998c7b6ec7e8122026f2152419a0efe293a00899bb745a66a57f913848_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:5178d3800d74d84a6282a7ddc888eea9b81d62c8a385ad57bb742fa28fb0f575_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:9070f6741e667a4a145ede8dc67d4f7545944ef5fe4937fdcb1a08e9f537e068_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:a7efdef6ef06af0aa97de86ebd0c0ccfc316719195289dfa835261da53b06589_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2dd15cd61e1e5d98791a68bb513572b82ce5d799dd3fa864d43a8134536b19ff_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:37938821d832d7b957aa6f9b4a468c0eed785625c2bb8257726b4dc094bab9bd_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:e94a31493c7207846ab5d13387311e9a6d99ffa7885d1b8faa8602750059c2a3_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:eb0500f30373c5bcf3e10e27b081f97e5ce8b29a71dde9ff9b7e1066fd5dd80e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:22c745e5d04f7a0d9b188bf6657b1de053c61d99d813f11f6819550ef2a96732_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:49495dd44b7956a5e1bed226a896be649a07cd1b1f915de31d39041a77f6cdb5_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:741b836350d9ec48109468382c81066f401ebb4712ca414d44e3042894111419_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:9cf7f5bdebf6b53fce9cfed4fe530c380f36bb1d60120b53c06043371863d4e6_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:3dd54b885e3d63e5882284bf4878aa723c1fef6833601ed5d5a091b6b74c68d1_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:83f773633a864b707c7e371bd554f79622b999a1ecef4b1cd368e0dd72b7a9ad_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:4a356900b1daca75092b8eac5c1d16f38703941caebba5ddec48120e854bd7e9_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:a26699523e44b43a0f237ee664b3574cbea8d11576bd4bc884c3766c0effb8df_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:1a85e42e32534b58410c519b4d8f7d84fe6ff96567612f18f4bd558fa3c895a6_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef72689e332c4e224a80603ffbcc1603cdf8fe4230b9fd60e7713f0b5c2d5045_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:1c15c95b65bfbcc620d4d429431eabca8f4714d32a38aa68cb15c549e1a6ce4c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:659acd52802b6f2300c223bcde827f1d9b80ac9a93fdb6f574fcb5a08b92607c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:6f44d3b3973c34677d347a67841dbfabd23817de1b5c26967f1b9952c27b48c8_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:b84eb1329e837895ca50d3284553e195918fefc71bdb9dc2550a90b2d927b6eb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:84739168d6ea2813c5b9666773166649a6b328a279dac80b61c51311a6a2943a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-operator-bundle@sha256:74968eea50e067a335e830cfde6d8bf3cd130a9eba77ce918e25e252b7c1541e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:53a8389250e59e7c9f5a9a61914cac361946b256132649bd45f775c8f36b486a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:890b0e4467cdfd68985af367a6d015ff7e92a2b6a1f46e2c2bf233c3d621f1a8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:9f667eb88f5b085ec40b8b06e5f42cf6a0ced0913d7d2b0402cd0472eb4b428c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:eedab7e6fd4adb2bd697e8cbcbd6703291d9fe5d2a3a048e8c34d9529586c93a_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:12ac94419811458fb309d417091e279d485c4a665899d3a7d3157b8b32c1b03d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:4318d360c3a968ee79ef68979105ee5ffb93137757a3b4a6c42c15e6cf6b11ba_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:ba6188d3d284f030f90e117c87501a8d08c4b356383429ad39806472113aa41b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:05c7ffbd4dfa1f6ef760ed86f142d84d4c42583fa0b747eedc234763bef74ebb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:883f4ae255413c1409d3fb607f91fdf13badf534c5e8f78d9905c8da69cdeeed_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:b7f375f2f1f4eb828ee8255143143385c4662aab967c007a89954903c8a7c27f_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:d29d106e6c0f6a3ae971903a16cf4a564950bcf5336219eb6665cae98b824d33_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:5a2db37676e0f0b05fe2a8c5f82bb489ff3c8dd80f94b9fb3540488ab39ff6ca_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:bab28cfa3596192875dbf305a4ed7432db0ebebec604053d30895931818740cd_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-12816"
},
{
"category": "external",
"summary": "RHBZ#2417097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-12816",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12816"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-12816",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12816"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge",
"url": "https://github.com/digitalbazaar/forge"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/pull/1124",
"url": "https://github.com/digitalbazaar/forge/pull/1124"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5gfm-wpxj-wjgq",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5gfm-wpxj-wjgq"
},
{
"category": "external",
"summary": "https://kb.cert.org/vuls/id/521113",
"url": "https://kb.cert.org/vuls/id/521113"
},
{
"category": "external",
"summary": "https://www.npmjs.com/package/node-forge",
"url": "https://www.npmjs.com/package/node-forge"
}
],
"release_date": "2025-11-25T19:15:50.243000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-12T22:43:13+00:00",
"details": "For Red Hat OpenShift AI 2.25.2 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4333242b1f6f25f8656bd612870d02868f3724d80cf542c8d78ada49a8ad9cb2_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4519eccf48b1f2393bab39980fadde7e398cfff1933b78e9565029f95296ff05_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:a15b54532e9e06d91abce8fd7becf2aa3bfbce56f231036e25e9ffed15760f74_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:ce1e29736422aa55f1a3837fc38a365fbc1096d58b6794cca84ff907da273917_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:331f8435e1bd3dec98947a24346873d09056e37e2d7ed83a463098dbf9f31a47_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:5e83e352d083892699338da3fa4c9b8218561e7167b4dff102d22e401cbc7f75_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:86ca44b014be65651b83a49a38c0784dee640b491b935e3ed5f3d49d84d55362_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f9ee33c1c4d7f2a872861c9ad1dbb78ba8fed3ab562ae90f12f06a892147e367_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2695"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:2c98b3b933276dbcead1fde142bfcd3f130d89e6812c6b433da7eed650ae2dbc_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:53c79641084ebe6c98274b31e34cc1a759b1443b96cf7dc45317008a30b1fc8d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4333242b1f6f25f8656bd612870d02868f3724d80cf542c8d78ada49a8ad9cb2_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4519eccf48b1f2393bab39980fadde7e398cfff1933b78e9565029f95296ff05_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:a15b54532e9e06d91abce8fd7becf2aa3bfbce56f231036e25e9ffed15760f74_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:ce1e29736422aa55f1a3837fc38a365fbc1096d58b6794cca84ff907da273917_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:42f631d436d62d7399ca3ef8fd89a334c7839823c8e6ffafe2cdd32ee36493bb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:56615395c62e26f3ef9bd267c0d5245331b8c67508df4bd8bbc83d72c4ef3b99_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:84a87320bee17439c05d2c6a1edf3b7e83b2f7ebfdd850399d12635e58da4d55_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:04a821296c01da5155ab36d9381b962866c26e9c7516f321ffe440b7fa13b4c5_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:33aaad4cc22d1e2998e4710cc644f4032bec8f140e5236fdc83d520a869626ef_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:d2cb739f949dc4ec9617bb9470a8482a8011077043e06e735ab0c9d7d1cac381_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:12d3d74ffbd7eb3a4817952835ab9bf5b89edf4fc9af661a28ec009f3251a519_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:1fb43684436f6b55152aab553177df048d5bb267c5efbc61f0f27cdbb0848957_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:c51fe06b557fa20d78af7b12cf6c6ddc3227f44f3957a52f3037c25700cfadb2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:1e1d5fad0aecf93b79b21112360aa0c308654c5b5df829cd3144488f8e217af4_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:72f613c382aac012e2e79e800df50c210f41693cc2aaa5b99cb28ab38f1966c8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7f027d05df255e62828ab28d5f188655fc125bc4ead872c7a33cedaf47b12f8c_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:cf586b7cb58dff92e7f31b8b9ebe5c971e55c67b8ba2c3320d2b71183c88fc7c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:2df297674884e6ac297bae685f80741489ddf1e1d0ae1d5ec354917dff1acdda_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:7af31fef4a2269c2cf444420048ea644c9949714e9a63417fe6d7288abee457b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:3ca10a19a0706af65bb590403adad92114810bf0ac64a89d6ac1d862e4cec671_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:56a321957afd15d357c8b53fc50299c0811981e8b925e64858dc7c4cfcea1993_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:633bfd24f1396c150b5902407879e7b26e7681074772fbbfeccc4d48cbe77b19_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:ff09ee957797fa15208f9130e246ae006c385cc799573a71d31aff9ddf0e805d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:1d258fe98c2477e4256a9b936f412f2501fb7ca9e3b810347f9712e0d5ce5c92_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:e8ccea3bfafbde4d5b91cc7b7732b2b64d6aa08499b5ca63b4d8f1e980291351_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:5bd1065dca1978c49c0143e2be4e921465c6a67fa786ab2a9254f0790259096e_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:8b34aaf5a7729ef1ccd01f2b1b1e3439b304343f3403de67f68255015206fbf4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:ade80e2ecb6fa56c20539e11677c29e57a1e20b5ce60f8414fd8ff3e83c9bc28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:3439c67a60c8323eb88f0181e8f811e5bdd7b51169f8b8cc687ab2148d1bfabe_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:820fd80dbce2d9d9cdf38989ce84ee5601e862786a732ad108fc319e28131944_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:d9a6959a71074ffc5ec0fa324af389fbd8277efbd22a827cef8a439b18cd2bcf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:8e9dbdc213745aa0990f47e50b1d899ac2121951b9346420131d76cc393a493a_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:95ca9b1ecee8f11d6edabd7af76f60d2987df91d11fd0fb4c6578df735717422_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:f01860f904557f887d8aafe42143c63352d6cb496dc727c265f14e3c2d296e06_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:1c76d957c8588ea2987d4b551bbefc2ef07c546cbaeb3148caff06f640b35ade_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:68e9797f37f8e4de817ee4e1cba7d583b541db2373c5d250ccc3344820720b85_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:7f362050312693129d3a15b6eed4fa06576d6529a99bc864f273c55145ae14ec_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:114fd9b55f5ea28a16c3fe2eef773a4cb4693c1885ef6193399cfea278191acb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:6490c1848b373efe6c327f8959e06b66b1ac3fe0f90fa697f7309d9f48c66765_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:816d8f81196bb0acfe5bbc792f9768916724bdecea3671172412eeb6948c4ff7_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:1e66abc3373c50b5ef69b0c63bf877a978e3aa0a368630973cf0a2be7374becf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:9c061b939c8094f4939cd183da381ad8e49d878cc2fdd373b8d26eecae07ab6d_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f0511f3768e51b6801b66c91b302010e6197facb71a0b7777c4d3ad3039b6c88_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:3e70ae3e8b5f776ad3e2a184a1f2f572de5c46386f34edb99e2b9d1d9249ae41_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:5924a7e64d6031aa926f9ecb9ee3be30d8251c4705813a9bef6716d18b7411b4_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:f441a07265d87fb59ee375723e98fbc9af5f3fd5a2c09761692b0e271205f0bb_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:af7bbec8e30b0e0d8393fe1e2bd656d7630b7c9828536be6664fa848fac61505_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:cf4e879101bc4e3666649dda0926de8bbd95e641dc6832c29dc457128256eb6c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:331f8435e1bd3dec98947a24346873d09056e37e2d7ed83a463098dbf9f31a47_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:5e83e352d083892699338da3fa4c9b8218561e7167b4dff102d22e401cbc7f75_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:86ca44b014be65651b83a49a38c0784dee640b491b935e3ed5f3d49d84d55362_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f9ee33c1c4d7f2a872861c9ad1dbb78ba8fed3ab562ae90f12f06a892147e367_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:0ea603487b204f43ebddb1514500cdeaa02a0b763a627e4e10979deec60b7d28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:29ff94de29714044377d060db9ad47f151afec858c8fc127c94ff04adbb984b7_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:2b6c00ee23df974d22c185b592ef4d7babbb76bcadc129a04c869f9983630103_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:e7c4da685e08c79d5b49e9f12ff5efa7cc7d9e26a03c91ab19f86c99e9f4ac23_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:25077a998c7b6ec7e8122026f2152419a0efe293a00899bb745a66a57f913848_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:5178d3800d74d84a6282a7ddc888eea9b81d62c8a385ad57bb742fa28fb0f575_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:9070f6741e667a4a145ede8dc67d4f7545944ef5fe4937fdcb1a08e9f537e068_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:a7efdef6ef06af0aa97de86ebd0c0ccfc316719195289dfa835261da53b06589_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2dd15cd61e1e5d98791a68bb513572b82ce5d799dd3fa864d43a8134536b19ff_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:37938821d832d7b957aa6f9b4a468c0eed785625c2bb8257726b4dc094bab9bd_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:e94a31493c7207846ab5d13387311e9a6d99ffa7885d1b8faa8602750059c2a3_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:eb0500f30373c5bcf3e10e27b081f97e5ce8b29a71dde9ff9b7e1066fd5dd80e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:22c745e5d04f7a0d9b188bf6657b1de053c61d99d813f11f6819550ef2a96732_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:49495dd44b7956a5e1bed226a896be649a07cd1b1f915de31d39041a77f6cdb5_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:741b836350d9ec48109468382c81066f401ebb4712ca414d44e3042894111419_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:9cf7f5bdebf6b53fce9cfed4fe530c380f36bb1d60120b53c06043371863d4e6_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:3dd54b885e3d63e5882284bf4878aa723c1fef6833601ed5d5a091b6b74c68d1_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:83f773633a864b707c7e371bd554f79622b999a1ecef4b1cd368e0dd72b7a9ad_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:4a356900b1daca75092b8eac5c1d16f38703941caebba5ddec48120e854bd7e9_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:a26699523e44b43a0f237ee664b3574cbea8d11576bd4bc884c3766c0effb8df_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:1a85e42e32534b58410c519b4d8f7d84fe6ff96567612f18f4bd558fa3c895a6_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef72689e332c4e224a80603ffbcc1603cdf8fe4230b9fd60e7713f0b5c2d5045_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:1c15c95b65bfbcc620d4d429431eabca8f4714d32a38aa68cb15c549e1a6ce4c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:659acd52802b6f2300c223bcde827f1d9b80ac9a93fdb6f574fcb5a08b92607c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:6f44d3b3973c34677d347a67841dbfabd23817de1b5c26967f1b9952c27b48c8_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:b84eb1329e837895ca50d3284553e195918fefc71bdb9dc2550a90b2d927b6eb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:84739168d6ea2813c5b9666773166649a6b328a279dac80b61c51311a6a2943a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-operator-bundle@sha256:74968eea50e067a335e830cfde6d8bf3cd130a9eba77ce918e25e252b7c1541e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:53a8389250e59e7c9f5a9a61914cac361946b256132649bd45f775c8f36b486a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:890b0e4467cdfd68985af367a6d015ff7e92a2b6a1f46e2c2bf233c3d621f1a8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:9f667eb88f5b085ec40b8b06e5f42cf6a0ced0913d7d2b0402cd0472eb4b428c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:eedab7e6fd4adb2bd697e8cbcbd6703291d9fe5d2a3a048e8c34d9529586c93a_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:12ac94419811458fb309d417091e279d485c4a665899d3a7d3157b8b32c1b03d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:4318d360c3a968ee79ef68979105ee5ffb93137757a3b4a6c42c15e6cf6b11ba_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:ba6188d3d284f030f90e117c87501a8d08c4b356383429ad39806472113aa41b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:05c7ffbd4dfa1f6ef760ed86f142d84d4c42583fa0b747eedc234763bef74ebb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:883f4ae255413c1409d3fb607f91fdf13badf534c5e8f78d9905c8da69cdeeed_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:b7f375f2f1f4eb828ee8255143143385c4662aab967c007a89954903c8a7c27f_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:d29d106e6c0f6a3ae971903a16cf4a564950bcf5336219eb6665cae98b824d33_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:5a2db37676e0f0b05fe2a8c5f82bb489ff3c8dd80f94b9fb3540488ab39ff6ca_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:bab28cfa3596192875dbf305a4ed7432db0ebebec604053d30895931818740cd_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:2c98b3b933276dbcead1fde142bfcd3f130d89e6812c6b433da7eed650ae2dbc_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:53c79641084ebe6c98274b31e34cc1a759b1443b96cf7dc45317008a30b1fc8d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4333242b1f6f25f8656bd612870d02868f3724d80cf542c8d78ada49a8ad9cb2_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4519eccf48b1f2393bab39980fadde7e398cfff1933b78e9565029f95296ff05_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:a15b54532e9e06d91abce8fd7becf2aa3bfbce56f231036e25e9ffed15760f74_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:ce1e29736422aa55f1a3837fc38a365fbc1096d58b6794cca84ff907da273917_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:42f631d436d62d7399ca3ef8fd89a334c7839823c8e6ffafe2cdd32ee36493bb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:56615395c62e26f3ef9bd267c0d5245331b8c67508df4bd8bbc83d72c4ef3b99_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:84a87320bee17439c05d2c6a1edf3b7e83b2f7ebfdd850399d12635e58da4d55_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:04a821296c01da5155ab36d9381b962866c26e9c7516f321ffe440b7fa13b4c5_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:33aaad4cc22d1e2998e4710cc644f4032bec8f140e5236fdc83d520a869626ef_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:d2cb739f949dc4ec9617bb9470a8482a8011077043e06e735ab0c9d7d1cac381_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:12d3d74ffbd7eb3a4817952835ab9bf5b89edf4fc9af661a28ec009f3251a519_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:1fb43684436f6b55152aab553177df048d5bb267c5efbc61f0f27cdbb0848957_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:c51fe06b557fa20d78af7b12cf6c6ddc3227f44f3957a52f3037c25700cfadb2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:1e1d5fad0aecf93b79b21112360aa0c308654c5b5df829cd3144488f8e217af4_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:72f613c382aac012e2e79e800df50c210f41693cc2aaa5b99cb28ab38f1966c8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7f027d05df255e62828ab28d5f188655fc125bc4ead872c7a33cedaf47b12f8c_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:cf586b7cb58dff92e7f31b8b9ebe5c971e55c67b8ba2c3320d2b71183c88fc7c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:2df297674884e6ac297bae685f80741489ddf1e1d0ae1d5ec354917dff1acdda_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:7af31fef4a2269c2cf444420048ea644c9949714e9a63417fe6d7288abee457b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:3ca10a19a0706af65bb590403adad92114810bf0ac64a89d6ac1d862e4cec671_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:56a321957afd15d357c8b53fc50299c0811981e8b925e64858dc7c4cfcea1993_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:633bfd24f1396c150b5902407879e7b26e7681074772fbbfeccc4d48cbe77b19_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:ff09ee957797fa15208f9130e246ae006c385cc799573a71d31aff9ddf0e805d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:1d258fe98c2477e4256a9b936f412f2501fb7ca9e3b810347f9712e0d5ce5c92_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:e8ccea3bfafbde4d5b91cc7b7732b2b64d6aa08499b5ca63b4d8f1e980291351_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:5bd1065dca1978c49c0143e2be4e921465c6a67fa786ab2a9254f0790259096e_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:8b34aaf5a7729ef1ccd01f2b1b1e3439b304343f3403de67f68255015206fbf4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:ade80e2ecb6fa56c20539e11677c29e57a1e20b5ce60f8414fd8ff3e83c9bc28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:3439c67a60c8323eb88f0181e8f811e5bdd7b51169f8b8cc687ab2148d1bfabe_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:820fd80dbce2d9d9cdf38989ce84ee5601e862786a732ad108fc319e28131944_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:d9a6959a71074ffc5ec0fa324af389fbd8277efbd22a827cef8a439b18cd2bcf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:8e9dbdc213745aa0990f47e50b1d899ac2121951b9346420131d76cc393a493a_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:95ca9b1ecee8f11d6edabd7af76f60d2987df91d11fd0fb4c6578df735717422_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:f01860f904557f887d8aafe42143c63352d6cb496dc727c265f14e3c2d296e06_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:1c76d957c8588ea2987d4b551bbefc2ef07c546cbaeb3148caff06f640b35ade_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:68e9797f37f8e4de817ee4e1cba7d583b541db2373c5d250ccc3344820720b85_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:7f362050312693129d3a15b6eed4fa06576d6529a99bc864f273c55145ae14ec_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:114fd9b55f5ea28a16c3fe2eef773a4cb4693c1885ef6193399cfea278191acb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:6490c1848b373efe6c327f8959e06b66b1ac3fe0f90fa697f7309d9f48c66765_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:816d8f81196bb0acfe5bbc792f9768916724bdecea3671172412eeb6948c4ff7_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:1e66abc3373c50b5ef69b0c63bf877a978e3aa0a368630973cf0a2be7374becf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:9c061b939c8094f4939cd183da381ad8e49d878cc2fdd373b8d26eecae07ab6d_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f0511f3768e51b6801b66c91b302010e6197facb71a0b7777c4d3ad3039b6c88_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:3e70ae3e8b5f776ad3e2a184a1f2f572de5c46386f34edb99e2b9d1d9249ae41_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:5924a7e64d6031aa926f9ecb9ee3be30d8251c4705813a9bef6716d18b7411b4_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:f441a07265d87fb59ee375723e98fbc9af5f3fd5a2c09761692b0e271205f0bb_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:af7bbec8e30b0e0d8393fe1e2bd656d7630b7c9828536be6664fa848fac61505_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:cf4e879101bc4e3666649dda0926de8bbd95e641dc6832c29dc457128256eb6c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:331f8435e1bd3dec98947a24346873d09056e37e2d7ed83a463098dbf9f31a47_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:5e83e352d083892699338da3fa4c9b8218561e7167b4dff102d22e401cbc7f75_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:86ca44b014be65651b83a49a38c0784dee640b491b935e3ed5f3d49d84d55362_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f9ee33c1c4d7f2a872861c9ad1dbb78ba8fed3ab562ae90f12f06a892147e367_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:0ea603487b204f43ebddb1514500cdeaa02a0b763a627e4e10979deec60b7d28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:29ff94de29714044377d060db9ad47f151afec858c8fc127c94ff04adbb984b7_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:2b6c00ee23df974d22c185b592ef4d7babbb76bcadc129a04c869f9983630103_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:e7c4da685e08c79d5b49e9f12ff5efa7cc7d9e26a03c91ab19f86c99e9f4ac23_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:25077a998c7b6ec7e8122026f2152419a0efe293a00899bb745a66a57f913848_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:5178d3800d74d84a6282a7ddc888eea9b81d62c8a385ad57bb742fa28fb0f575_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:9070f6741e667a4a145ede8dc67d4f7545944ef5fe4937fdcb1a08e9f537e068_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:a7efdef6ef06af0aa97de86ebd0c0ccfc316719195289dfa835261da53b06589_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2dd15cd61e1e5d98791a68bb513572b82ce5d799dd3fa864d43a8134536b19ff_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:37938821d832d7b957aa6f9b4a468c0eed785625c2bb8257726b4dc094bab9bd_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:e94a31493c7207846ab5d13387311e9a6d99ffa7885d1b8faa8602750059c2a3_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:eb0500f30373c5bcf3e10e27b081f97e5ce8b29a71dde9ff9b7e1066fd5dd80e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:22c745e5d04f7a0d9b188bf6657b1de053c61d99d813f11f6819550ef2a96732_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:49495dd44b7956a5e1bed226a896be649a07cd1b1f915de31d39041a77f6cdb5_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:741b836350d9ec48109468382c81066f401ebb4712ca414d44e3042894111419_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:9cf7f5bdebf6b53fce9cfed4fe530c380f36bb1d60120b53c06043371863d4e6_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:3dd54b885e3d63e5882284bf4878aa723c1fef6833601ed5d5a091b6b74c68d1_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:83f773633a864b707c7e371bd554f79622b999a1ecef4b1cd368e0dd72b7a9ad_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:4a356900b1daca75092b8eac5c1d16f38703941caebba5ddec48120e854bd7e9_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:a26699523e44b43a0f237ee664b3574cbea8d11576bd4bc884c3766c0effb8df_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:1a85e42e32534b58410c519b4d8f7d84fe6ff96567612f18f4bd558fa3c895a6_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef72689e332c4e224a80603ffbcc1603cdf8fe4230b9fd60e7713f0b5c2d5045_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:1c15c95b65bfbcc620d4d429431eabca8f4714d32a38aa68cb15c549e1a6ce4c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:659acd52802b6f2300c223bcde827f1d9b80ac9a93fdb6f574fcb5a08b92607c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:6f44d3b3973c34677d347a67841dbfabd23817de1b5c26967f1b9952c27b48c8_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:b84eb1329e837895ca50d3284553e195918fefc71bdb9dc2550a90b2d927b6eb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:84739168d6ea2813c5b9666773166649a6b328a279dac80b61c51311a6a2943a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-operator-bundle@sha256:74968eea50e067a335e830cfde6d8bf3cd130a9eba77ce918e25e252b7c1541e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:53a8389250e59e7c9f5a9a61914cac361946b256132649bd45f775c8f36b486a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:890b0e4467cdfd68985af367a6d015ff7e92a2b6a1f46e2c2bf233c3d621f1a8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:9f667eb88f5b085ec40b8b06e5f42cf6a0ced0913d7d2b0402cd0472eb4b428c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:eedab7e6fd4adb2bd697e8cbcbd6703291d9fe5d2a3a048e8c34d9529586c93a_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:12ac94419811458fb309d417091e279d485c4a665899d3a7d3157b8b32c1b03d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:4318d360c3a968ee79ef68979105ee5ffb93137757a3b4a6c42c15e6cf6b11ba_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:ba6188d3d284f030f90e117c87501a8d08c4b356383429ad39806472113aa41b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:05c7ffbd4dfa1f6ef760ed86f142d84d4c42583fa0b747eedc234763bef74ebb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:883f4ae255413c1409d3fb607f91fdf13badf534c5e8f78d9905c8da69cdeeed_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:b7f375f2f1f4eb828ee8255143143385c4662aab967c007a89954903c8a7c27f_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:d29d106e6c0f6a3ae971903a16cf4a564950bcf5336219eb6665cae98b824d33_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:5a2db37676e0f0b05fe2a8c5f82bb489ff3c8dd80f94b9fb3540488ab39ff6ca_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:bab28cfa3596192875dbf305a4ed7432db0ebebec604053d30895931818740cd_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "node-forge: node-forge: Interpretation conflict vulnerability allows bypassing cryptographic verifications"
},
{
"cve": "CVE-2025-14925",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2025-12-23T22:03:38.271814+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:2c98b3b933276dbcead1fde142bfcd3f130d89e6812c6b433da7eed650ae2dbc_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:53c79641084ebe6c98274b31e34cc1a759b1443b96cf7dc45317008a30b1fc8d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4333242b1f6f25f8656bd612870d02868f3724d80cf542c8d78ada49a8ad9cb2_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4519eccf48b1f2393bab39980fadde7e398cfff1933b78e9565029f95296ff05_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:a15b54532e9e06d91abce8fd7becf2aa3bfbce56f231036e25e9ffed15760f74_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:ce1e29736422aa55f1a3837fc38a365fbc1096d58b6794cca84ff907da273917_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:42f631d436d62d7399ca3ef8fd89a334c7839823c8e6ffafe2cdd32ee36493bb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:56615395c62e26f3ef9bd267c0d5245331b8c67508df4bd8bbc83d72c4ef3b99_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:84a87320bee17439c05d2c6a1edf3b7e83b2f7ebfdd850399d12635e58da4d55_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:04a821296c01da5155ab36d9381b962866c26e9c7516f321ffe440b7fa13b4c5_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:33aaad4cc22d1e2998e4710cc644f4032bec8f140e5236fdc83d520a869626ef_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:d2cb739f949dc4ec9617bb9470a8482a8011077043e06e735ab0c9d7d1cac381_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:12d3d74ffbd7eb3a4817952835ab9bf5b89edf4fc9af661a28ec009f3251a519_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:1fb43684436f6b55152aab553177df048d5bb267c5efbc61f0f27cdbb0848957_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:c51fe06b557fa20d78af7b12cf6c6ddc3227f44f3957a52f3037c25700cfadb2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:1e1d5fad0aecf93b79b21112360aa0c308654c5b5df829cd3144488f8e217af4_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:72f613c382aac012e2e79e800df50c210f41693cc2aaa5b99cb28ab38f1966c8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7f027d05df255e62828ab28d5f188655fc125bc4ead872c7a33cedaf47b12f8c_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:cf586b7cb58dff92e7f31b8b9ebe5c971e55c67b8ba2c3320d2b71183c88fc7c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:2df297674884e6ac297bae685f80741489ddf1e1d0ae1d5ec354917dff1acdda_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:7af31fef4a2269c2cf444420048ea644c9949714e9a63417fe6d7288abee457b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:3ca10a19a0706af65bb590403adad92114810bf0ac64a89d6ac1d862e4cec671_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:56a321957afd15d357c8b53fc50299c0811981e8b925e64858dc7c4cfcea1993_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:633bfd24f1396c150b5902407879e7b26e7681074772fbbfeccc4d48cbe77b19_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:ff09ee957797fa15208f9130e246ae006c385cc799573a71d31aff9ddf0e805d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:1d258fe98c2477e4256a9b936f412f2501fb7ca9e3b810347f9712e0d5ce5c92_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:e8ccea3bfafbde4d5b91cc7b7732b2b64d6aa08499b5ca63b4d8f1e980291351_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:5bd1065dca1978c49c0143e2be4e921465c6a67fa786ab2a9254f0790259096e_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:8b34aaf5a7729ef1ccd01f2b1b1e3439b304343f3403de67f68255015206fbf4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:ade80e2ecb6fa56c20539e11677c29e57a1e20b5ce60f8414fd8ff3e83c9bc28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:3439c67a60c8323eb88f0181e8f811e5bdd7b51169f8b8cc687ab2148d1bfabe_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:820fd80dbce2d9d9cdf38989ce84ee5601e862786a732ad108fc319e28131944_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:d9a6959a71074ffc5ec0fa324af389fbd8277efbd22a827cef8a439b18cd2bcf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:8e9dbdc213745aa0990f47e50b1d899ac2121951b9346420131d76cc393a493a_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:95ca9b1ecee8f11d6edabd7af76f60d2987df91d11fd0fb4c6578df735717422_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:f01860f904557f887d8aafe42143c63352d6cb496dc727c265f14e3c2d296e06_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:1c76d957c8588ea2987d4b551bbefc2ef07c546cbaeb3148caff06f640b35ade_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:68e9797f37f8e4de817ee4e1cba7d583b541db2373c5d250ccc3344820720b85_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:7f362050312693129d3a15b6eed4fa06576d6529a99bc864f273c55145ae14ec_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:114fd9b55f5ea28a16c3fe2eef773a4cb4693c1885ef6193399cfea278191acb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:6490c1848b373efe6c327f8959e06b66b1ac3fe0f90fa697f7309d9f48c66765_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:816d8f81196bb0acfe5bbc792f9768916724bdecea3671172412eeb6948c4ff7_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:1e66abc3373c50b5ef69b0c63bf877a978e3aa0a368630973cf0a2be7374becf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:9c061b939c8094f4939cd183da381ad8e49d878cc2fdd373b8d26eecae07ab6d_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f0511f3768e51b6801b66c91b302010e6197facb71a0b7777c4d3ad3039b6c88_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:3e70ae3e8b5f776ad3e2a184a1f2f572de5c46386f34edb99e2b9d1d9249ae41_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:5924a7e64d6031aa926f9ecb9ee3be30d8251c4705813a9bef6716d18b7411b4_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:f441a07265d87fb59ee375723e98fbc9af5f3fd5a2c09761692b0e271205f0bb_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:af7bbec8e30b0e0d8393fe1e2bd656d7630b7c9828536be6664fa848fac61505_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:cf4e879101bc4e3666649dda0926de8bbd95e641dc6832c29dc457128256eb6c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:331f8435e1bd3dec98947a24346873d09056e37e2d7ed83a463098dbf9f31a47_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:5e83e352d083892699338da3fa4c9b8218561e7167b4dff102d22e401cbc7f75_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:86ca44b014be65651b83a49a38c0784dee640b491b935e3ed5f3d49d84d55362_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f9ee33c1c4d7f2a872861c9ad1dbb78ba8fed3ab562ae90f12f06a892147e367_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:0ea603487b204f43ebddb1514500cdeaa02a0b763a627e4e10979deec60b7d28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:29ff94de29714044377d060db9ad47f151afec858c8fc127c94ff04adbb984b7_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:2b6c00ee23df974d22c185b592ef4d7babbb76bcadc129a04c869f9983630103_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:e7c4da685e08c79d5b49e9f12ff5efa7cc7d9e26a03c91ab19f86c99e9f4ac23_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:25077a998c7b6ec7e8122026f2152419a0efe293a00899bb745a66a57f913848_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:5178d3800d74d84a6282a7ddc888eea9b81d62c8a385ad57bb742fa28fb0f575_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:9070f6741e667a4a145ede8dc67d4f7545944ef5fe4937fdcb1a08e9f537e068_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:a7efdef6ef06af0aa97de86ebd0c0ccfc316719195289dfa835261da53b06589_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2dd15cd61e1e5d98791a68bb513572b82ce5d799dd3fa864d43a8134536b19ff_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:37938821d832d7b957aa6f9b4a468c0eed785625c2bb8257726b4dc094bab9bd_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:e94a31493c7207846ab5d13387311e9a6d99ffa7885d1b8faa8602750059c2a3_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:eb0500f30373c5bcf3e10e27b081f97e5ce8b29a71dde9ff9b7e1066fd5dd80e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:22c745e5d04f7a0d9b188bf6657b1de053c61d99d813f11f6819550ef2a96732_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:49495dd44b7956a5e1bed226a896be649a07cd1b1f915de31d39041a77f6cdb5_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:741b836350d9ec48109468382c81066f401ebb4712ca414d44e3042894111419_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:9cf7f5bdebf6b53fce9cfed4fe530c380f36bb1d60120b53c06043371863d4e6_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:3dd54b885e3d63e5882284bf4878aa723c1fef6833601ed5d5a091b6b74c68d1_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:83f773633a864b707c7e371bd554f79622b999a1ecef4b1cd368e0dd72b7a9ad_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:4a356900b1daca75092b8eac5c1d16f38703941caebba5ddec48120e854bd7e9_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:a26699523e44b43a0f237ee664b3574cbea8d11576bd4bc884c3766c0effb8df_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:1a85e42e32534b58410c519b4d8f7d84fe6ff96567612f18f4bd558fa3c895a6_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef72689e332c4e224a80603ffbcc1603cdf8fe4230b9fd60e7713f0b5c2d5045_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:1c15c95b65bfbcc620d4d429431eabca8f4714d32a38aa68cb15c549e1a6ce4c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:659acd52802b6f2300c223bcde827f1d9b80ac9a93fdb6f574fcb5a08b92607c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:6f44d3b3973c34677d347a67841dbfabd23817de1b5c26967f1b9952c27b48c8_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:b84eb1329e837895ca50d3284553e195918fefc71bdb9dc2550a90b2d927b6eb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-operator-bundle@sha256:74968eea50e067a335e830cfde6d8bf3cd130a9eba77ce918e25e252b7c1541e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:53a8389250e59e7c9f5a9a61914cac361946b256132649bd45f775c8f36b486a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:890b0e4467cdfd68985af367a6d015ff7e92a2b6a1f46e2c2bf233c3d621f1a8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:9f667eb88f5b085ec40b8b06e5f42cf6a0ced0913d7d2b0402cd0472eb4b428c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:eedab7e6fd4adb2bd697e8cbcbd6703291d9fe5d2a3a048e8c34d9529586c93a_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:12ac94419811458fb309d417091e279d485c4a665899d3a7d3157b8b32c1b03d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:4318d360c3a968ee79ef68979105ee5ffb93137757a3b4a6c42c15e6cf6b11ba_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:ba6188d3d284f030f90e117c87501a8d08c4b356383429ad39806472113aa41b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:05c7ffbd4dfa1f6ef760ed86f142d84d4c42583fa0b747eedc234763bef74ebb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:883f4ae255413c1409d3fb607f91fdf13badf534c5e8f78d9905c8da69cdeeed_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:b7f375f2f1f4eb828ee8255143143385c4662aab967c007a89954903c8a7c27f_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:d29d106e6c0f6a3ae971903a16cf4a564950bcf5336219eb6665cae98b824d33_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:5a2db37676e0f0b05fe2a8c5f82bb489ff3c8dd80f94b9fb3540488ab39ff6ca_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:bab28cfa3596192875dbf305a4ed7432db0ebebec604053d30895931818740cd_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2424745"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Hugging Face Accelerate. A remote attacker can achieve arbitrary code execution by exploiting a deserialization of untrusted data vulnerability. This occurs when the target visits a malicious page or opens a malicious file, leading to improper validation of user-supplied data during the parsing of checkpoints. Successful exploitation allows the attacker to execute code in the context of the current process.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "accelerate: Hugging Face Accelerate: Remote Code Execution via Deserialization of Untrusted Data",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products as it allows remote code execution via deserialization of untrusted data in Hugging Face Accelerate. Exploitation requires user interaction, where a target must open a specially crafted malicious file or visit a malicious page. This flaw affects components within Red Hat AI Inference Server, OpenShift Lightspeed, Red Hat Enterprise Linux AI, and Red Hat OpenShift AI.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:84739168d6ea2813c5b9666773166649a6b328a279dac80b61c51311a6a2943a_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:2c98b3b933276dbcead1fde142bfcd3f130d89e6812c6b433da7eed650ae2dbc_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:53c79641084ebe6c98274b31e34cc1a759b1443b96cf7dc45317008a30b1fc8d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4333242b1f6f25f8656bd612870d02868f3724d80cf542c8d78ada49a8ad9cb2_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4519eccf48b1f2393bab39980fadde7e398cfff1933b78e9565029f95296ff05_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:a15b54532e9e06d91abce8fd7becf2aa3bfbce56f231036e25e9ffed15760f74_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:ce1e29736422aa55f1a3837fc38a365fbc1096d58b6794cca84ff907da273917_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:42f631d436d62d7399ca3ef8fd89a334c7839823c8e6ffafe2cdd32ee36493bb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:56615395c62e26f3ef9bd267c0d5245331b8c67508df4bd8bbc83d72c4ef3b99_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:84a87320bee17439c05d2c6a1edf3b7e83b2f7ebfdd850399d12635e58da4d55_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:04a821296c01da5155ab36d9381b962866c26e9c7516f321ffe440b7fa13b4c5_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:33aaad4cc22d1e2998e4710cc644f4032bec8f140e5236fdc83d520a869626ef_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:d2cb739f949dc4ec9617bb9470a8482a8011077043e06e735ab0c9d7d1cac381_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:12d3d74ffbd7eb3a4817952835ab9bf5b89edf4fc9af661a28ec009f3251a519_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:1fb43684436f6b55152aab553177df048d5bb267c5efbc61f0f27cdbb0848957_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:c51fe06b557fa20d78af7b12cf6c6ddc3227f44f3957a52f3037c25700cfadb2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:1e1d5fad0aecf93b79b21112360aa0c308654c5b5df829cd3144488f8e217af4_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:72f613c382aac012e2e79e800df50c210f41693cc2aaa5b99cb28ab38f1966c8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7f027d05df255e62828ab28d5f188655fc125bc4ead872c7a33cedaf47b12f8c_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:cf586b7cb58dff92e7f31b8b9ebe5c971e55c67b8ba2c3320d2b71183c88fc7c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:2df297674884e6ac297bae685f80741489ddf1e1d0ae1d5ec354917dff1acdda_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:7af31fef4a2269c2cf444420048ea644c9949714e9a63417fe6d7288abee457b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:3ca10a19a0706af65bb590403adad92114810bf0ac64a89d6ac1d862e4cec671_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:56a321957afd15d357c8b53fc50299c0811981e8b925e64858dc7c4cfcea1993_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:633bfd24f1396c150b5902407879e7b26e7681074772fbbfeccc4d48cbe77b19_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:ff09ee957797fa15208f9130e246ae006c385cc799573a71d31aff9ddf0e805d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:1d258fe98c2477e4256a9b936f412f2501fb7ca9e3b810347f9712e0d5ce5c92_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:e8ccea3bfafbde4d5b91cc7b7732b2b64d6aa08499b5ca63b4d8f1e980291351_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:5bd1065dca1978c49c0143e2be4e921465c6a67fa786ab2a9254f0790259096e_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:8b34aaf5a7729ef1ccd01f2b1b1e3439b304343f3403de67f68255015206fbf4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:ade80e2ecb6fa56c20539e11677c29e57a1e20b5ce60f8414fd8ff3e83c9bc28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:3439c67a60c8323eb88f0181e8f811e5bdd7b51169f8b8cc687ab2148d1bfabe_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:820fd80dbce2d9d9cdf38989ce84ee5601e862786a732ad108fc319e28131944_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:d9a6959a71074ffc5ec0fa324af389fbd8277efbd22a827cef8a439b18cd2bcf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:8e9dbdc213745aa0990f47e50b1d899ac2121951b9346420131d76cc393a493a_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:95ca9b1ecee8f11d6edabd7af76f60d2987df91d11fd0fb4c6578df735717422_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:f01860f904557f887d8aafe42143c63352d6cb496dc727c265f14e3c2d296e06_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:1c76d957c8588ea2987d4b551bbefc2ef07c546cbaeb3148caff06f640b35ade_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:68e9797f37f8e4de817ee4e1cba7d583b541db2373c5d250ccc3344820720b85_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:7f362050312693129d3a15b6eed4fa06576d6529a99bc864f273c55145ae14ec_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:114fd9b55f5ea28a16c3fe2eef773a4cb4693c1885ef6193399cfea278191acb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:6490c1848b373efe6c327f8959e06b66b1ac3fe0f90fa697f7309d9f48c66765_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:816d8f81196bb0acfe5bbc792f9768916724bdecea3671172412eeb6948c4ff7_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:1e66abc3373c50b5ef69b0c63bf877a978e3aa0a368630973cf0a2be7374becf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:9c061b939c8094f4939cd183da381ad8e49d878cc2fdd373b8d26eecae07ab6d_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f0511f3768e51b6801b66c91b302010e6197facb71a0b7777c4d3ad3039b6c88_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:3e70ae3e8b5f776ad3e2a184a1f2f572de5c46386f34edb99e2b9d1d9249ae41_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:5924a7e64d6031aa926f9ecb9ee3be30d8251c4705813a9bef6716d18b7411b4_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:f441a07265d87fb59ee375723e98fbc9af5f3fd5a2c09761692b0e271205f0bb_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:af7bbec8e30b0e0d8393fe1e2bd656d7630b7c9828536be6664fa848fac61505_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:cf4e879101bc4e3666649dda0926de8bbd95e641dc6832c29dc457128256eb6c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:331f8435e1bd3dec98947a24346873d09056e37e2d7ed83a463098dbf9f31a47_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:5e83e352d083892699338da3fa4c9b8218561e7167b4dff102d22e401cbc7f75_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:86ca44b014be65651b83a49a38c0784dee640b491b935e3ed5f3d49d84d55362_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f9ee33c1c4d7f2a872861c9ad1dbb78ba8fed3ab562ae90f12f06a892147e367_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:0ea603487b204f43ebddb1514500cdeaa02a0b763a627e4e10979deec60b7d28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:29ff94de29714044377d060db9ad47f151afec858c8fc127c94ff04adbb984b7_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:2b6c00ee23df974d22c185b592ef4d7babbb76bcadc129a04c869f9983630103_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:e7c4da685e08c79d5b49e9f12ff5efa7cc7d9e26a03c91ab19f86c99e9f4ac23_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:25077a998c7b6ec7e8122026f2152419a0efe293a00899bb745a66a57f913848_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:5178d3800d74d84a6282a7ddc888eea9b81d62c8a385ad57bb742fa28fb0f575_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:9070f6741e667a4a145ede8dc67d4f7545944ef5fe4937fdcb1a08e9f537e068_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:a7efdef6ef06af0aa97de86ebd0c0ccfc316719195289dfa835261da53b06589_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2dd15cd61e1e5d98791a68bb513572b82ce5d799dd3fa864d43a8134536b19ff_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:37938821d832d7b957aa6f9b4a468c0eed785625c2bb8257726b4dc094bab9bd_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:e94a31493c7207846ab5d13387311e9a6d99ffa7885d1b8faa8602750059c2a3_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:eb0500f30373c5bcf3e10e27b081f97e5ce8b29a71dde9ff9b7e1066fd5dd80e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:22c745e5d04f7a0d9b188bf6657b1de053c61d99d813f11f6819550ef2a96732_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:49495dd44b7956a5e1bed226a896be649a07cd1b1f915de31d39041a77f6cdb5_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:741b836350d9ec48109468382c81066f401ebb4712ca414d44e3042894111419_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:9cf7f5bdebf6b53fce9cfed4fe530c380f36bb1d60120b53c06043371863d4e6_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:3dd54b885e3d63e5882284bf4878aa723c1fef6833601ed5d5a091b6b74c68d1_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:83f773633a864b707c7e371bd554f79622b999a1ecef4b1cd368e0dd72b7a9ad_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:4a356900b1daca75092b8eac5c1d16f38703941caebba5ddec48120e854bd7e9_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:a26699523e44b43a0f237ee664b3574cbea8d11576bd4bc884c3766c0effb8df_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:1a85e42e32534b58410c519b4d8f7d84fe6ff96567612f18f4bd558fa3c895a6_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef72689e332c4e224a80603ffbcc1603cdf8fe4230b9fd60e7713f0b5c2d5045_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:1c15c95b65bfbcc620d4d429431eabca8f4714d32a38aa68cb15c549e1a6ce4c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:659acd52802b6f2300c223bcde827f1d9b80ac9a93fdb6f574fcb5a08b92607c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:6f44d3b3973c34677d347a67841dbfabd23817de1b5c26967f1b9952c27b48c8_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:b84eb1329e837895ca50d3284553e195918fefc71bdb9dc2550a90b2d927b6eb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-operator-bundle@sha256:74968eea50e067a335e830cfde6d8bf3cd130a9eba77ce918e25e252b7c1541e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:53a8389250e59e7c9f5a9a61914cac361946b256132649bd45f775c8f36b486a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:890b0e4467cdfd68985af367a6d015ff7e92a2b6a1f46e2c2bf233c3d621f1a8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:9f667eb88f5b085ec40b8b06e5f42cf6a0ced0913d7d2b0402cd0472eb4b428c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:eedab7e6fd4adb2bd697e8cbcbd6703291d9fe5d2a3a048e8c34d9529586c93a_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:12ac94419811458fb309d417091e279d485c4a665899d3a7d3157b8b32c1b03d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:4318d360c3a968ee79ef68979105ee5ffb93137757a3b4a6c42c15e6cf6b11ba_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:ba6188d3d284f030f90e117c87501a8d08c4b356383429ad39806472113aa41b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:05c7ffbd4dfa1f6ef760ed86f142d84d4c42583fa0b747eedc234763bef74ebb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:883f4ae255413c1409d3fb607f91fdf13badf534c5e8f78d9905c8da69cdeeed_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:b7f375f2f1f4eb828ee8255143143385c4662aab967c007a89954903c8a7c27f_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:d29d106e6c0f6a3ae971903a16cf4a564950bcf5336219eb6665cae98b824d33_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:5a2db37676e0f0b05fe2a8c5f82bb489ff3c8dd80f94b9fb3540488ab39ff6ca_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:bab28cfa3596192875dbf305a4ed7432db0ebebec604053d30895931818740cd_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-14925"
},
{
"category": "external",
"summary": "RHBZ#2424745",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2424745"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-14925",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-14925"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-14925",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-14925"
},
{
"category": "external",
"summary": "https://www.zerodayinitiative.com/advisories/ZDI-25-1140/",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-1140/"
}
],
"release_date": "2025-12-23T21:05:07.497000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-12T22:43:13+00:00",
"details": "For Red Hat OpenShift AI 2.25.2 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:84739168d6ea2813c5b9666773166649a6b328a279dac80b61c51311a6a2943a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2695"
},
{
"category": "workaround",
"details": "To mitigate this issue, users should avoid processing untrusted checkpoint files or visiting untrusted web pages with applications utilizing Hugging Face Accelerate. Restricting the sources of input data for affected components can significantly reduce the attack surface. No service restart is required for this operational control.",
"product_ids": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:2c98b3b933276dbcead1fde142bfcd3f130d89e6812c6b433da7eed650ae2dbc_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:53c79641084ebe6c98274b31e34cc1a759b1443b96cf7dc45317008a30b1fc8d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4333242b1f6f25f8656bd612870d02868f3724d80cf542c8d78ada49a8ad9cb2_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4519eccf48b1f2393bab39980fadde7e398cfff1933b78e9565029f95296ff05_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:a15b54532e9e06d91abce8fd7becf2aa3bfbce56f231036e25e9ffed15760f74_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:ce1e29736422aa55f1a3837fc38a365fbc1096d58b6794cca84ff907da273917_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:42f631d436d62d7399ca3ef8fd89a334c7839823c8e6ffafe2cdd32ee36493bb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:56615395c62e26f3ef9bd267c0d5245331b8c67508df4bd8bbc83d72c4ef3b99_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:84a87320bee17439c05d2c6a1edf3b7e83b2f7ebfdd850399d12635e58da4d55_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:04a821296c01da5155ab36d9381b962866c26e9c7516f321ffe440b7fa13b4c5_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:33aaad4cc22d1e2998e4710cc644f4032bec8f140e5236fdc83d520a869626ef_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:d2cb739f949dc4ec9617bb9470a8482a8011077043e06e735ab0c9d7d1cac381_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:12d3d74ffbd7eb3a4817952835ab9bf5b89edf4fc9af661a28ec009f3251a519_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:1fb43684436f6b55152aab553177df048d5bb267c5efbc61f0f27cdbb0848957_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:c51fe06b557fa20d78af7b12cf6c6ddc3227f44f3957a52f3037c25700cfadb2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:1e1d5fad0aecf93b79b21112360aa0c308654c5b5df829cd3144488f8e217af4_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:72f613c382aac012e2e79e800df50c210f41693cc2aaa5b99cb28ab38f1966c8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7f027d05df255e62828ab28d5f188655fc125bc4ead872c7a33cedaf47b12f8c_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:cf586b7cb58dff92e7f31b8b9ebe5c971e55c67b8ba2c3320d2b71183c88fc7c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:2df297674884e6ac297bae685f80741489ddf1e1d0ae1d5ec354917dff1acdda_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:7af31fef4a2269c2cf444420048ea644c9949714e9a63417fe6d7288abee457b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:3ca10a19a0706af65bb590403adad92114810bf0ac64a89d6ac1d862e4cec671_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:56a321957afd15d357c8b53fc50299c0811981e8b925e64858dc7c4cfcea1993_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:633bfd24f1396c150b5902407879e7b26e7681074772fbbfeccc4d48cbe77b19_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:ff09ee957797fa15208f9130e246ae006c385cc799573a71d31aff9ddf0e805d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:1d258fe98c2477e4256a9b936f412f2501fb7ca9e3b810347f9712e0d5ce5c92_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:e8ccea3bfafbde4d5b91cc7b7732b2b64d6aa08499b5ca63b4d8f1e980291351_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:5bd1065dca1978c49c0143e2be4e921465c6a67fa786ab2a9254f0790259096e_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:8b34aaf5a7729ef1ccd01f2b1b1e3439b304343f3403de67f68255015206fbf4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:ade80e2ecb6fa56c20539e11677c29e57a1e20b5ce60f8414fd8ff3e83c9bc28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:3439c67a60c8323eb88f0181e8f811e5bdd7b51169f8b8cc687ab2148d1bfabe_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:820fd80dbce2d9d9cdf38989ce84ee5601e862786a732ad108fc319e28131944_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:d9a6959a71074ffc5ec0fa324af389fbd8277efbd22a827cef8a439b18cd2bcf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:8e9dbdc213745aa0990f47e50b1d899ac2121951b9346420131d76cc393a493a_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:95ca9b1ecee8f11d6edabd7af76f60d2987df91d11fd0fb4c6578df735717422_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:f01860f904557f887d8aafe42143c63352d6cb496dc727c265f14e3c2d296e06_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:1c76d957c8588ea2987d4b551bbefc2ef07c546cbaeb3148caff06f640b35ade_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:68e9797f37f8e4de817ee4e1cba7d583b541db2373c5d250ccc3344820720b85_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:7f362050312693129d3a15b6eed4fa06576d6529a99bc864f273c55145ae14ec_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:114fd9b55f5ea28a16c3fe2eef773a4cb4693c1885ef6193399cfea278191acb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:6490c1848b373efe6c327f8959e06b66b1ac3fe0f90fa697f7309d9f48c66765_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:816d8f81196bb0acfe5bbc792f9768916724bdecea3671172412eeb6948c4ff7_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:1e66abc3373c50b5ef69b0c63bf877a978e3aa0a368630973cf0a2be7374becf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:9c061b939c8094f4939cd183da381ad8e49d878cc2fdd373b8d26eecae07ab6d_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f0511f3768e51b6801b66c91b302010e6197facb71a0b7777c4d3ad3039b6c88_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:3e70ae3e8b5f776ad3e2a184a1f2f572de5c46386f34edb99e2b9d1d9249ae41_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:5924a7e64d6031aa926f9ecb9ee3be30d8251c4705813a9bef6716d18b7411b4_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:f441a07265d87fb59ee375723e98fbc9af5f3fd5a2c09761692b0e271205f0bb_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:af7bbec8e30b0e0d8393fe1e2bd656d7630b7c9828536be6664fa848fac61505_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:cf4e879101bc4e3666649dda0926de8bbd95e641dc6832c29dc457128256eb6c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:331f8435e1bd3dec98947a24346873d09056e37e2d7ed83a463098dbf9f31a47_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:5e83e352d083892699338da3fa4c9b8218561e7167b4dff102d22e401cbc7f75_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:86ca44b014be65651b83a49a38c0784dee640b491b935e3ed5f3d49d84d55362_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f9ee33c1c4d7f2a872861c9ad1dbb78ba8fed3ab562ae90f12f06a892147e367_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:0ea603487b204f43ebddb1514500cdeaa02a0b763a627e4e10979deec60b7d28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:29ff94de29714044377d060db9ad47f151afec858c8fc127c94ff04adbb984b7_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:2b6c00ee23df974d22c185b592ef4d7babbb76bcadc129a04c869f9983630103_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:e7c4da685e08c79d5b49e9f12ff5efa7cc7d9e26a03c91ab19f86c99e9f4ac23_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:25077a998c7b6ec7e8122026f2152419a0efe293a00899bb745a66a57f913848_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:5178d3800d74d84a6282a7ddc888eea9b81d62c8a385ad57bb742fa28fb0f575_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:9070f6741e667a4a145ede8dc67d4f7545944ef5fe4937fdcb1a08e9f537e068_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:a7efdef6ef06af0aa97de86ebd0c0ccfc316719195289dfa835261da53b06589_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2dd15cd61e1e5d98791a68bb513572b82ce5d799dd3fa864d43a8134536b19ff_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:37938821d832d7b957aa6f9b4a468c0eed785625c2bb8257726b4dc094bab9bd_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:e94a31493c7207846ab5d13387311e9a6d99ffa7885d1b8faa8602750059c2a3_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:eb0500f30373c5bcf3e10e27b081f97e5ce8b29a71dde9ff9b7e1066fd5dd80e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:22c745e5d04f7a0d9b188bf6657b1de053c61d99d813f11f6819550ef2a96732_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:49495dd44b7956a5e1bed226a896be649a07cd1b1f915de31d39041a77f6cdb5_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:741b836350d9ec48109468382c81066f401ebb4712ca414d44e3042894111419_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:9cf7f5bdebf6b53fce9cfed4fe530c380f36bb1d60120b53c06043371863d4e6_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:3dd54b885e3d63e5882284bf4878aa723c1fef6833601ed5d5a091b6b74c68d1_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:83f773633a864b707c7e371bd554f79622b999a1ecef4b1cd368e0dd72b7a9ad_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:4a356900b1daca75092b8eac5c1d16f38703941caebba5ddec48120e854bd7e9_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:a26699523e44b43a0f237ee664b3574cbea8d11576bd4bc884c3766c0effb8df_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:1a85e42e32534b58410c519b4d8f7d84fe6ff96567612f18f4bd558fa3c895a6_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef72689e332c4e224a80603ffbcc1603cdf8fe4230b9fd60e7713f0b5c2d5045_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:1c15c95b65bfbcc620d4d429431eabca8f4714d32a38aa68cb15c549e1a6ce4c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:659acd52802b6f2300c223bcde827f1d9b80ac9a93fdb6f574fcb5a08b92607c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:6f44d3b3973c34677d347a67841dbfabd23817de1b5c26967f1b9952c27b48c8_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:b84eb1329e837895ca50d3284553e195918fefc71bdb9dc2550a90b2d927b6eb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:84739168d6ea2813c5b9666773166649a6b328a279dac80b61c51311a6a2943a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-operator-bundle@sha256:74968eea50e067a335e830cfde6d8bf3cd130a9eba77ce918e25e252b7c1541e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:53a8389250e59e7c9f5a9a61914cac361946b256132649bd45f775c8f36b486a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:890b0e4467cdfd68985af367a6d015ff7e92a2b6a1f46e2c2bf233c3d621f1a8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:9f667eb88f5b085ec40b8b06e5f42cf6a0ced0913d7d2b0402cd0472eb4b428c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:eedab7e6fd4adb2bd697e8cbcbd6703291d9fe5d2a3a048e8c34d9529586c93a_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:12ac94419811458fb309d417091e279d485c4a665899d3a7d3157b8b32c1b03d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:4318d360c3a968ee79ef68979105ee5ffb93137757a3b4a6c42c15e6cf6b11ba_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:ba6188d3d284f030f90e117c87501a8d08c4b356383429ad39806472113aa41b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:05c7ffbd4dfa1f6ef760ed86f142d84d4c42583fa0b747eedc234763bef74ebb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:883f4ae255413c1409d3fb607f91fdf13badf534c5e8f78d9905c8da69cdeeed_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:b7f375f2f1f4eb828ee8255143143385c4662aab967c007a89954903c8a7c27f_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:d29d106e6c0f6a3ae971903a16cf4a564950bcf5336219eb6665cae98b824d33_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:5a2db37676e0f0b05fe2a8c5f82bb489ff3c8dd80f94b9fb3540488ab39ff6ca_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:bab28cfa3596192875dbf305a4ed7432db0ebebec604053d30895931818740cd_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:2c98b3b933276dbcead1fde142bfcd3f130d89e6812c6b433da7eed650ae2dbc_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:53c79641084ebe6c98274b31e34cc1a759b1443b96cf7dc45317008a30b1fc8d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4333242b1f6f25f8656bd612870d02868f3724d80cf542c8d78ada49a8ad9cb2_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4519eccf48b1f2393bab39980fadde7e398cfff1933b78e9565029f95296ff05_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:a15b54532e9e06d91abce8fd7becf2aa3bfbce56f231036e25e9ffed15760f74_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:ce1e29736422aa55f1a3837fc38a365fbc1096d58b6794cca84ff907da273917_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:42f631d436d62d7399ca3ef8fd89a334c7839823c8e6ffafe2cdd32ee36493bb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:56615395c62e26f3ef9bd267c0d5245331b8c67508df4bd8bbc83d72c4ef3b99_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:84a87320bee17439c05d2c6a1edf3b7e83b2f7ebfdd850399d12635e58da4d55_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:04a821296c01da5155ab36d9381b962866c26e9c7516f321ffe440b7fa13b4c5_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:33aaad4cc22d1e2998e4710cc644f4032bec8f140e5236fdc83d520a869626ef_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:d2cb739f949dc4ec9617bb9470a8482a8011077043e06e735ab0c9d7d1cac381_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:12d3d74ffbd7eb3a4817952835ab9bf5b89edf4fc9af661a28ec009f3251a519_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:1fb43684436f6b55152aab553177df048d5bb267c5efbc61f0f27cdbb0848957_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:c51fe06b557fa20d78af7b12cf6c6ddc3227f44f3957a52f3037c25700cfadb2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:1e1d5fad0aecf93b79b21112360aa0c308654c5b5df829cd3144488f8e217af4_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:72f613c382aac012e2e79e800df50c210f41693cc2aaa5b99cb28ab38f1966c8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7f027d05df255e62828ab28d5f188655fc125bc4ead872c7a33cedaf47b12f8c_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:cf586b7cb58dff92e7f31b8b9ebe5c971e55c67b8ba2c3320d2b71183c88fc7c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:2df297674884e6ac297bae685f80741489ddf1e1d0ae1d5ec354917dff1acdda_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:7af31fef4a2269c2cf444420048ea644c9949714e9a63417fe6d7288abee457b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:3ca10a19a0706af65bb590403adad92114810bf0ac64a89d6ac1d862e4cec671_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:56a321957afd15d357c8b53fc50299c0811981e8b925e64858dc7c4cfcea1993_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:633bfd24f1396c150b5902407879e7b26e7681074772fbbfeccc4d48cbe77b19_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:ff09ee957797fa15208f9130e246ae006c385cc799573a71d31aff9ddf0e805d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:1d258fe98c2477e4256a9b936f412f2501fb7ca9e3b810347f9712e0d5ce5c92_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:e8ccea3bfafbde4d5b91cc7b7732b2b64d6aa08499b5ca63b4d8f1e980291351_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:5bd1065dca1978c49c0143e2be4e921465c6a67fa786ab2a9254f0790259096e_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:8b34aaf5a7729ef1ccd01f2b1b1e3439b304343f3403de67f68255015206fbf4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:ade80e2ecb6fa56c20539e11677c29e57a1e20b5ce60f8414fd8ff3e83c9bc28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:3439c67a60c8323eb88f0181e8f811e5bdd7b51169f8b8cc687ab2148d1bfabe_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:820fd80dbce2d9d9cdf38989ce84ee5601e862786a732ad108fc319e28131944_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:d9a6959a71074ffc5ec0fa324af389fbd8277efbd22a827cef8a439b18cd2bcf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:8e9dbdc213745aa0990f47e50b1d899ac2121951b9346420131d76cc393a493a_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:95ca9b1ecee8f11d6edabd7af76f60d2987df91d11fd0fb4c6578df735717422_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:f01860f904557f887d8aafe42143c63352d6cb496dc727c265f14e3c2d296e06_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:1c76d957c8588ea2987d4b551bbefc2ef07c546cbaeb3148caff06f640b35ade_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:68e9797f37f8e4de817ee4e1cba7d583b541db2373c5d250ccc3344820720b85_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:7f362050312693129d3a15b6eed4fa06576d6529a99bc864f273c55145ae14ec_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:114fd9b55f5ea28a16c3fe2eef773a4cb4693c1885ef6193399cfea278191acb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:6490c1848b373efe6c327f8959e06b66b1ac3fe0f90fa697f7309d9f48c66765_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:816d8f81196bb0acfe5bbc792f9768916724bdecea3671172412eeb6948c4ff7_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:1e66abc3373c50b5ef69b0c63bf877a978e3aa0a368630973cf0a2be7374becf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:9c061b939c8094f4939cd183da381ad8e49d878cc2fdd373b8d26eecae07ab6d_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f0511f3768e51b6801b66c91b302010e6197facb71a0b7777c4d3ad3039b6c88_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:3e70ae3e8b5f776ad3e2a184a1f2f572de5c46386f34edb99e2b9d1d9249ae41_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:5924a7e64d6031aa926f9ecb9ee3be30d8251c4705813a9bef6716d18b7411b4_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:f441a07265d87fb59ee375723e98fbc9af5f3fd5a2c09761692b0e271205f0bb_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:af7bbec8e30b0e0d8393fe1e2bd656d7630b7c9828536be6664fa848fac61505_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:cf4e879101bc4e3666649dda0926de8bbd95e641dc6832c29dc457128256eb6c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:331f8435e1bd3dec98947a24346873d09056e37e2d7ed83a463098dbf9f31a47_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:5e83e352d083892699338da3fa4c9b8218561e7167b4dff102d22e401cbc7f75_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:86ca44b014be65651b83a49a38c0784dee640b491b935e3ed5f3d49d84d55362_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f9ee33c1c4d7f2a872861c9ad1dbb78ba8fed3ab562ae90f12f06a892147e367_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:0ea603487b204f43ebddb1514500cdeaa02a0b763a627e4e10979deec60b7d28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:29ff94de29714044377d060db9ad47f151afec858c8fc127c94ff04adbb984b7_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:2b6c00ee23df974d22c185b592ef4d7babbb76bcadc129a04c869f9983630103_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:e7c4da685e08c79d5b49e9f12ff5efa7cc7d9e26a03c91ab19f86c99e9f4ac23_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:25077a998c7b6ec7e8122026f2152419a0efe293a00899bb745a66a57f913848_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:5178d3800d74d84a6282a7ddc888eea9b81d62c8a385ad57bb742fa28fb0f575_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:9070f6741e667a4a145ede8dc67d4f7545944ef5fe4937fdcb1a08e9f537e068_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:a7efdef6ef06af0aa97de86ebd0c0ccfc316719195289dfa835261da53b06589_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2dd15cd61e1e5d98791a68bb513572b82ce5d799dd3fa864d43a8134536b19ff_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:37938821d832d7b957aa6f9b4a468c0eed785625c2bb8257726b4dc094bab9bd_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:e94a31493c7207846ab5d13387311e9a6d99ffa7885d1b8faa8602750059c2a3_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:eb0500f30373c5bcf3e10e27b081f97e5ce8b29a71dde9ff9b7e1066fd5dd80e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:22c745e5d04f7a0d9b188bf6657b1de053c61d99d813f11f6819550ef2a96732_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:49495dd44b7956a5e1bed226a896be649a07cd1b1f915de31d39041a77f6cdb5_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:741b836350d9ec48109468382c81066f401ebb4712ca414d44e3042894111419_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:9cf7f5bdebf6b53fce9cfed4fe530c380f36bb1d60120b53c06043371863d4e6_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:3dd54b885e3d63e5882284bf4878aa723c1fef6833601ed5d5a091b6b74c68d1_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:83f773633a864b707c7e371bd554f79622b999a1ecef4b1cd368e0dd72b7a9ad_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:4a356900b1daca75092b8eac5c1d16f38703941caebba5ddec48120e854bd7e9_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:a26699523e44b43a0f237ee664b3574cbea8d11576bd4bc884c3766c0effb8df_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:1a85e42e32534b58410c519b4d8f7d84fe6ff96567612f18f4bd558fa3c895a6_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef72689e332c4e224a80603ffbcc1603cdf8fe4230b9fd60e7713f0b5c2d5045_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:1c15c95b65bfbcc620d4d429431eabca8f4714d32a38aa68cb15c549e1a6ce4c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:659acd52802b6f2300c223bcde827f1d9b80ac9a93fdb6f574fcb5a08b92607c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:6f44d3b3973c34677d347a67841dbfabd23817de1b5c26967f1b9952c27b48c8_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:b84eb1329e837895ca50d3284553e195918fefc71bdb9dc2550a90b2d927b6eb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:84739168d6ea2813c5b9666773166649a6b328a279dac80b61c51311a6a2943a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-operator-bundle@sha256:74968eea50e067a335e830cfde6d8bf3cd130a9eba77ce918e25e252b7c1541e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:53a8389250e59e7c9f5a9a61914cac361946b256132649bd45f775c8f36b486a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:890b0e4467cdfd68985af367a6d015ff7e92a2b6a1f46e2c2bf233c3d621f1a8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:9f667eb88f5b085ec40b8b06e5f42cf6a0ced0913d7d2b0402cd0472eb4b428c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:eedab7e6fd4adb2bd697e8cbcbd6703291d9fe5d2a3a048e8c34d9529586c93a_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:12ac94419811458fb309d417091e279d485c4a665899d3a7d3157b8b32c1b03d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:4318d360c3a968ee79ef68979105ee5ffb93137757a3b4a6c42c15e6cf6b11ba_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:ba6188d3d284f030f90e117c87501a8d08c4b356383429ad39806472113aa41b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:05c7ffbd4dfa1f6ef760ed86f142d84d4c42583fa0b747eedc234763bef74ebb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:883f4ae255413c1409d3fb607f91fdf13badf534c5e8f78d9905c8da69cdeeed_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:b7f375f2f1f4eb828ee8255143143385c4662aab967c007a89954903c8a7c27f_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:d29d106e6c0f6a3ae971903a16cf4a564950bcf5336219eb6665cae98b824d33_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:5a2db37676e0f0b05fe2a8c5f82bb489ff3c8dd80f94b9fb3540488ab39ff6ca_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:bab28cfa3596192875dbf305a4ed7432db0ebebec604053d30895931818740cd_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "accelerate: Hugging Face Accelerate: Remote Code Execution via Deserialization of Untrusted Data"
},
{
"cve": "CVE-2025-52881",
"cwe": {
"id": "CWE-59",
"name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
},
"discovery_date": "2025-10-17T14:19:18.652000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:2c98b3b933276dbcead1fde142bfcd3f130d89e6812c6b433da7eed650ae2dbc_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:53c79641084ebe6c98274b31e34cc1a759b1443b96cf7dc45317008a30b1fc8d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4333242b1f6f25f8656bd612870d02868f3724d80cf542c8d78ada49a8ad9cb2_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4519eccf48b1f2393bab39980fadde7e398cfff1933b78e9565029f95296ff05_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:a15b54532e9e06d91abce8fd7becf2aa3bfbce56f231036e25e9ffed15760f74_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:ce1e29736422aa55f1a3837fc38a365fbc1096d58b6794cca84ff907da273917_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:42f631d436d62d7399ca3ef8fd89a334c7839823c8e6ffafe2cdd32ee36493bb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:56615395c62e26f3ef9bd267c0d5245331b8c67508df4bd8bbc83d72c4ef3b99_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:84a87320bee17439c05d2c6a1edf3b7e83b2f7ebfdd850399d12635e58da4d55_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:04a821296c01da5155ab36d9381b962866c26e9c7516f321ffe440b7fa13b4c5_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:33aaad4cc22d1e2998e4710cc644f4032bec8f140e5236fdc83d520a869626ef_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:d2cb739f949dc4ec9617bb9470a8482a8011077043e06e735ab0c9d7d1cac381_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:12d3d74ffbd7eb3a4817952835ab9bf5b89edf4fc9af661a28ec009f3251a519_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:1fb43684436f6b55152aab553177df048d5bb267c5efbc61f0f27cdbb0848957_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:c51fe06b557fa20d78af7b12cf6c6ddc3227f44f3957a52f3037c25700cfadb2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:1e1d5fad0aecf93b79b21112360aa0c308654c5b5df829cd3144488f8e217af4_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:72f613c382aac012e2e79e800df50c210f41693cc2aaa5b99cb28ab38f1966c8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7f027d05df255e62828ab28d5f188655fc125bc4ead872c7a33cedaf47b12f8c_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:cf586b7cb58dff92e7f31b8b9ebe5c971e55c67b8ba2c3320d2b71183c88fc7c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:2df297674884e6ac297bae685f80741489ddf1e1d0ae1d5ec354917dff1acdda_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:7af31fef4a2269c2cf444420048ea644c9949714e9a63417fe6d7288abee457b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:3ca10a19a0706af65bb590403adad92114810bf0ac64a89d6ac1d862e4cec671_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:56a321957afd15d357c8b53fc50299c0811981e8b925e64858dc7c4cfcea1993_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:633bfd24f1396c150b5902407879e7b26e7681074772fbbfeccc4d48cbe77b19_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:ff09ee957797fa15208f9130e246ae006c385cc799573a71d31aff9ddf0e805d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:1d258fe98c2477e4256a9b936f412f2501fb7ca9e3b810347f9712e0d5ce5c92_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:e8ccea3bfafbde4d5b91cc7b7732b2b64d6aa08499b5ca63b4d8f1e980291351_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:5bd1065dca1978c49c0143e2be4e921465c6a67fa786ab2a9254f0790259096e_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:8b34aaf5a7729ef1ccd01f2b1b1e3439b304343f3403de67f68255015206fbf4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:ade80e2ecb6fa56c20539e11677c29e57a1e20b5ce60f8414fd8ff3e83c9bc28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:3439c67a60c8323eb88f0181e8f811e5bdd7b51169f8b8cc687ab2148d1bfabe_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:820fd80dbce2d9d9cdf38989ce84ee5601e862786a732ad108fc319e28131944_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:d9a6959a71074ffc5ec0fa324af389fbd8277efbd22a827cef8a439b18cd2bcf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:8e9dbdc213745aa0990f47e50b1d899ac2121951b9346420131d76cc393a493a_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:95ca9b1ecee8f11d6edabd7af76f60d2987df91d11fd0fb4c6578df735717422_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:f01860f904557f887d8aafe42143c63352d6cb496dc727c265f14e3c2d296e06_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:1c76d957c8588ea2987d4b551bbefc2ef07c546cbaeb3148caff06f640b35ade_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:68e9797f37f8e4de817ee4e1cba7d583b541db2373c5d250ccc3344820720b85_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:7f362050312693129d3a15b6eed4fa06576d6529a99bc864f273c55145ae14ec_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:1e66abc3373c50b5ef69b0c63bf877a978e3aa0a368630973cf0a2be7374becf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:9c061b939c8094f4939cd183da381ad8e49d878cc2fdd373b8d26eecae07ab6d_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f0511f3768e51b6801b66c91b302010e6197facb71a0b7777c4d3ad3039b6c88_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:3e70ae3e8b5f776ad3e2a184a1f2f572de5c46386f34edb99e2b9d1d9249ae41_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:5924a7e64d6031aa926f9ecb9ee3be30d8251c4705813a9bef6716d18b7411b4_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:f441a07265d87fb59ee375723e98fbc9af5f3fd5a2c09761692b0e271205f0bb_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:af7bbec8e30b0e0d8393fe1e2bd656d7630b7c9828536be6664fa848fac61505_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:cf4e879101bc4e3666649dda0926de8bbd95e641dc6832c29dc457128256eb6c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:331f8435e1bd3dec98947a24346873d09056e37e2d7ed83a463098dbf9f31a47_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:5e83e352d083892699338da3fa4c9b8218561e7167b4dff102d22e401cbc7f75_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:86ca44b014be65651b83a49a38c0784dee640b491b935e3ed5f3d49d84d55362_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f9ee33c1c4d7f2a872861c9ad1dbb78ba8fed3ab562ae90f12f06a892147e367_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:0ea603487b204f43ebddb1514500cdeaa02a0b763a627e4e10979deec60b7d28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:29ff94de29714044377d060db9ad47f151afec858c8fc127c94ff04adbb984b7_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:2b6c00ee23df974d22c185b592ef4d7babbb76bcadc129a04c869f9983630103_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:e7c4da685e08c79d5b49e9f12ff5efa7cc7d9e26a03c91ab19f86c99e9f4ac23_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2dd15cd61e1e5d98791a68bb513572b82ce5d799dd3fa864d43a8134536b19ff_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:37938821d832d7b957aa6f9b4a468c0eed785625c2bb8257726b4dc094bab9bd_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:e94a31493c7207846ab5d13387311e9a6d99ffa7885d1b8faa8602750059c2a3_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:eb0500f30373c5bcf3e10e27b081f97e5ce8b29a71dde9ff9b7e1066fd5dd80e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:22c745e5d04f7a0d9b188bf6657b1de053c61d99d813f11f6819550ef2a96732_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:49495dd44b7956a5e1bed226a896be649a07cd1b1f915de31d39041a77f6cdb5_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:741b836350d9ec48109468382c81066f401ebb4712ca414d44e3042894111419_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:9cf7f5bdebf6b53fce9cfed4fe530c380f36bb1d60120b53c06043371863d4e6_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:3dd54b885e3d63e5882284bf4878aa723c1fef6833601ed5d5a091b6b74c68d1_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:83f773633a864b707c7e371bd554f79622b999a1ecef4b1cd368e0dd72b7a9ad_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:4a356900b1daca75092b8eac5c1d16f38703941caebba5ddec48120e854bd7e9_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:a26699523e44b43a0f237ee664b3574cbea8d11576bd4bc884c3766c0effb8df_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:1a85e42e32534b58410c519b4d8f7d84fe6ff96567612f18f4bd558fa3c895a6_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef72689e332c4e224a80603ffbcc1603cdf8fe4230b9fd60e7713f0b5c2d5045_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:1c15c95b65bfbcc620d4d429431eabca8f4714d32a38aa68cb15c549e1a6ce4c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:659acd52802b6f2300c223bcde827f1d9b80ac9a93fdb6f574fcb5a08b92607c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:6f44d3b3973c34677d347a67841dbfabd23817de1b5c26967f1b9952c27b48c8_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:b84eb1329e837895ca50d3284553e195918fefc71bdb9dc2550a90b2d927b6eb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:84739168d6ea2813c5b9666773166649a6b328a279dac80b61c51311a6a2943a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-operator-bundle@sha256:74968eea50e067a335e830cfde6d8bf3cd130a9eba77ce918e25e252b7c1541e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:53a8389250e59e7c9f5a9a61914cac361946b256132649bd45f775c8f36b486a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:890b0e4467cdfd68985af367a6d015ff7e92a2b6a1f46e2c2bf233c3d621f1a8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:9f667eb88f5b085ec40b8b06e5f42cf6a0ced0913d7d2b0402cd0472eb4b428c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:eedab7e6fd4adb2bd697e8cbcbd6703291d9fe5d2a3a048e8c34d9529586c93a_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:12ac94419811458fb309d417091e279d485c4a665899d3a7d3157b8b32c1b03d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:4318d360c3a968ee79ef68979105ee5ffb93137757a3b4a6c42c15e6cf6b11ba_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:ba6188d3d284f030f90e117c87501a8d08c4b356383429ad39806472113aa41b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:05c7ffbd4dfa1f6ef760ed86f142d84d4c42583fa0b747eedc234763bef74ebb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:883f4ae255413c1409d3fb607f91fdf13badf534c5e8f78d9905c8da69cdeeed_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:b7f375f2f1f4eb828ee8255143143385c4662aab967c007a89954903c8a7c27f_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:d29d106e6c0f6a3ae971903a16cf4a564950bcf5336219eb6665cae98b824d33_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:5a2db37676e0f0b05fe2a8c5f82bb489ff3c8dd80f94b9fb3540488ab39ff6ca_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:bab28cfa3596192875dbf305a4ed7432db0ebebec604053d30895931818740cd_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2404715"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in runc. This attack is a more sophisticated variant of CVE-2019-16884, which was a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process. The mitigation applied for CVE-2019-16884 was fairly limited and effectively only caused runc to verify that when we write LSM labels that those labels are actual procfs files.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat considers this as an Important flaw since the impact is limited to local attack with minimal privileges in order to jeopardize the environment.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:114fd9b55f5ea28a16c3fe2eef773a4cb4693c1885ef6193399cfea278191acb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:6490c1848b373efe6c327f8959e06b66b1ac3fe0f90fa697f7309d9f48c66765_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:816d8f81196bb0acfe5bbc792f9768916724bdecea3671172412eeb6948c4ff7_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:25077a998c7b6ec7e8122026f2152419a0efe293a00899bb745a66a57f913848_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:5178d3800d74d84a6282a7ddc888eea9b81d62c8a385ad57bb742fa28fb0f575_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:9070f6741e667a4a145ede8dc67d4f7545944ef5fe4937fdcb1a08e9f537e068_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:a7efdef6ef06af0aa97de86ebd0c0ccfc316719195289dfa835261da53b06589_arm64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:2c98b3b933276dbcead1fde142bfcd3f130d89e6812c6b433da7eed650ae2dbc_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:53c79641084ebe6c98274b31e34cc1a759b1443b96cf7dc45317008a30b1fc8d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4333242b1f6f25f8656bd612870d02868f3724d80cf542c8d78ada49a8ad9cb2_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4519eccf48b1f2393bab39980fadde7e398cfff1933b78e9565029f95296ff05_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:a15b54532e9e06d91abce8fd7becf2aa3bfbce56f231036e25e9ffed15760f74_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:ce1e29736422aa55f1a3837fc38a365fbc1096d58b6794cca84ff907da273917_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:42f631d436d62d7399ca3ef8fd89a334c7839823c8e6ffafe2cdd32ee36493bb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:56615395c62e26f3ef9bd267c0d5245331b8c67508df4bd8bbc83d72c4ef3b99_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:84a87320bee17439c05d2c6a1edf3b7e83b2f7ebfdd850399d12635e58da4d55_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:04a821296c01da5155ab36d9381b962866c26e9c7516f321ffe440b7fa13b4c5_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:33aaad4cc22d1e2998e4710cc644f4032bec8f140e5236fdc83d520a869626ef_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:d2cb739f949dc4ec9617bb9470a8482a8011077043e06e735ab0c9d7d1cac381_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:12d3d74ffbd7eb3a4817952835ab9bf5b89edf4fc9af661a28ec009f3251a519_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:1fb43684436f6b55152aab553177df048d5bb267c5efbc61f0f27cdbb0848957_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:c51fe06b557fa20d78af7b12cf6c6ddc3227f44f3957a52f3037c25700cfadb2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:1e1d5fad0aecf93b79b21112360aa0c308654c5b5df829cd3144488f8e217af4_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:72f613c382aac012e2e79e800df50c210f41693cc2aaa5b99cb28ab38f1966c8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7f027d05df255e62828ab28d5f188655fc125bc4ead872c7a33cedaf47b12f8c_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:cf586b7cb58dff92e7f31b8b9ebe5c971e55c67b8ba2c3320d2b71183c88fc7c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:2df297674884e6ac297bae685f80741489ddf1e1d0ae1d5ec354917dff1acdda_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:7af31fef4a2269c2cf444420048ea644c9949714e9a63417fe6d7288abee457b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:3ca10a19a0706af65bb590403adad92114810bf0ac64a89d6ac1d862e4cec671_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:56a321957afd15d357c8b53fc50299c0811981e8b925e64858dc7c4cfcea1993_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:633bfd24f1396c150b5902407879e7b26e7681074772fbbfeccc4d48cbe77b19_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:ff09ee957797fa15208f9130e246ae006c385cc799573a71d31aff9ddf0e805d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:1d258fe98c2477e4256a9b936f412f2501fb7ca9e3b810347f9712e0d5ce5c92_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:e8ccea3bfafbde4d5b91cc7b7732b2b64d6aa08499b5ca63b4d8f1e980291351_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:5bd1065dca1978c49c0143e2be4e921465c6a67fa786ab2a9254f0790259096e_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:8b34aaf5a7729ef1ccd01f2b1b1e3439b304343f3403de67f68255015206fbf4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:ade80e2ecb6fa56c20539e11677c29e57a1e20b5ce60f8414fd8ff3e83c9bc28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:3439c67a60c8323eb88f0181e8f811e5bdd7b51169f8b8cc687ab2148d1bfabe_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:820fd80dbce2d9d9cdf38989ce84ee5601e862786a732ad108fc319e28131944_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:d9a6959a71074ffc5ec0fa324af389fbd8277efbd22a827cef8a439b18cd2bcf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:8e9dbdc213745aa0990f47e50b1d899ac2121951b9346420131d76cc393a493a_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:95ca9b1ecee8f11d6edabd7af76f60d2987df91d11fd0fb4c6578df735717422_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:f01860f904557f887d8aafe42143c63352d6cb496dc727c265f14e3c2d296e06_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:1c76d957c8588ea2987d4b551bbefc2ef07c546cbaeb3148caff06f640b35ade_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:68e9797f37f8e4de817ee4e1cba7d583b541db2373c5d250ccc3344820720b85_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:7f362050312693129d3a15b6eed4fa06576d6529a99bc864f273c55145ae14ec_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:1e66abc3373c50b5ef69b0c63bf877a978e3aa0a368630973cf0a2be7374becf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:9c061b939c8094f4939cd183da381ad8e49d878cc2fdd373b8d26eecae07ab6d_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f0511f3768e51b6801b66c91b302010e6197facb71a0b7777c4d3ad3039b6c88_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:3e70ae3e8b5f776ad3e2a184a1f2f572de5c46386f34edb99e2b9d1d9249ae41_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:5924a7e64d6031aa926f9ecb9ee3be30d8251c4705813a9bef6716d18b7411b4_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:f441a07265d87fb59ee375723e98fbc9af5f3fd5a2c09761692b0e271205f0bb_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:af7bbec8e30b0e0d8393fe1e2bd656d7630b7c9828536be6664fa848fac61505_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:cf4e879101bc4e3666649dda0926de8bbd95e641dc6832c29dc457128256eb6c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:331f8435e1bd3dec98947a24346873d09056e37e2d7ed83a463098dbf9f31a47_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:5e83e352d083892699338da3fa4c9b8218561e7167b4dff102d22e401cbc7f75_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:86ca44b014be65651b83a49a38c0784dee640b491b935e3ed5f3d49d84d55362_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f9ee33c1c4d7f2a872861c9ad1dbb78ba8fed3ab562ae90f12f06a892147e367_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:0ea603487b204f43ebddb1514500cdeaa02a0b763a627e4e10979deec60b7d28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:29ff94de29714044377d060db9ad47f151afec858c8fc127c94ff04adbb984b7_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:2b6c00ee23df974d22c185b592ef4d7babbb76bcadc129a04c869f9983630103_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:e7c4da685e08c79d5b49e9f12ff5efa7cc7d9e26a03c91ab19f86c99e9f4ac23_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2dd15cd61e1e5d98791a68bb513572b82ce5d799dd3fa864d43a8134536b19ff_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:37938821d832d7b957aa6f9b4a468c0eed785625c2bb8257726b4dc094bab9bd_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:e94a31493c7207846ab5d13387311e9a6d99ffa7885d1b8faa8602750059c2a3_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:eb0500f30373c5bcf3e10e27b081f97e5ce8b29a71dde9ff9b7e1066fd5dd80e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:22c745e5d04f7a0d9b188bf6657b1de053c61d99d813f11f6819550ef2a96732_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:49495dd44b7956a5e1bed226a896be649a07cd1b1f915de31d39041a77f6cdb5_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:741b836350d9ec48109468382c81066f401ebb4712ca414d44e3042894111419_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:9cf7f5bdebf6b53fce9cfed4fe530c380f36bb1d60120b53c06043371863d4e6_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:3dd54b885e3d63e5882284bf4878aa723c1fef6833601ed5d5a091b6b74c68d1_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:83f773633a864b707c7e371bd554f79622b999a1ecef4b1cd368e0dd72b7a9ad_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:4a356900b1daca75092b8eac5c1d16f38703941caebba5ddec48120e854bd7e9_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:a26699523e44b43a0f237ee664b3574cbea8d11576bd4bc884c3766c0effb8df_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:1a85e42e32534b58410c519b4d8f7d84fe6ff96567612f18f4bd558fa3c895a6_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef72689e332c4e224a80603ffbcc1603cdf8fe4230b9fd60e7713f0b5c2d5045_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:1c15c95b65bfbcc620d4d429431eabca8f4714d32a38aa68cb15c549e1a6ce4c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:659acd52802b6f2300c223bcde827f1d9b80ac9a93fdb6f574fcb5a08b92607c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:6f44d3b3973c34677d347a67841dbfabd23817de1b5c26967f1b9952c27b48c8_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:b84eb1329e837895ca50d3284553e195918fefc71bdb9dc2550a90b2d927b6eb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:84739168d6ea2813c5b9666773166649a6b328a279dac80b61c51311a6a2943a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-operator-bundle@sha256:74968eea50e067a335e830cfde6d8bf3cd130a9eba77ce918e25e252b7c1541e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:53a8389250e59e7c9f5a9a61914cac361946b256132649bd45f775c8f36b486a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:890b0e4467cdfd68985af367a6d015ff7e92a2b6a1f46e2c2bf233c3d621f1a8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:9f667eb88f5b085ec40b8b06e5f42cf6a0ced0913d7d2b0402cd0472eb4b428c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:eedab7e6fd4adb2bd697e8cbcbd6703291d9fe5d2a3a048e8c34d9529586c93a_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:12ac94419811458fb309d417091e279d485c4a665899d3a7d3157b8b32c1b03d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:4318d360c3a968ee79ef68979105ee5ffb93137757a3b4a6c42c15e6cf6b11ba_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:ba6188d3d284f030f90e117c87501a8d08c4b356383429ad39806472113aa41b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:05c7ffbd4dfa1f6ef760ed86f142d84d4c42583fa0b747eedc234763bef74ebb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:883f4ae255413c1409d3fb607f91fdf13badf534c5e8f78d9905c8da69cdeeed_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:b7f375f2f1f4eb828ee8255143143385c4662aab967c007a89954903c8a7c27f_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:d29d106e6c0f6a3ae971903a16cf4a564950bcf5336219eb6665cae98b824d33_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:5a2db37676e0f0b05fe2a8c5f82bb489ff3c8dd80f94b9fb3540488ab39ff6ca_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:bab28cfa3596192875dbf305a4ed7432db0ebebec604053d30895931818740cd_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-52881"
},
{
"category": "external",
"summary": "RHBZ#2404715",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2404715"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-52881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52881"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-52881",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-52881"
},
{
"category": "external",
"summary": "https://github.com/opencontainers/runc/security/advisories/GHSA-cgrx-mc8f-2prm",
"url": "https://github.com/opencontainers/runc/security/advisories/GHSA-cgrx-mc8f-2prm"
},
{
"category": "external",
"summary": "https://github.com/opencontainers/selinux/pull/237",
"url": "https://github.com/opencontainers/selinux/pull/237"
}
],
"release_date": "2025-11-05T09:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-12T22:43:13+00:00",
"details": "For Red Hat OpenShift AI 2.25.2 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:114fd9b55f5ea28a16c3fe2eef773a4cb4693c1885ef6193399cfea278191acb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:6490c1848b373efe6c327f8959e06b66b1ac3fe0f90fa697f7309d9f48c66765_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:816d8f81196bb0acfe5bbc792f9768916724bdecea3671172412eeb6948c4ff7_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:25077a998c7b6ec7e8122026f2152419a0efe293a00899bb745a66a57f913848_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:5178d3800d74d84a6282a7ddc888eea9b81d62c8a385ad57bb742fa28fb0f575_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:9070f6741e667a4a145ede8dc67d4f7545944ef5fe4937fdcb1a08e9f537e068_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:a7efdef6ef06af0aa97de86ebd0c0ccfc316719195289dfa835261da53b06589_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2695"
},
{
"category": "workaround",
"details": "Potential mitigations for this issue include:\n\n* Using rootless containers, as doing so will block most of the inadvertent writes (runc would run with reduced privileges, making attempts to write to procfs files ineffective).\n* Based on our analysis, neither AppArmor or SELinux can protect against the full version of the redirected write attack. The container runtime is generally privileged enough to write to arbitrary procfs files, which is more than sufficient to cause a container breakout.",
"product_ids": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:2c98b3b933276dbcead1fde142bfcd3f130d89e6812c6b433da7eed650ae2dbc_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:53c79641084ebe6c98274b31e34cc1a759b1443b96cf7dc45317008a30b1fc8d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4333242b1f6f25f8656bd612870d02868f3724d80cf542c8d78ada49a8ad9cb2_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4519eccf48b1f2393bab39980fadde7e398cfff1933b78e9565029f95296ff05_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:a15b54532e9e06d91abce8fd7becf2aa3bfbce56f231036e25e9ffed15760f74_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:ce1e29736422aa55f1a3837fc38a365fbc1096d58b6794cca84ff907da273917_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:42f631d436d62d7399ca3ef8fd89a334c7839823c8e6ffafe2cdd32ee36493bb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:56615395c62e26f3ef9bd267c0d5245331b8c67508df4bd8bbc83d72c4ef3b99_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:84a87320bee17439c05d2c6a1edf3b7e83b2f7ebfdd850399d12635e58da4d55_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:04a821296c01da5155ab36d9381b962866c26e9c7516f321ffe440b7fa13b4c5_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:33aaad4cc22d1e2998e4710cc644f4032bec8f140e5236fdc83d520a869626ef_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:d2cb739f949dc4ec9617bb9470a8482a8011077043e06e735ab0c9d7d1cac381_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:12d3d74ffbd7eb3a4817952835ab9bf5b89edf4fc9af661a28ec009f3251a519_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:1fb43684436f6b55152aab553177df048d5bb267c5efbc61f0f27cdbb0848957_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:c51fe06b557fa20d78af7b12cf6c6ddc3227f44f3957a52f3037c25700cfadb2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:1e1d5fad0aecf93b79b21112360aa0c308654c5b5df829cd3144488f8e217af4_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:72f613c382aac012e2e79e800df50c210f41693cc2aaa5b99cb28ab38f1966c8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7f027d05df255e62828ab28d5f188655fc125bc4ead872c7a33cedaf47b12f8c_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:cf586b7cb58dff92e7f31b8b9ebe5c971e55c67b8ba2c3320d2b71183c88fc7c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:2df297674884e6ac297bae685f80741489ddf1e1d0ae1d5ec354917dff1acdda_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:7af31fef4a2269c2cf444420048ea644c9949714e9a63417fe6d7288abee457b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:3ca10a19a0706af65bb590403adad92114810bf0ac64a89d6ac1d862e4cec671_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:56a321957afd15d357c8b53fc50299c0811981e8b925e64858dc7c4cfcea1993_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:633bfd24f1396c150b5902407879e7b26e7681074772fbbfeccc4d48cbe77b19_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:ff09ee957797fa15208f9130e246ae006c385cc799573a71d31aff9ddf0e805d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:1d258fe98c2477e4256a9b936f412f2501fb7ca9e3b810347f9712e0d5ce5c92_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:e8ccea3bfafbde4d5b91cc7b7732b2b64d6aa08499b5ca63b4d8f1e980291351_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:5bd1065dca1978c49c0143e2be4e921465c6a67fa786ab2a9254f0790259096e_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:8b34aaf5a7729ef1ccd01f2b1b1e3439b304343f3403de67f68255015206fbf4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:ade80e2ecb6fa56c20539e11677c29e57a1e20b5ce60f8414fd8ff3e83c9bc28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:3439c67a60c8323eb88f0181e8f811e5bdd7b51169f8b8cc687ab2148d1bfabe_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:820fd80dbce2d9d9cdf38989ce84ee5601e862786a732ad108fc319e28131944_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:d9a6959a71074ffc5ec0fa324af389fbd8277efbd22a827cef8a439b18cd2bcf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:8e9dbdc213745aa0990f47e50b1d899ac2121951b9346420131d76cc393a493a_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:95ca9b1ecee8f11d6edabd7af76f60d2987df91d11fd0fb4c6578df735717422_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:f01860f904557f887d8aafe42143c63352d6cb496dc727c265f14e3c2d296e06_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:1c76d957c8588ea2987d4b551bbefc2ef07c546cbaeb3148caff06f640b35ade_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:68e9797f37f8e4de817ee4e1cba7d583b541db2373c5d250ccc3344820720b85_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:7f362050312693129d3a15b6eed4fa06576d6529a99bc864f273c55145ae14ec_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:114fd9b55f5ea28a16c3fe2eef773a4cb4693c1885ef6193399cfea278191acb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:6490c1848b373efe6c327f8959e06b66b1ac3fe0f90fa697f7309d9f48c66765_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:816d8f81196bb0acfe5bbc792f9768916724bdecea3671172412eeb6948c4ff7_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:1e66abc3373c50b5ef69b0c63bf877a978e3aa0a368630973cf0a2be7374becf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:9c061b939c8094f4939cd183da381ad8e49d878cc2fdd373b8d26eecae07ab6d_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f0511f3768e51b6801b66c91b302010e6197facb71a0b7777c4d3ad3039b6c88_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:3e70ae3e8b5f776ad3e2a184a1f2f572de5c46386f34edb99e2b9d1d9249ae41_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:5924a7e64d6031aa926f9ecb9ee3be30d8251c4705813a9bef6716d18b7411b4_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:f441a07265d87fb59ee375723e98fbc9af5f3fd5a2c09761692b0e271205f0bb_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:af7bbec8e30b0e0d8393fe1e2bd656d7630b7c9828536be6664fa848fac61505_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:cf4e879101bc4e3666649dda0926de8bbd95e641dc6832c29dc457128256eb6c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:331f8435e1bd3dec98947a24346873d09056e37e2d7ed83a463098dbf9f31a47_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:5e83e352d083892699338da3fa4c9b8218561e7167b4dff102d22e401cbc7f75_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:86ca44b014be65651b83a49a38c0784dee640b491b935e3ed5f3d49d84d55362_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f9ee33c1c4d7f2a872861c9ad1dbb78ba8fed3ab562ae90f12f06a892147e367_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:0ea603487b204f43ebddb1514500cdeaa02a0b763a627e4e10979deec60b7d28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:29ff94de29714044377d060db9ad47f151afec858c8fc127c94ff04adbb984b7_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:2b6c00ee23df974d22c185b592ef4d7babbb76bcadc129a04c869f9983630103_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:e7c4da685e08c79d5b49e9f12ff5efa7cc7d9e26a03c91ab19f86c99e9f4ac23_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:25077a998c7b6ec7e8122026f2152419a0efe293a00899bb745a66a57f913848_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:5178d3800d74d84a6282a7ddc888eea9b81d62c8a385ad57bb742fa28fb0f575_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:9070f6741e667a4a145ede8dc67d4f7545944ef5fe4937fdcb1a08e9f537e068_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:a7efdef6ef06af0aa97de86ebd0c0ccfc316719195289dfa835261da53b06589_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2dd15cd61e1e5d98791a68bb513572b82ce5d799dd3fa864d43a8134536b19ff_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:37938821d832d7b957aa6f9b4a468c0eed785625c2bb8257726b4dc094bab9bd_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:e94a31493c7207846ab5d13387311e9a6d99ffa7885d1b8faa8602750059c2a3_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:eb0500f30373c5bcf3e10e27b081f97e5ce8b29a71dde9ff9b7e1066fd5dd80e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:22c745e5d04f7a0d9b188bf6657b1de053c61d99d813f11f6819550ef2a96732_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:49495dd44b7956a5e1bed226a896be649a07cd1b1f915de31d39041a77f6cdb5_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:741b836350d9ec48109468382c81066f401ebb4712ca414d44e3042894111419_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:9cf7f5bdebf6b53fce9cfed4fe530c380f36bb1d60120b53c06043371863d4e6_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:3dd54b885e3d63e5882284bf4878aa723c1fef6833601ed5d5a091b6b74c68d1_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:83f773633a864b707c7e371bd554f79622b999a1ecef4b1cd368e0dd72b7a9ad_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:4a356900b1daca75092b8eac5c1d16f38703941caebba5ddec48120e854bd7e9_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:a26699523e44b43a0f237ee664b3574cbea8d11576bd4bc884c3766c0effb8df_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:1a85e42e32534b58410c519b4d8f7d84fe6ff96567612f18f4bd558fa3c895a6_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef72689e332c4e224a80603ffbcc1603cdf8fe4230b9fd60e7713f0b5c2d5045_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:1c15c95b65bfbcc620d4d429431eabca8f4714d32a38aa68cb15c549e1a6ce4c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:659acd52802b6f2300c223bcde827f1d9b80ac9a93fdb6f574fcb5a08b92607c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:6f44d3b3973c34677d347a67841dbfabd23817de1b5c26967f1b9952c27b48c8_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:b84eb1329e837895ca50d3284553e195918fefc71bdb9dc2550a90b2d927b6eb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:84739168d6ea2813c5b9666773166649a6b328a279dac80b61c51311a6a2943a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-operator-bundle@sha256:74968eea50e067a335e830cfde6d8bf3cd130a9eba77ce918e25e252b7c1541e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:53a8389250e59e7c9f5a9a61914cac361946b256132649bd45f775c8f36b486a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:890b0e4467cdfd68985af367a6d015ff7e92a2b6a1f46e2c2bf233c3d621f1a8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:9f667eb88f5b085ec40b8b06e5f42cf6a0ced0913d7d2b0402cd0472eb4b428c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:eedab7e6fd4adb2bd697e8cbcbd6703291d9fe5d2a3a048e8c34d9529586c93a_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:12ac94419811458fb309d417091e279d485c4a665899d3a7d3157b8b32c1b03d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:4318d360c3a968ee79ef68979105ee5ffb93137757a3b4a6c42c15e6cf6b11ba_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:ba6188d3d284f030f90e117c87501a8d08c4b356383429ad39806472113aa41b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:05c7ffbd4dfa1f6ef760ed86f142d84d4c42583fa0b747eedc234763bef74ebb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:883f4ae255413c1409d3fb607f91fdf13badf534c5e8f78d9905c8da69cdeeed_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:b7f375f2f1f4eb828ee8255143143385c4662aab967c007a89954903c8a7c27f_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:d29d106e6c0f6a3ae971903a16cf4a564950bcf5336219eb6665cae98b824d33_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:5a2db37676e0f0b05fe2a8c5f82bb489ff3c8dd80f94b9fb3540488ab39ff6ca_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:bab28cfa3596192875dbf305a4ed7432db0ebebec604053d30895931818740cd_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:2c98b3b933276dbcead1fde142bfcd3f130d89e6812c6b433da7eed650ae2dbc_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:53c79641084ebe6c98274b31e34cc1a759b1443b96cf7dc45317008a30b1fc8d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4333242b1f6f25f8656bd612870d02868f3724d80cf542c8d78ada49a8ad9cb2_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4519eccf48b1f2393bab39980fadde7e398cfff1933b78e9565029f95296ff05_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:a15b54532e9e06d91abce8fd7becf2aa3bfbce56f231036e25e9ffed15760f74_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:ce1e29736422aa55f1a3837fc38a365fbc1096d58b6794cca84ff907da273917_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:42f631d436d62d7399ca3ef8fd89a334c7839823c8e6ffafe2cdd32ee36493bb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:56615395c62e26f3ef9bd267c0d5245331b8c67508df4bd8bbc83d72c4ef3b99_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:84a87320bee17439c05d2c6a1edf3b7e83b2f7ebfdd850399d12635e58da4d55_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:04a821296c01da5155ab36d9381b962866c26e9c7516f321ffe440b7fa13b4c5_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:33aaad4cc22d1e2998e4710cc644f4032bec8f140e5236fdc83d520a869626ef_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:d2cb739f949dc4ec9617bb9470a8482a8011077043e06e735ab0c9d7d1cac381_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:12d3d74ffbd7eb3a4817952835ab9bf5b89edf4fc9af661a28ec009f3251a519_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:1fb43684436f6b55152aab553177df048d5bb267c5efbc61f0f27cdbb0848957_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:c51fe06b557fa20d78af7b12cf6c6ddc3227f44f3957a52f3037c25700cfadb2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:1e1d5fad0aecf93b79b21112360aa0c308654c5b5df829cd3144488f8e217af4_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:72f613c382aac012e2e79e800df50c210f41693cc2aaa5b99cb28ab38f1966c8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7f027d05df255e62828ab28d5f188655fc125bc4ead872c7a33cedaf47b12f8c_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:cf586b7cb58dff92e7f31b8b9ebe5c971e55c67b8ba2c3320d2b71183c88fc7c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:2df297674884e6ac297bae685f80741489ddf1e1d0ae1d5ec354917dff1acdda_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:7af31fef4a2269c2cf444420048ea644c9949714e9a63417fe6d7288abee457b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:3ca10a19a0706af65bb590403adad92114810bf0ac64a89d6ac1d862e4cec671_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:56a321957afd15d357c8b53fc50299c0811981e8b925e64858dc7c4cfcea1993_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:633bfd24f1396c150b5902407879e7b26e7681074772fbbfeccc4d48cbe77b19_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:ff09ee957797fa15208f9130e246ae006c385cc799573a71d31aff9ddf0e805d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:1d258fe98c2477e4256a9b936f412f2501fb7ca9e3b810347f9712e0d5ce5c92_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:e8ccea3bfafbde4d5b91cc7b7732b2b64d6aa08499b5ca63b4d8f1e980291351_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:5bd1065dca1978c49c0143e2be4e921465c6a67fa786ab2a9254f0790259096e_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:8b34aaf5a7729ef1ccd01f2b1b1e3439b304343f3403de67f68255015206fbf4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:ade80e2ecb6fa56c20539e11677c29e57a1e20b5ce60f8414fd8ff3e83c9bc28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:3439c67a60c8323eb88f0181e8f811e5bdd7b51169f8b8cc687ab2148d1bfabe_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:820fd80dbce2d9d9cdf38989ce84ee5601e862786a732ad108fc319e28131944_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:d9a6959a71074ffc5ec0fa324af389fbd8277efbd22a827cef8a439b18cd2bcf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:8e9dbdc213745aa0990f47e50b1d899ac2121951b9346420131d76cc393a493a_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:95ca9b1ecee8f11d6edabd7af76f60d2987df91d11fd0fb4c6578df735717422_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:f01860f904557f887d8aafe42143c63352d6cb496dc727c265f14e3c2d296e06_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:1c76d957c8588ea2987d4b551bbefc2ef07c546cbaeb3148caff06f640b35ade_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:68e9797f37f8e4de817ee4e1cba7d583b541db2373c5d250ccc3344820720b85_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:7f362050312693129d3a15b6eed4fa06576d6529a99bc864f273c55145ae14ec_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:114fd9b55f5ea28a16c3fe2eef773a4cb4693c1885ef6193399cfea278191acb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:6490c1848b373efe6c327f8959e06b66b1ac3fe0f90fa697f7309d9f48c66765_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:816d8f81196bb0acfe5bbc792f9768916724bdecea3671172412eeb6948c4ff7_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:1e66abc3373c50b5ef69b0c63bf877a978e3aa0a368630973cf0a2be7374becf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:9c061b939c8094f4939cd183da381ad8e49d878cc2fdd373b8d26eecae07ab6d_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f0511f3768e51b6801b66c91b302010e6197facb71a0b7777c4d3ad3039b6c88_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:3e70ae3e8b5f776ad3e2a184a1f2f572de5c46386f34edb99e2b9d1d9249ae41_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:5924a7e64d6031aa926f9ecb9ee3be30d8251c4705813a9bef6716d18b7411b4_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:f441a07265d87fb59ee375723e98fbc9af5f3fd5a2c09761692b0e271205f0bb_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:af7bbec8e30b0e0d8393fe1e2bd656d7630b7c9828536be6664fa848fac61505_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:cf4e879101bc4e3666649dda0926de8bbd95e641dc6832c29dc457128256eb6c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:331f8435e1bd3dec98947a24346873d09056e37e2d7ed83a463098dbf9f31a47_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:5e83e352d083892699338da3fa4c9b8218561e7167b4dff102d22e401cbc7f75_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:86ca44b014be65651b83a49a38c0784dee640b491b935e3ed5f3d49d84d55362_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f9ee33c1c4d7f2a872861c9ad1dbb78ba8fed3ab562ae90f12f06a892147e367_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:0ea603487b204f43ebddb1514500cdeaa02a0b763a627e4e10979deec60b7d28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:29ff94de29714044377d060db9ad47f151afec858c8fc127c94ff04adbb984b7_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:2b6c00ee23df974d22c185b592ef4d7babbb76bcadc129a04c869f9983630103_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:e7c4da685e08c79d5b49e9f12ff5efa7cc7d9e26a03c91ab19f86c99e9f4ac23_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:25077a998c7b6ec7e8122026f2152419a0efe293a00899bb745a66a57f913848_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:5178d3800d74d84a6282a7ddc888eea9b81d62c8a385ad57bb742fa28fb0f575_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:9070f6741e667a4a145ede8dc67d4f7545944ef5fe4937fdcb1a08e9f537e068_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:a7efdef6ef06af0aa97de86ebd0c0ccfc316719195289dfa835261da53b06589_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2dd15cd61e1e5d98791a68bb513572b82ce5d799dd3fa864d43a8134536b19ff_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:37938821d832d7b957aa6f9b4a468c0eed785625c2bb8257726b4dc094bab9bd_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:e94a31493c7207846ab5d13387311e9a6d99ffa7885d1b8faa8602750059c2a3_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:eb0500f30373c5bcf3e10e27b081f97e5ce8b29a71dde9ff9b7e1066fd5dd80e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:22c745e5d04f7a0d9b188bf6657b1de053c61d99d813f11f6819550ef2a96732_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:49495dd44b7956a5e1bed226a896be649a07cd1b1f915de31d39041a77f6cdb5_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:741b836350d9ec48109468382c81066f401ebb4712ca414d44e3042894111419_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:9cf7f5bdebf6b53fce9cfed4fe530c380f36bb1d60120b53c06043371863d4e6_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:3dd54b885e3d63e5882284bf4878aa723c1fef6833601ed5d5a091b6b74c68d1_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:83f773633a864b707c7e371bd554f79622b999a1ecef4b1cd368e0dd72b7a9ad_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:4a356900b1daca75092b8eac5c1d16f38703941caebba5ddec48120e854bd7e9_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:a26699523e44b43a0f237ee664b3574cbea8d11576bd4bc884c3766c0effb8df_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:1a85e42e32534b58410c519b4d8f7d84fe6ff96567612f18f4bd558fa3c895a6_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef72689e332c4e224a80603ffbcc1603cdf8fe4230b9fd60e7713f0b5c2d5045_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:1c15c95b65bfbcc620d4d429431eabca8f4714d32a38aa68cb15c549e1a6ce4c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:659acd52802b6f2300c223bcde827f1d9b80ac9a93fdb6f574fcb5a08b92607c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:6f44d3b3973c34677d347a67841dbfabd23817de1b5c26967f1b9952c27b48c8_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:b84eb1329e837895ca50d3284553e195918fefc71bdb9dc2550a90b2d927b6eb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:84739168d6ea2813c5b9666773166649a6b328a279dac80b61c51311a6a2943a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-operator-bundle@sha256:74968eea50e067a335e830cfde6d8bf3cd130a9eba77ce918e25e252b7c1541e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:53a8389250e59e7c9f5a9a61914cac361946b256132649bd45f775c8f36b486a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:890b0e4467cdfd68985af367a6d015ff7e92a2b6a1f46e2c2bf233c3d621f1a8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:9f667eb88f5b085ec40b8b06e5f42cf6a0ced0913d7d2b0402cd0472eb4b428c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:eedab7e6fd4adb2bd697e8cbcbd6703291d9fe5d2a3a048e8c34d9529586c93a_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:12ac94419811458fb309d417091e279d485c4a665899d3a7d3157b8b32c1b03d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:4318d360c3a968ee79ef68979105ee5ffb93137757a3b4a6c42c15e6cf6b11ba_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:ba6188d3d284f030f90e117c87501a8d08c4b356383429ad39806472113aa41b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:05c7ffbd4dfa1f6ef760ed86f142d84d4c42583fa0b747eedc234763bef74ebb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:883f4ae255413c1409d3fb607f91fdf13badf534c5e8f78d9905c8da69cdeeed_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:b7f375f2f1f4eb828ee8255143143385c4662aab967c007a89954903c8a7c27f_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:d29d106e6c0f6a3ae971903a16cf4a564950bcf5336219eb6665cae98b824d33_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:5a2db37676e0f0b05fe2a8c5f82bb489ff3c8dd80f94b9fb3540488ab39ff6ca_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:bab28cfa3596192875dbf305a4ed7432db0ebebec604053d30895931818740cd_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects"
},
{
"cve": "CVE-2025-66034",
"cwe": {
"id": "CWE-91",
"name": "XML Injection (aka Blind XPath Injection)"
},
"discovery_date": "2025-11-29T02:01:04.281026+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:2c98b3b933276dbcead1fde142bfcd3f130d89e6812c6b433da7eed650ae2dbc_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:53c79641084ebe6c98274b31e34cc1a759b1443b96cf7dc45317008a30b1fc8d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4333242b1f6f25f8656bd612870d02868f3724d80cf542c8d78ada49a8ad9cb2_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4519eccf48b1f2393bab39980fadde7e398cfff1933b78e9565029f95296ff05_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:a15b54532e9e06d91abce8fd7becf2aa3bfbce56f231036e25e9ffed15760f74_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:ce1e29736422aa55f1a3837fc38a365fbc1096d58b6794cca84ff907da273917_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:42f631d436d62d7399ca3ef8fd89a334c7839823c8e6ffafe2cdd32ee36493bb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:56615395c62e26f3ef9bd267c0d5245331b8c67508df4bd8bbc83d72c4ef3b99_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:84a87320bee17439c05d2c6a1edf3b7e83b2f7ebfdd850399d12635e58da4d55_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:04a821296c01da5155ab36d9381b962866c26e9c7516f321ffe440b7fa13b4c5_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:33aaad4cc22d1e2998e4710cc644f4032bec8f140e5236fdc83d520a869626ef_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:d2cb739f949dc4ec9617bb9470a8482a8011077043e06e735ab0c9d7d1cac381_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:12d3d74ffbd7eb3a4817952835ab9bf5b89edf4fc9af661a28ec009f3251a519_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:1fb43684436f6b55152aab553177df048d5bb267c5efbc61f0f27cdbb0848957_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:c51fe06b557fa20d78af7b12cf6c6ddc3227f44f3957a52f3037c25700cfadb2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:1e1d5fad0aecf93b79b21112360aa0c308654c5b5df829cd3144488f8e217af4_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:72f613c382aac012e2e79e800df50c210f41693cc2aaa5b99cb28ab38f1966c8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7f027d05df255e62828ab28d5f188655fc125bc4ead872c7a33cedaf47b12f8c_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:cf586b7cb58dff92e7f31b8b9ebe5c971e55c67b8ba2c3320d2b71183c88fc7c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:2df297674884e6ac297bae685f80741489ddf1e1d0ae1d5ec354917dff1acdda_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:7af31fef4a2269c2cf444420048ea644c9949714e9a63417fe6d7288abee457b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:3ca10a19a0706af65bb590403adad92114810bf0ac64a89d6ac1d862e4cec671_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:56a321957afd15d357c8b53fc50299c0811981e8b925e64858dc7c4cfcea1993_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:633bfd24f1396c150b5902407879e7b26e7681074772fbbfeccc4d48cbe77b19_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:ff09ee957797fa15208f9130e246ae006c385cc799573a71d31aff9ddf0e805d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:1d258fe98c2477e4256a9b936f412f2501fb7ca9e3b810347f9712e0d5ce5c92_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:e8ccea3bfafbde4d5b91cc7b7732b2b64d6aa08499b5ca63b4d8f1e980291351_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:5bd1065dca1978c49c0143e2be4e921465c6a67fa786ab2a9254f0790259096e_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:8b34aaf5a7729ef1ccd01f2b1b1e3439b304343f3403de67f68255015206fbf4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:ade80e2ecb6fa56c20539e11677c29e57a1e20b5ce60f8414fd8ff3e83c9bc28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:3439c67a60c8323eb88f0181e8f811e5bdd7b51169f8b8cc687ab2148d1bfabe_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:820fd80dbce2d9d9cdf38989ce84ee5601e862786a732ad108fc319e28131944_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:d9a6959a71074ffc5ec0fa324af389fbd8277efbd22a827cef8a439b18cd2bcf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:8e9dbdc213745aa0990f47e50b1d899ac2121951b9346420131d76cc393a493a_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:95ca9b1ecee8f11d6edabd7af76f60d2987df91d11fd0fb4c6578df735717422_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:f01860f904557f887d8aafe42143c63352d6cb496dc727c265f14e3c2d296e06_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:1c76d957c8588ea2987d4b551bbefc2ef07c546cbaeb3148caff06f640b35ade_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:68e9797f37f8e4de817ee4e1cba7d583b541db2373c5d250ccc3344820720b85_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:7f362050312693129d3a15b6eed4fa06576d6529a99bc864f273c55145ae14ec_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:114fd9b55f5ea28a16c3fe2eef773a4cb4693c1885ef6193399cfea278191acb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:6490c1848b373efe6c327f8959e06b66b1ac3fe0f90fa697f7309d9f48c66765_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:816d8f81196bb0acfe5bbc792f9768916724bdecea3671172412eeb6948c4ff7_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:1e66abc3373c50b5ef69b0c63bf877a978e3aa0a368630973cf0a2be7374becf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:9c061b939c8094f4939cd183da381ad8e49d878cc2fdd373b8d26eecae07ab6d_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f0511f3768e51b6801b66c91b302010e6197facb71a0b7777c4d3ad3039b6c88_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:3e70ae3e8b5f776ad3e2a184a1f2f572de5c46386f34edb99e2b9d1d9249ae41_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:5924a7e64d6031aa926f9ecb9ee3be30d8251c4705813a9bef6716d18b7411b4_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:f441a07265d87fb59ee375723e98fbc9af5f3fd5a2c09761692b0e271205f0bb_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:af7bbec8e30b0e0d8393fe1e2bd656d7630b7c9828536be6664fa848fac61505_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:cf4e879101bc4e3666649dda0926de8bbd95e641dc6832c29dc457128256eb6c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:331f8435e1bd3dec98947a24346873d09056e37e2d7ed83a463098dbf9f31a47_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:5e83e352d083892699338da3fa4c9b8218561e7167b4dff102d22e401cbc7f75_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:86ca44b014be65651b83a49a38c0784dee640b491b935e3ed5f3d49d84d55362_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f9ee33c1c4d7f2a872861c9ad1dbb78ba8fed3ab562ae90f12f06a892147e367_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:0ea603487b204f43ebddb1514500cdeaa02a0b763a627e4e10979deec60b7d28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:29ff94de29714044377d060db9ad47f151afec858c8fc127c94ff04adbb984b7_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:2b6c00ee23df974d22c185b592ef4d7babbb76bcadc129a04c869f9983630103_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:e7c4da685e08c79d5b49e9f12ff5efa7cc7d9e26a03c91ab19f86c99e9f4ac23_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:25077a998c7b6ec7e8122026f2152419a0efe293a00899bb745a66a57f913848_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:5178d3800d74d84a6282a7ddc888eea9b81d62c8a385ad57bb742fa28fb0f575_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:9070f6741e667a4a145ede8dc67d4f7545944ef5fe4937fdcb1a08e9f537e068_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:a7efdef6ef06af0aa97de86ebd0c0ccfc316719195289dfa835261da53b06589_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2dd15cd61e1e5d98791a68bb513572b82ce5d799dd3fa864d43a8134536b19ff_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:37938821d832d7b957aa6f9b4a468c0eed785625c2bb8257726b4dc094bab9bd_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:e94a31493c7207846ab5d13387311e9a6d99ffa7885d1b8faa8602750059c2a3_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:eb0500f30373c5bcf3e10e27b081f97e5ce8b29a71dde9ff9b7e1066fd5dd80e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:22c745e5d04f7a0d9b188bf6657b1de053c61d99d813f11f6819550ef2a96732_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:49495dd44b7956a5e1bed226a896be649a07cd1b1f915de31d39041a77f6cdb5_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:741b836350d9ec48109468382c81066f401ebb4712ca414d44e3042894111419_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:9cf7f5bdebf6b53fce9cfed4fe530c380f36bb1d60120b53c06043371863d4e6_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:3dd54b885e3d63e5882284bf4878aa723c1fef6833601ed5d5a091b6b74c68d1_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:83f773633a864b707c7e371bd554f79622b999a1ecef4b1cd368e0dd72b7a9ad_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:4a356900b1daca75092b8eac5c1d16f38703941caebba5ddec48120e854bd7e9_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:a26699523e44b43a0f237ee664b3574cbea8d11576bd4bc884c3766c0effb8df_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:1a85e42e32534b58410c519b4d8f7d84fe6ff96567612f18f4bd558fa3c895a6_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef72689e332c4e224a80603ffbcc1603cdf8fe4230b9fd60e7713f0b5c2d5045_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:1c15c95b65bfbcc620d4d429431eabca8f4714d32a38aa68cb15c549e1a6ce4c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:659acd52802b6f2300c223bcde827f1d9b80ac9a93fdb6f574fcb5a08b92607c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:6f44d3b3973c34677d347a67841dbfabd23817de1b5c26967f1b9952c27b48c8_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:b84eb1329e837895ca50d3284553e195918fefc71bdb9dc2550a90b2d927b6eb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-operator-bundle@sha256:74968eea50e067a335e830cfde6d8bf3cd130a9eba77ce918e25e252b7c1541e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:53a8389250e59e7c9f5a9a61914cac361946b256132649bd45f775c8f36b486a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:890b0e4467cdfd68985af367a6d015ff7e92a2b6a1f46e2c2bf233c3d621f1a8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:9f667eb88f5b085ec40b8b06e5f42cf6a0ced0913d7d2b0402cd0472eb4b428c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:eedab7e6fd4adb2bd697e8cbcbd6703291d9fe5d2a3a048e8c34d9529586c93a_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:12ac94419811458fb309d417091e279d485c4a665899d3a7d3157b8b32c1b03d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:4318d360c3a968ee79ef68979105ee5ffb93137757a3b4a6c42c15e6cf6b11ba_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:ba6188d3d284f030f90e117c87501a8d08c4b356383429ad39806472113aa41b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:05c7ffbd4dfa1f6ef760ed86f142d84d4c42583fa0b747eedc234763bef74ebb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:883f4ae255413c1409d3fb607f91fdf13badf534c5e8f78d9905c8da69cdeeed_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:b7f375f2f1f4eb828ee8255143143385c4662aab967c007a89954903c8a7c27f_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:d29d106e6c0f6a3ae971903a16cf4a564950bcf5336219eb6665cae98b824d33_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:5a2db37676e0f0b05fe2a8c5f82bb489ff3c8dd80f94b9fb3540488ab39ff6ca_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:bab28cfa3596192875dbf305a4ed7432db0ebebec604053d30895931818740cd_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2417780"
}
],
"notes": [
{
"category": "description",
"text": "This vulnerability in fontTools varLib allows a crafted .designspace file to trigger arbitrary file writes and XML-based content injection during variable-font generation. Because filenames are not sanitized, an attacker can use path traversal to overwrite files anywhere on the filesystem, and malicious payloads embedded in XML labelname elements can be injected directly into the generated output. When these overwritten files reside in executable or web-served locations, this can enable local remote-code execution or corruption of application or configuration files. The issue affects the varLib CLI and any code that invokes fontTools.varLib.main().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "fonttools: fontTools: Arbitrary file write leading to remote code execution via malicious .designspace file",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is rated Moderate rather than Important because the exploitability hinges on several limiting technical factors despite the high integrity impact. The arbitrary file-write and XML-injection pathways are only reachable when a user or automated workflow locally processes a malicious .designspace file, giving the flaw a local attack vector (AV:L) and requiring explicit user interaction (UI:R)\u2014meaning an attacker cannot trigger it remotely over the network. The attack also involves high complexity (AC:H), as it depends on crafted designspace structures, controlled font sources, and specific invocation of fonttools varLib or code that directly calls varLib.main(). Additionally, the vulnerability does not expose confidentiality, and availability effects are limited to potential file corruption. These constraints significantly narrow real-world exposure, keeping the risk profile in the Moderate range despite the possibility of high local integrity impact when exploited.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:84739168d6ea2813c5b9666773166649a6b328a279dac80b61c51311a6a2943a_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:2c98b3b933276dbcead1fde142bfcd3f130d89e6812c6b433da7eed650ae2dbc_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:53c79641084ebe6c98274b31e34cc1a759b1443b96cf7dc45317008a30b1fc8d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4333242b1f6f25f8656bd612870d02868f3724d80cf542c8d78ada49a8ad9cb2_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4519eccf48b1f2393bab39980fadde7e398cfff1933b78e9565029f95296ff05_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:a15b54532e9e06d91abce8fd7becf2aa3bfbce56f231036e25e9ffed15760f74_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:ce1e29736422aa55f1a3837fc38a365fbc1096d58b6794cca84ff907da273917_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:42f631d436d62d7399ca3ef8fd89a334c7839823c8e6ffafe2cdd32ee36493bb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:56615395c62e26f3ef9bd267c0d5245331b8c67508df4bd8bbc83d72c4ef3b99_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:84a87320bee17439c05d2c6a1edf3b7e83b2f7ebfdd850399d12635e58da4d55_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:04a821296c01da5155ab36d9381b962866c26e9c7516f321ffe440b7fa13b4c5_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:33aaad4cc22d1e2998e4710cc644f4032bec8f140e5236fdc83d520a869626ef_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:d2cb739f949dc4ec9617bb9470a8482a8011077043e06e735ab0c9d7d1cac381_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:12d3d74ffbd7eb3a4817952835ab9bf5b89edf4fc9af661a28ec009f3251a519_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:1fb43684436f6b55152aab553177df048d5bb267c5efbc61f0f27cdbb0848957_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:c51fe06b557fa20d78af7b12cf6c6ddc3227f44f3957a52f3037c25700cfadb2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:1e1d5fad0aecf93b79b21112360aa0c308654c5b5df829cd3144488f8e217af4_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:72f613c382aac012e2e79e800df50c210f41693cc2aaa5b99cb28ab38f1966c8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7f027d05df255e62828ab28d5f188655fc125bc4ead872c7a33cedaf47b12f8c_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:cf586b7cb58dff92e7f31b8b9ebe5c971e55c67b8ba2c3320d2b71183c88fc7c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:2df297674884e6ac297bae685f80741489ddf1e1d0ae1d5ec354917dff1acdda_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:7af31fef4a2269c2cf444420048ea644c9949714e9a63417fe6d7288abee457b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:3ca10a19a0706af65bb590403adad92114810bf0ac64a89d6ac1d862e4cec671_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:56a321957afd15d357c8b53fc50299c0811981e8b925e64858dc7c4cfcea1993_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:633bfd24f1396c150b5902407879e7b26e7681074772fbbfeccc4d48cbe77b19_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:ff09ee957797fa15208f9130e246ae006c385cc799573a71d31aff9ddf0e805d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:1d258fe98c2477e4256a9b936f412f2501fb7ca9e3b810347f9712e0d5ce5c92_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:e8ccea3bfafbde4d5b91cc7b7732b2b64d6aa08499b5ca63b4d8f1e980291351_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:5bd1065dca1978c49c0143e2be4e921465c6a67fa786ab2a9254f0790259096e_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:8b34aaf5a7729ef1ccd01f2b1b1e3439b304343f3403de67f68255015206fbf4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:ade80e2ecb6fa56c20539e11677c29e57a1e20b5ce60f8414fd8ff3e83c9bc28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:3439c67a60c8323eb88f0181e8f811e5bdd7b51169f8b8cc687ab2148d1bfabe_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:820fd80dbce2d9d9cdf38989ce84ee5601e862786a732ad108fc319e28131944_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:d9a6959a71074ffc5ec0fa324af389fbd8277efbd22a827cef8a439b18cd2bcf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:8e9dbdc213745aa0990f47e50b1d899ac2121951b9346420131d76cc393a493a_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:95ca9b1ecee8f11d6edabd7af76f60d2987df91d11fd0fb4c6578df735717422_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:f01860f904557f887d8aafe42143c63352d6cb496dc727c265f14e3c2d296e06_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:1c76d957c8588ea2987d4b551bbefc2ef07c546cbaeb3148caff06f640b35ade_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:68e9797f37f8e4de817ee4e1cba7d583b541db2373c5d250ccc3344820720b85_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:7f362050312693129d3a15b6eed4fa06576d6529a99bc864f273c55145ae14ec_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:114fd9b55f5ea28a16c3fe2eef773a4cb4693c1885ef6193399cfea278191acb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:6490c1848b373efe6c327f8959e06b66b1ac3fe0f90fa697f7309d9f48c66765_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:816d8f81196bb0acfe5bbc792f9768916724bdecea3671172412eeb6948c4ff7_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:1e66abc3373c50b5ef69b0c63bf877a978e3aa0a368630973cf0a2be7374becf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:9c061b939c8094f4939cd183da381ad8e49d878cc2fdd373b8d26eecae07ab6d_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f0511f3768e51b6801b66c91b302010e6197facb71a0b7777c4d3ad3039b6c88_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:3e70ae3e8b5f776ad3e2a184a1f2f572de5c46386f34edb99e2b9d1d9249ae41_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:5924a7e64d6031aa926f9ecb9ee3be30d8251c4705813a9bef6716d18b7411b4_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:f441a07265d87fb59ee375723e98fbc9af5f3fd5a2c09761692b0e271205f0bb_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:af7bbec8e30b0e0d8393fe1e2bd656d7630b7c9828536be6664fa848fac61505_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:cf4e879101bc4e3666649dda0926de8bbd95e641dc6832c29dc457128256eb6c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:331f8435e1bd3dec98947a24346873d09056e37e2d7ed83a463098dbf9f31a47_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:5e83e352d083892699338da3fa4c9b8218561e7167b4dff102d22e401cbc7f75_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:86ca44b014be65651b83a49a38c0784dee640b491b935e3ed5f3d49d84d55362_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f9ee33c1c4d7f2a872861c9ad1dbb78ba8fed3ab562ae90f12f06a892147e367_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:0ea603487b204f43ebddb1514500cdeaa02a0b763a627e4e10979deec60b7d28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:29ff94de29714044377d060db9ad47f151afec858c8fc127c94ff04adbb984b7_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:2b6c00ee23df974d22c185b592ef4d7babbb76bcadc129a04c869f9983630103_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:e7c4da685e08c79d5b49e9f12ff5efa7cc7d9e26a03c91ab19f86c99e9f4ac23_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:25077a998c7b6ec7e8122026f2152419a0efe293a00899bb745a66a57f913848_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:5178d3800d74d84a6282a7ddc888eea9b81d62c8a385ad57bb742fa28fb0f575_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:9070f6741e667a4a145ede8dc67d4f7545944ef5fe4937fdcb1a08e9f537e068_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:a7efdef6ef06af0aa97de86ebd0c0ccfc316719195289dfa835261da53b06589_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2dd15cd61e1e5d98791a68bb513572b82ce5d799dd3fa864d43a8134536b19ff_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:37938821d832d7b957aa6f9b4a468c0eed785625c2bb8257726b4dc094bab9bd_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:e94a31493c7207846ab5d13387311e9a6d99ffa7885d1b8faa8602750059c2a3_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:eb0500f30373c5bcf3e10e27b081f97e5ce8b29a71dde9ff9b7e1066fd5dd80e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:22c745e5d04f7a0d9b188bf6657b1de053c61d99d813f11f6819550ef2a96732_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:49495dd44b7956a5e1bed226a896be649a07cd1b1f915de31d39041a77f6cdb5_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:741b836350d9ec48109468382c81066f401ebb4712ca414d44e3042894111419_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:9cf7f5bdebf6b53fce9cfed4fe530c380f36bb1d60120b53c06043371863d4e6_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:3dd54b885e3d63e5882284bf4878aa723c1fef6833601ed5d5a091b6b74c68d1_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:83f773633a864b707c7e371bd554f79622b999a1ecef4b1cd368e0dd72b7a9ad_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:4a356900b1daca75092b8eac5c1d16f38703941caebba5ddec48120e854bd7e9_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:a26699523e44b43a0f237ee664b3574cbea8d11576bd4bc884c3766c0effb8df_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:1a85e42e32534b58410c519b4d8f7d84fe6ff96567612f18f4bd558fa3c895a6_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef72689e332c4e224a80603ffbcc1603cdf8fe4230b9fd60e7713f0b5c2d5045_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:1c15c95b65bfbcc620d4d429431eabca8f4714d32a38aa68cb15c549e1a6ce4c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:659acd52802b6f2300c223bcde827f1d9b80ac9a93fdb6f574fcb5a08b92607c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:6f44d3b3973c34677d347a67841dbfabd23817de1b5c26967f1b9952c27b48c8_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:b84eb1329e837895ca50d3284553e195918fefc71bdb9dc2550a90b2d927b6eb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-operator-bundle@sha256:74968eea50e067a335e830cfde6d8bf3cd130a9eba77ce918e25e252b7c1541e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:53a8389250e59e7c9f5a9a61914cac361946b256132649bd45f775c8f36b486a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:890b0e4467cdfd68985af367a6d015ff7e92a2b6a1f46e2c2bf233c3d621f1a8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:9f667eb88f5b085ec40b8b06e5f42cf6a0ced0913d7d2b0402cd0472eb4b428c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:eedab7e6fd4adb2bd697e8cbcbd6703291d9fe5d2a3a048e8c34d9529586c93a_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:12ac94419811458fb309d417091e279d485c4a665899d3a7d3157b8b32c1b03d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:4318d360c3a968ee79ef68979105ee5ffb93137757a3b4a6c42c15e6cf6b11ba_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:ba6188d3d284f030f90e117c87501a8d08c4b356383429ad39806472113aa41b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:05c7ffbd4dfa1f6ef760ed86f142d84d4c42583fa0b747eedc234763bef74ebb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:883f4ae255413c1409d3fb607f91fdf13badf534c5e8f78d9905c8da69cdeeed_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:b7f375f2f1f4eb828ee8255143143385c4662aab967c007a89954903c8a7c27f_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:d29d106e6c0f6a3ae971903a16cf4a564950bcf5336219eb6665cae98b824d33_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:5a2db37676e0f0b05fe2a8c5f82bb489ff3c8dd80f94b9fb3540488ab39ff6ca_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:bab28cfa3596192875dbf305a4ed7432db0ebebec604053d30895931818740cd_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66034"
},
{
"category": "external",
"summary": "RHBZ#2417780",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417780"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66034",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66034"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66034",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66034"
},
{
"category": "external",
"summary": "https://github.com/fonttools/fonttools/commit/a696d5ba93270d5954f98e7cab5ddca8a02c1e32",
"url": "https://github.com/fonttools/fonttools/commit/a696d5ba93270d5954f98e7cab5ddca8a02c1e32"
},
{
"category": "external",
"summary": "https://github.com/fonttools/fonttools/security/advisories/GHSA-768j-98cg-p3fv",
"url": "https://github.com/fonttools/fonttools/security/advisories/GHSA-768j-98cg-p3fv"
}
],
"release_date": "2025-11-29T01:07:12.193000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-12T22:43:13+00:00",
"details": "For Red Hat OpenShift AI 2.25.2 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:84739168d6ea2813c5b9666773166649a6b328a279dac80b61c51311a6a2943a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2695"
},
{
"category": "workaround",
"details": "To mitigate this issue, avoid processing untrusted .designspace files with the fontTools varLib script or any application that invokes fontTools.varLib.main(). Restrict the execution environment of processes handling .designspace files to minimize potential impact from arbitrary file writes. If the fonttools package is not required, consider removing it.",
"product_ids": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:2c98b3b933276dbcead1fde142bfcd3f130d89e6812c6b433da7eed650ae2dbc_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:53c79641084ebe6c98274b31e34cc1a759b1443b96cf7dc45317008a30b1fc8d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4333242b1f6f25f8656bd612870d02868f3724d80cf542c8d78ada49a8ad9cb2_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4519eccf48b1f2393bab39980fadde7e398cfff1933b78e9565029f95296ff05_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:a15b54532e9e06d91abce8fd7becf2aa3bfbce56f231036e25e9ffed15760f74_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:ce1e29736422aa55f1a3837fc38a365fbc1096d58b6794cca84ff907da273917_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:42f631d436d62d7399ca3ef8fd89a334c7839823c8e6ffafe2cdd32ee36493bb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:56615395c62e26f3ef9bd267c0d5245331b8c67508df4bd8bbc83d72c4ef3b99_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:84a87320bee17439c05d2c6a1edf3b7e83b2f7ebfdd850399d12635e58da4d55_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:04a821296c01da5155ab36d9381b962866c26e9c7516f321ffe440b7fa13b4c5_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:33aaad4cc22d1e2998e4710cc644f4032bec8f140e5236fdc83d520a869626ef_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:d2cb739f949dc4ec9617bb9470a8482a8011077043e06e735ab0c9d7d1cac381_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:12d3d74ffbd7eb3a4817952835ab9bf5b89edf4fc9af661a28ec009f3251a519_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:1fb43684436f6b55152aab553177df048d5bb267c5efbc61f0f27cdbb0848957_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:c51fe06b557fa20d78af7b12cf6c6ddc3227f44f3957a52f3037c25700cfadb2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:1e1d5fad0aecf93b79b21112360aa0c308654c5b5df829cd3144488f8e217af4_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:72f613c382aac012e2e79e800df50c210f41693cc2aaa5b99cb28ab38f1966c8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7f027d05df255e62828ab28d5f188655fc125bc4ead872c7a33cedaf47b12f8c_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:cf586b7cb58dff92e7f31b8b9ebe5c971e55c67b8ba2c3320d2b71183c88fc7c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:2df297674884e6ac297bae685f80741489ddf1e1d0ae1d5ec354917dff1acdda_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:7af31fef4a2269c2cf444420048ea644c9949714e9a63417fe6d7288abee457b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:3ca10a19a0706af65bb590403adad92114810bf0ac64a89d6ac1d862e4cec671_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:56a321957afd15d357c8b53fc50299c0811981e8b925e64858dc7c4cfcea1993_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:633bfd24f1396c150b5902407879e7b26e7681074772fbbfeccc4d48cbe77b19_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:ff09ee957797fa15208f9130e246ae006c385cc799573a71d31aff9ddf0e805d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:1d258fe98c2477e4256a9b936f412f2501fb7ca9e3b810347f9712e0d5ce5c92_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:e8ccea3bfafbde4d5b91cc7b7732b2b64d6aa08499b5ca63b4d8f1e980291351_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:5bd1065dca1978c49c0143e2be4e921465c6a67fa786ab2a9254f0790259096e_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:8b34aaf5a7729ef1ccd01f2b1b1e3439b304343f3403de67f68255015206fbf4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:ade80e2ecb6fa56c20539e11677c29e57a1e20b5ce60f8414fd8ff3e83c9bc28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:3439c67a60c8323eb88f0181e8f811e5bdd7b51169f8b8cc687ab2148d1bfabe_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:820fd80dbce2d9d9cdf38989ce84ee5601e862786a732ad108fc319e28131944_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:d9a6959a71074ffc5ec0fa324af389fbd8277efbd22a827cef8a439b18cd2bcf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:8e9dbdc213745aa0990f47e50b1d899ac2121951b9346420131d76cc393a493a_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:95ca9b1ecee8f11d6edabd7af76f60d2987df91d11fd0fb4c6578df735717422_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:f01860f904557f887d8aafe42143c63352d6cb496dc727c265f14e3c2d296e06_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:1c76d957c8588ea2987d4b551bbefc2ef07c546cbaeb3148caff06f640b35ade_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:68e9797f37f8e4de817ee4e1cba7d583b541db2373c5d250ccc3344820720b85_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:7f362050312693129d3a15b6eed4fa06576d6529a99bc864f273c55145ae14ec_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:114fd9b55f5ea28a16c3fe2eef773a4cb4693c1885ef6193399cfea278191acb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:6490c1848b373efe6c327f8959e06b66b1ac3fe0f90fa697f7309d9f48c66765_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:816d8f81196bb0acfe5bbc792f9768916724bdecea3671172412eeb6948c4ff7_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:1e66abc3373c50b5ef69b0c63bf877a978e3aa0a368630973cf0a2be7374becf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:9c061b939c8094f4939cd183da381ad8e49d878cc2fdd373b8d26eecae07ab6d_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f0511f3768e51b6801b66c91b302010e6197facb71a0b7777c4d3ad3039b6c88_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:3e70ae3e8b5f776ad3e2a184a1f2f572de5c46386f34edb99e2b9d1d9249ae41_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:5924a7e64d6031aa926f9ecb9ee3be30d8251c4705813a9bef6716d18b7411b4_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:f441a07265d87fb59ee375723e98fbc9af5f3fd5a2c09761692b0e271205f0bb_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:af7bbec8e30b0e0d8393fe1e2bd656d7630b7c9828536be6664fa848fac61505_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:cf4e879101bc4e3666649dda0926de8bbd95e641dc6832c29dc457128256eb6c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:331f8435e1bd3dec98947a24346873d09056e37e2d7ed83a463098dbf9f31a47_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:5e83e352d083892699338da3fa4c9b8218561e7167b4dff102d22e401cbc7f75_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:86ca44b014be65651b83a49a38c0784dee640b491b935e3ed5f3d49d84d55362_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f9ee33c1c4d7f2a872861c9ad1dbb78ba8fed3ab562ae90f12f06a892147e367_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:0ea603487b204f43ebddb1514500cdeaa02a0b763a627e4e10979deec60b7d28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:29ff94de29714044377d060db9ad47f151afec858c8fc127c94ff04adbb984b7_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:2b6c00ee23df974d22c185b592ef4d7babbb76bcadc129a04c869f9983630103_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:e7c4da685e08c79d5b49e9f12ff5efa7cc7d9e26a03c91ab19f86c99e9f4ac23_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:25077a998c7b6ec7e8122026f2152419a0efe293a00899bb745a66a57f913848_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:5178d3800d74d84a6282a7ddc888eea9b81d62c8a385ad57bb742fa28fb0f575_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:9070f6741e667a4a145ede8dc67d4f7545944ef5fe4937fdcb1a08e9f537e068_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:a7efdef6ef06af0aa97de86ebd0c0ccfc316719195289dfa835261da53b06589_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2dd15cd61e1e5d98791a68bb513572b82ce5d799dd3fa864d43a8134536b19ff_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:37938821d832d7b957aa6f9b4a468c0eed785625c2bb8257726b4dc094bab9bd_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:e94a31493c7207846ab5d13387311e9a6d99ffa7885d1b8faa8602750059c2a3_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:eb0500f30373c5bcf3e10e27b081f97e5ce8b29a71dde9ff9b7e1066fd5dd80e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:22c745e5d04f7a0d9b188bf6657b1de053c61d99d813f11f6819550ef2a96732_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:49495dd44b7956a5e1bed226a896be649a07cd1b1f915de31d39041a77f6cdb5_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:741b836350d9ec48109468382c81066f401ebb4712ca414d44e3042894111419_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:9cf7f5bdebf6b53fce9cfed4fe530c380f36bb1d60120b53c06043371863d4e6_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:3dd54b885e3d63e5882284bf4878aa723c1fef6833601ed5d5a091b6b74c68d1_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:83f773633a864b707c7e371bd554f79622b999a1ecef4b1cd368e0dd72b7a9ad_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:4a356900b1daca75092b8eac5c1d16f38703941caebba5ddec48120e854bd7e9_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:a26699523e44b43a0f237ee664b3574cbea8d11576bd4bc884c3766c0effb8df_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:1a85e42e32534b58410c519b4d8f7d84fe6ff96567612f18f4bd558fa3c895a6_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef72689e332c4e224a80603ffbcc1603cdf8fe4230b9fd60e7713f0b5c2d5045_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:1c15c95b65bfbcc620d4d429431eabca8f4714d32a38aa68cb15c549e1a6ce4c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:659acd52802b6f2300c223bcde827f1d9b80ac9a93fdb6f574fcb5a08b92607c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:6f44d3b3973c34677d347a67841dbfabd23817de1b5c26967f1b9952c27b48c8_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:b84eb1329e837895ca50d3284553e195918fefc71bdb9dc2550a90b2d927b6eb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:84739168d6ea2813c5b9666773166649a6b328a279dac80b61c51311a6a2943a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-operator-bundle@sha256:74968eea50e067a335e830cfde6d8bf3cd130a9eba77ce918e25e252b7c1541e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:53a8389250e59e7c9f5a9a61914cac361946b256132649bd45f775c8f36b486a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:890b0e4467cdfd68985af367a6d015ff7e92a2b6a1f46e2c2bf233c3d621f1a8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:9f667eb88f5b085ec40b8b06e5f42cf6a0ced0913d7d2b0402cd0472eb4b428c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:eedab7e6fd4adb2bd697e8cbcbd6703291d9fe5d2a3a048e8c34d9529586c93a_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:12ac94419811458fb309d417091e279d485c4a665899d3a7d3157b8b32c1b03d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:4318d360c3a968ee79ef68979105ee5ffb93137757a3b4a6c42c15e6cf6b11ba_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:ba6188d3d284f030f90e117c87501a8d08c4b356383429ad39806472113aa41b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:05c7ffbd4dfa1f6ef760ed86f142d84d4c42583fa0b747eedc234763bef74ebb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:883f4ae255413c1409d3fb607f91fdf13badf534c5e8f78d9905c8da69cdeeed_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:b7f375f2f1f4eb828ee8255143143385c4662aab967c007a89954903c8a7c27f_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:d29d106e6c0f6a3ae971903a16cf4a564950bcf5336219eb6665cae98b824d33_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:5a2db37676e0f0b05fe2a8c5f82bb489ff3c8dd80f94b9fb3540488ab39ff6ca_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:bab28cfa3596192875dbf305a4ed7432db0ebebec604053d30895931818740cd_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:L",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:2c98b3b933276dbcead1fde142bfcd3f130d89e6812c6b433da7eed650ae2dbc_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:53c79641084ebe6c98274b31e34cc1a759b1443b96cf7dc45317008a30b1fc8d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4333242b1f6f25f8656bd612870d02868f3724d80cf542c8d78ada49a8ad9cb2_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4519eccf48b1f2393bab39980fadde7e398cfff1933b78e9565029f95296ff05_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:a15b54532e9e06d91abce8fd7becf2aa3bfbce56f231036e25e9ffed15760f74_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:ce1e29736422aa55f1a3837fc38a365fbc1096d58b6794cca84ff907da273917_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:42f631d436d62d7399ca3ef8fd89a334c7839823c8e6ffafe2cdd32ee36493bb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:56615395c62e26f3ef9bd267c0d5245331b8c67508df4bd8bbc83d72c4ef3b99_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:84a87320bee17439c05d2c6a1edf3b7e83b2f7ebfdd850399d12635e58da4d55_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:04a821296c01da5155ab36d9381b962866c26e9c7516f321ffe440b7fa13b4c5_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:33aaad4cc22d1e2998e4710cc644f4032bec8f140e5236fdc83d520a869626ef_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:d2cb739f949dc4ec9617bb9470a8482a8011077043e06e735ab0c9d7d1cac381_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:12d3d74ffbd7eb3a4817952835ab9bf5b89edf4fc9af661a28ec009f3251a519_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:1fb43684436f6b55152aab553177df048d5bb267c5efbc61f0f27cdbb0848957_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:c51fe06b557fa20d78af7b12cf6c6ddc3227f44f3957a52f3037c25700cfadb2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:1e1d5fad0aecf93b79b21112360aa0c308654c5b5df829cd3144488f8e217af4_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:72f613c382aac012e2e79e800df50c210f41693cc2aaa5b99cb28ab38f1966c8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7f027d05df255e62828ab28d5f188655fc125bc4ead872c7a33cedaf47b12f8c_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:cf586b7cb58dff92e7f31b8b9ebe5c971e55c67b8ba2c3320d2b71183c88fc7c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:2df297674884e6ac297bae685f80741489ddf1e1d0ae1d5ec354917dff1acdda_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:7af31fef4a2269c2cf444420048ea644c9949714e9a63417fe6d7288abee457b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:3ca10a19a0706af65bb590403adad92114810bf0ac64a89d6ac1d862e4cec671_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:56a321957afd15d357c8b53fc50299c0811981e8b925e64858dc7c4cfcea1993_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:633bfd24f1396c150b5902407879e7b26e7681074772fbbfeccc4d48cbe77b19_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:ff09ee957797fa15208f9130e246ae006c385cc799573a71d31aff9ddf0e805d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:1d258fe98c2477e4256a9b936f412f2501fb7ca9e3b810347f9712e0d5ce5c92_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:e8ccea3bfafbde4d5b91cc7b7732b2b64d6aa08499b5ca63b4d8f1e980291351_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:5bd1065dca1978c49c0143e2be4e921465c6a67fa786ab2a9254f0790259096e_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:8b34aaf5a7729ef1ccd01f2b1b1e3439b304343f3403de67f68255015206fbf4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:ade80e2ecb6fa56c20539e11677c29e57a1e20b5ce60f8414fd8ff3e83c9bc28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:3439c67a60c8323eb88f0181e8f811e5bdd7b51169f8b8cc687ab2148d1bfabe_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:820fd80dbce2d9d9cdf38989ce84ee5601e862786a732ad108fc319e28131944_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:d9a6959a71074ffc5ec0fa324af389fbd8277efbd22a827cef8a439b18cd2bcf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:8e9dbdc213745aa0990f47e50b1d899ac2121951b9346420131d76cc393a493a_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:95ca9b1ecee8f11d6edabd7af76f60d2987df91d11fd0fb4c6578df735717422_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:f01860f904557f887d8aafe42143c63352d6cb496dc727c265f14e3c2d296e06_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:1c76d957c8588ea2987d4b551bbefc2ef07c546cbaeb3148caff06f640b35ade_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:68e9797f37f8e4de817ee4e1cba7d583b541db2373c5d250ccc3344820720b85_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:7f362050312693129d3a15b6eed4fa06576d6529a99bc864f273c55145ae14ec_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:114fd9b55f5ea28a16c3fe2eef773a4cb4693c1885ef6193399cfea278191acb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:6490c1848b373efe6c327f8959e06b66b1ac3fe0f90fa697f7309d9f48c66765_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:816d8f81196bb0acfe5bbc792f9768916724bdecea3671172412eeb6948c4ff7_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:1e66abc3373c50b5ef69b0c63bf877a978e3aa0a368630973cf0a2be7374becf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:9c061b939c8094f4939cd183da381ad8e49d878cc2fdd373b8d26eecae07ab6d_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f0511f3768e51b6801b66c91b302010e6197facb71a0b7777c4d3ad3039b6c88_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:3e70ae3e8b5f776ad3e2a184a1f2f572de5c46386f34edb99e2b9d1d9249ae41_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:5924a7e64d6031aa926f9ecb9ee3be30d8251c4705813a9bef6716d18b7411b4_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:f441a07265d87fb59ee375723e98fbc9af5f3fd5a2c09761692b0e271205f0bb_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:af7bbec8e30b0e0d8393fe1e2bd656d7630b7c9828536be6664fa848fac61505_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:cf4e879101bc4e3666649dda0926de8bbd95e641dc6832c29dc457128256eb6c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:331f8435e1bd3dec98947a24346873d09056e37e2d7ed83a463098dbf9f31a47_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:5e83e352d083892699338da3fa4c9b8218561e7167b4dff102d22e401cbc7f75_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:86ca44b014be65651b83a49a38c0784dee640b491b935e3ed5f3d49d84d55362_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f9ee33c1c4d7f2a872861c9ad1dbb78ba8fed3ab562ae90f12f06a892147e367_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:0ea603487b204f43ebddb1514500cdeaa02a0b763a627e4e10979deec60b7d28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:29ff94de29714044377d060db9ad47f151afec858c8fc127c94ff04adbb984b7_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:2b6c00ee23df974d22c185b592ef4d7babbb76bcadc129a04c869f9983630103_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:e7c4da685e08c79d5b49e9f12ff5efa7cc7d9e26a03c91ab19f86c99e9f4ac23_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:25077a998c7b6ec7e8122026f2152419a0efe293a00899bb745a66a57f913848_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:5178d3800d74d84a6282a7ddc888eea9b81d62c8a385ad57bb742fa28fb0f575_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:9070f6741e667a4a145ede8dc67d4f7545944ef5fe4937fdcb1a08e9f537e068_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:a7efdef6ef06af0aa97de86ebd0c0ccfc316719195289dfa835261da53b06589_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2dd15cd61e1e5d98791a68bb513572b82ce5d799dd3fa864d43a8134536b19ff_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:37938821d832d7b957aa6f9b4a468c0eed785625c2bb8257726b4dc094bab9bd_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:e94a31493c7207846ab5d13387311e9a6d99ffa7885d1b8faa8602750059c2a3_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:eb0500f30373c5bcf3e10e27b081f97e5ce8b29a71dde9ff9b7e1066fd5dd80e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:22c745e5d04f7a0d9b188bf6657b1de053c61d99d813f11f6819550ef2a96732_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:49495dd44b7956a5e1bed226a896be649a07cd1b1f915de31d39041a77f6cdb5_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:741b836350d9ec48109468382c81066f401ebb4712ca414d44e3042894111419_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:9cf7f5bdebf6b53fce9cfed4fe530c380f36bb1d60120b53c06043371863d4e6_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:3dd54b885e3d63e5882284bf4878aa723c1fef6833601ed5d5a091b6b74c68d1_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:83f773633a864b707c7e371bd554f79622b999a1ecef4b1cd368e0dd72b7a9ad_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:4a356900b1daca75092b8eac5c1d16f38703941caebba5ddec48120e854bd7e9_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:a26699523e44b43a0f237ee664b3574cbea8d11576bd4bc884c3766c0effb8df_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:1a85e42e32534b58410c519b4d8f7d84fe6ff96567612f18f4bd558fa3c895a6_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef72689e332c4e224a80603ffbcc1603cdf8fe4230b9fd60e7713f0b5c2d5045_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:1c15c95b65bfbcc620d4d429431eabca8f4714d32a38aa68cb15c549e1a6ce4c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:659acd52802b6f2300c223bcde827f1d9b80ac9a93fdb6f574fcb5a08b92607c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:6f44d3b3973c34677d347a67841dbfabd23817de1b5c26967f1b9952c27b48c8_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:b84eb1329e837895ca50d3284553e195918fefc71bdb9dc2550a90b2d927b6eb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:84739168d6ea2813c5b9666773166649a6b328a279dac80b61c51311a6a2943a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-operator-bundle@sha256:74968eea50e067a335e830cfde6d8bf3cd130a9eba77ce918e25e252b7c1541e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:53a8389250e59e7c9f5a9a61914cac361946b256132649bd45f775c8f36b486a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:890b0e4467cdfd68985af367a6d015ff7e92a2b6a1f46e2c2bf233c3d621f1a8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:9f667eb88f5b085ec40b8b06e5f42cf6a0ced0913d7d2b0402cd0472eb4b428c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:eedab7e6fd4adb2bd697e8cbcbd6703291d9fe5d2a3a048e8c34d9529586c93a_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:12ac94419811458fb309d417091e279d485c4a665899d3a7d3157b8b32c1b03d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:4318d360c3a968ee79ef68979105ee5ffb93137757a3b4a6c42c15e6cf6b11ba_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:ba6188d3d284f030f90e117c87501a8d08c4b356383429ad39806472113aa41b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:05c7ffbd4dfa1f6ef760ed86f142d84d4c42583fa0b747eedc234763bef74ebb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:883f4ae255413c1409d3fb607f91fdf13badf534c5e8f78d9905c8da69cdeeed_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:b7f375f2f1f4eb828ee8255143143385c4662aab967c007a89954903c8a7c27f_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:d29d106e6c0f6a3ae971903a16cf4a564950bcf5336219eb6665cae98b824d33_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:5a2db37676e0f0b05fe2a8c5f82bb489ff3c8dd80f94b9fb3540488ab39ff6ca_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:bab28cfa3596192875dbf305a4ed7432db0ebebec604053d30895931818740cd_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "fonttools: fontTools: Arbitrary file write leading to remote code execution via malicious .designspace file"
},
{
"cve": "CVE-2025-66418",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-12-05T17:01:20.277857+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:2c98b3b933276dbcead1fde142bfcd3f130d89e6812c6b433da7eed650ae2dbc_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:53c79641084ebe6c98274b31e34cc1a759b1443b96cf7dc45317008a30b1fc8d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:42f631d436d62d7399ca3ef8fd89a334c7839823c8e6ffafe2cdd32ee36493bb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:56615395c62e26f3ef9bd267c0d5245331b8c67508df4bd8bbc83d72c4ef3b99_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:84a87320bee17439c05d2c6a1edf3b7e83b2f7ebfdd850399d12635e58da4d55_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:04a821296c01da5155ab36d9381b962866c26e9c7516f321ffe440b7fa13b4c5_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:33aaad4cc22d1e2998e4710cc644f4032bec8f140e5236fdc83d520a869626ef_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:d2cb739f949dc4ec9617bb9470a8482a8011077043e06e735ab0c9d7d1cac381_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:12d3d74ffbd7eb3a4817952835ab9bf5b89edf4fc9af661a28ec009f3251a519_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:1fb43684436f6b55152aab553177df048d5bb267c5efbc61f0f27cdbb0848957_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:c51fe06b557fa20d78af7b12cf6c6ddc3227f44f3957a52f3037c25700cfadb2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:1e1d5fad0aecf93b79b21112360aa0c308654c5b5df829cd3144488f8e217af4_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:72f613c382aac012e2e79e800df50c210f41693cc2aaa5b99cb28ab38f1966c8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7f027d05df255e62828ab28d5f188655fc125bc4ead872c7a33cedaf47b12f8c_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:cf586b7cb58dff92e7f31b8b9ebe5c971e55c67b8ba2c3320d2b71183c88fc7c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:2df297674884e6ac297bae685f80741489ddf1e1d0ae1d5ec354917dff1acdda_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:7af31fef4a2269c2cf444420048ea644c9949714e9a63417fe6d7288abee457b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:3ca10a19a0706af65bb590403adad92114810bf0ac64a89d6ac1d862e4cec671_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:56a321957afd15d357c8b53fc50299c0811981e8b925e64858dc7c4cfcea1993_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:633bfd24f1396c150b5902407879e7b26e7681074772fbbfeccc4d48cbe77b19_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:ff09ee957797fa15208f9130e246ae006c385cc799573a71d31aff9ddf0e805d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:1d258fe98c2477e4256a9b936f412f2501fb7ca9e3b810347f9712e0d5ce5c92_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:e8ccea3bfafbde4d5b91cc7b7732b2b64d6aa08499b5ca63b4d8f1e980291351_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:5bd1065dca1978c49c0143e2be4e921465c6a67fa786ab2a9254f0790259096e_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:8b34aaf5a7729ef1ccd01f2b1b1e3439b304343f3403de67f68255015206fbf4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:ade80e2ecb6fa56c20539e11677c29e57a1e20b5ce60f8414fd8ff3e83c9bc28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:3439c67a60c8323eb88f0181e8f811e5bdd7b51169f8b8cc687ab2148d1bfabe_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:820fd80dbce2d9d9cdf38989ce84ee5601e862786a732ad108fc319e28131944_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:d9a6959a71074ffc5ec0fa324af389fbd8277efbd22a827cef8a439b18cd2bcf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:8e9dbdc213745aa0990f47e50b1d899ac2121951b9346420131d76cc393a493a_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:95ca9b1ecee8f11d6edabd7af76f60d2987df91d11fd0fb4c6578df735717422_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:f01860f904557f887d8aafe42143c63352d6cb496dc727c265f14e3c2d296e06_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:1c76d957c8588ea2987d4b551bbefc2ef07c546cbaeb3148caff06f640b35ade_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:68e9797f37f8e4de817ee4e1cba7d583b541db2373c5d250ccc3344820720b85_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:7f362050312693129d3a15b6eed4fa06576d6529a99bc864f273c55145ae14ec_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:1e66abc3373c50b5ef69b0c63bf877a978e3aa0a368630973cf0a2be7374becf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:9c061b939c8094f4939cd183da381ad8e49d878cc2fdd373b8d26eecae07ab6d_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f0511f3768e51b6801b66c91b302010e6197facb71a0b7777c4d3ad3039b6c88_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:3e70ae3e8b5f776ad3e2a184a1f2f572de5c46386f34edb99e2b9d1d9249ae41_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:5924a7e64d6031aa926f9ecb9ee3be30d8251c4705813a9bef6716d18b7411b4_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:f441a07265d87fb59ee375723e98fbc9af5f3fd5a2c09761692b0e271205f0bb_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:af7bbec8e30b0e0d8393fe1e2bd656d7630b7c9828536be6664fa848fac61505_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:cf4e879101bc4e3666649dda0926de8bbd95e641dc6832c29dc457128256eb6c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:331f8435e1bd3dec98947a24346873d09056e37e2d7ed83a463098dbf9f31a47_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:5e83e352d083892699338da3fa4c9b8218561e7167b4dff102d22e401cbc7f75_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:86ca44b014be65651b83a49a38c0784dee640b491b935e3ed5f3d49d84d55362_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f9ee33c1c4d7f2a872861c9ad1dbb78ba8fed3ab562ae90f12f06a892147e367_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:0ea603487b204f43ebddb1514500cdeaa02a0b763a627e4e10979deec60b7d28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:29ff94de29714044377d060db9ad47f151afec858c8fc127c94ff04adbb984b7_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:2b6c00ee23df974d22c185b592ef4d7babbb76bcadc129a04c869f9983630103_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:e7c4da685e08c79d5b49e9f12ff5efa7cc7d9e26a03c91ab19f86c99e9f4ac23_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2dd15cd61e1e5d98791a68bb513572b82ce5d799dd3fa864d43a8134536b19ff_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:37938821d832d7b957aa6f9b4a468c0eed785625c2bb8257726b4dc094bab9bd_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:e94a31493c7207846ab5d13387311e9a6d99ffa7885d1b8faa8602750059c2a3_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:eb0500f30373c5bcf3e10e27b081f97e5ce8b29a71dde9ff9b7e1066fd5dd80e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:3dd54b885e3d63e5882284bf4878aa723c1fef6833601ed5d5a091b6b74c68d1_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:83f773633a864b707c7e371bd554f79622b999a1ecef4b1cd368e0dd72b7a9ad_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:1a85e42e32534b58410c519b4d8f7d84fe6ff96567612f18f4bd558fa3c895a6_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef72689e332c4e224a80603ffbcc1603cdf8fe4230b9fd60e7713f0b5c2d5045_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:1c15c95b65bfbcc620d4d429431eabca8f4714d32a38aa68cb15c549e1a6ce4c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:659acd52802b6f2300c223bcde827f1d9b80ac9a93fdb6f574fcb5a08b92607c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:6f44d3b3973c34677d347a67841dbfabd23817de1b5c26967f1b9952c27b48c8_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:b84eb1329e837895ca50d3284553e195918fefc71bdb9dc2550a90b2d927b6eb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-operator-bundle@sha256:74968eea50e067a335e830cfde6d8bf3cd130a9eba77ce918e25e252b7c1541e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:53a8389250e59e7c9f5a9a61914cac361946b256132649bd45f775c8f36b486a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:890b0e4467cdfd68985af367a6d015ff7e92a2b6a1f46e2c2bf233c3d621f1a8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:9f667eb88f5b085ec40b8b06e5f42cf6a0ced0913d7d2b0402cd0472eb4b428c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:eedab7e6fd4adb2bd697e8cbcbd6703291d9fe5d2a3a048e8c34d9529586c93a_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:12ac94419811458fb309d417091e279d485c4a665899d3a7d3157b8b32c1b03d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:4318d360c3a968ee79ef68979105ee5ffb93137757a3b4a6c42c15e6cf6b11ba_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:ba6188d3d284f030f90e117c87501a8d08c4b356383429ad39806472113aa41b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:05c7ffbd4dfa1f6ef760ed86f142d84d4c42583fa0b747eedc234763bef74ebb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:883f4ae255413c1409d3fb607f91fdf13badf534c5e8f78d9905c8da69cdeeed_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:b7f375f2f1f4eb828ee8255143143385c4662aab967c007a89954903c8a7c27f_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:d29d106e6c0f6a3ae971903a16cf4a564950bcf5336219eb6665cae98b824d33_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:5a2db37676e0f0b05fe2a8c5f82bb489ff3c8dd80f94b9fb3540488ab39ff6ca_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:bab28cfa3596192875dbf305a4ed7432db0ebebec604053d30895931818740cd_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419455"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in urllib3 Python library that could lead to a Denial of Service condition. A remote, malicious server can exploit this flaw by responding to a client request with an HTTP message that uses an excessive number of chained compression algorithms. This unlimited decompression chain causes the client system to consume a virtually unbounded amount of CPU resources and memory. The high resource usage leads to service disruption, making the application unresponsive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4333242b1f6f25f8656bd612870d02868f3724d80cf542c8d78ada49a8ad9cb2_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4519eccf48b1f2393bab39980fadde7e398cfff1933b78e9565029f95296ff05_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:a15b54532e9e06d91abce8fd7becf2aa3bfbce56f231036e25e9ffed15760f74_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:ce1e29736422aa55f1a3837fc38a365fbc1096d58b6794cca84ff907da273917_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:114fd9b55f5ea28a16c3fe2eef773a4cb4693c1885ef6193399cfea278191acb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:6490c1848b373efe6c327f8959e06b66b1ac3fe0f90fa697f7309d9f48c66765_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:816d8f81196bb0acfe5bbc792f9768916724bdecea3671172412eeb6948c4ff7_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:25077a998c7b6ec7e8122026f2152419a0efe293a00899bb745a66a57f913848_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:5178d3800d74d84a6282a7ddc888eea9b81d62c8a385ad57bb742fa28fb0f575_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:9070f6741e667a4a145ede8dc67d4f7545944ef5fe4937fdcb1a08e9f537e068_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:a7efdef6ef06af0aa97de86ebd0c0ccfc316719195289dfa835261da53b06589_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:22c745e5d04f7a0d9b188bf6657b1de053c61d99d813f11f6819550ef2a96732_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:49495dd44b7956a5e1bed226a896be649a07cd1b1f915de31d39041a77f6cdb5_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:741b836350d9ec48109468382c81066f401ebb4712ca414d44e3042894111419_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:9cf7f5bdebf6b53fce9cfed4fe530c380f36bb1d60120b53c06043371863d4e6_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:4a356900b1daca75092b8eac5c1d16f38703941caebba5ddec48120e854bd7e9_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:a26699523e44b43a0f237ee664b3574cbea8d11576bd4bc884c3766c0effb8df_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:84739168d6ea2813c5b9666773166649a6b328a279dac80b61c51311a6a2943a_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:2c98b3b933276dbcead1fde142bfcd3f130d89e6812c6b433da7eed650ae2dbc_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:53c79641084ebe6c98274b31e34cc1a759b1443b96cf7dc45317008a30b1fc8d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:42f631d436d62d7399ca3ef8fd89a334c7839823c8e6ffafe2cdd32ee36493bb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:56615395c62e26f3ef9bd267c0d5245331b8c67508df4bd8bbc83d72c4ef3b99_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:84a87320bee17439c05d2c6a1edf3b7e83b2f7ebfdd850399d12635e58da4d55_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:04a821296c01da5155ab36d9381b962866c26e9c7516f321ffe440b7fa13b4c5_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:33aaad4cc22d1e2998e4710cc644f4032bec8f140e5236fdc83d520a869626ef_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:d2cb739f949dc4ec9617bb9470a8482a8011077043e06e735ab0c9d7d1cac381_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:12d3d74ffbd7eb3a4817952835ab9bf5b89edf4fc9af661a28ec009f3251a519_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:1fb43684436f6b55152aab553177df048d5bb267c5efbc61f0f27cdbb0848957_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:c51fe06b557fa20d78af7b12cf6c6ddc3227f44f3957a52f3037c25700cfadb2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:1e1d5fad0aecf93b79b21112360aa0c308654c5b5df829cd3144488f8e217af4_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:72f613c382aac012e2e79e800df50c210f41693cc2aaa5b99cb28ab38f1966c8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7f027d05df255e62828ab28d5f188655fc125bc4ead872c7a33cedaf47b12f8c_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:cf586b7cb58dff92e7f31b8b9ebe5c971e55c67b8ba2c3320d2b71183c88fc7c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:2df297674884e6ac297bae685f80741489ddf1e1d0ae1d5ec354917dff1acdda_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:7af31fef4a2269c2cf444420048ea644c9949714e9a63417fe6d7288abee457b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:3ca10a19a0706af65bb590403adad92114810bf0ac64a89d6ac1d862e4cec671_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:56a321957afd15d357c8b53fc50299c0811981e8b925e64858dc7c4cfcea1993_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:633bfd24f1396c150b5902407879e7b26e7681074772fbbfeccc4d48cbe77b19_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:ff09ee957797fa15208f9130e246ae006c385cc799573a71d31aff9ddf0e805d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:1d258fe98c2477e4256a9b936f412f2501fb7ca9e3b810347f9712e0d5ce5c92_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:e8ccea3bfafbde4d5b91cc7b7732b2b64d6aa08499b5ca63b4d8f1e980291351_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:5bd1065dca1978c49c0143e2be4e921465c6a67fa786ab2a9254f0790259096e_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:8b34aaf5a7729ef1ccd01f2b1b1e3439b304343f3403de67f68255015206fbf4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:ade80e2ecb6fa56c20539e11677c29e57a1e20b5ce60f8414fd8ff3e83c9bc28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:3439c67a60c8323eb88f0181e8f811e5bdd7b51169f8b8cc687ab2148d1bfabe_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:820fd80dbce2d9d9cdf38989ce84ee5601e862786a732ad108fc319e28131944_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:d9a6959a71074ffc5ec0fa324af389fbd8277efbd22a827cef8a439b18cd2bcf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:8e9dbdc213745aa0990f47e50b1d899ac2121951b9346420131d76cc393a493a_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:95ca9b1ecee8f11d6edabd7af76f60d2987df91d11fd0fb4c6578df735717422_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:f01860f904557f887d8aafe42143c63352d6cb496dc727c265f14e3c2d296e06_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:1c76d957c8588ea2987d4b551bbefc2ef07c546cbaeb3148caff06f640b35ade_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:68e9797f37f8e4de817ee4e1cba7d583b541db2373c5d250ccc3344820720b85_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:7f362050312693129d3a15b6eed4fa06576d6529a99bc864f273c55145ae14ec_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:1e66abc3373c50b5ef69b0c63bf877a978e3aa0a368630973cf0a2be7374becf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:9c061b939c8094f4939cd183da381ad8e49d878cc2fdd373b8d26eecae07ab6d_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f0511f3768e51b6801b66c91b302010e6197facb71a0b7777c4d3ad3039b6c88_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:3e70ae3e8b5f776ad3e2a184a1f2f572de5c46386f34edb99e2b9d1d9249ae41_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:5924a7e64d6031aa926f9ecb9ee3be30d8251c4705813a9bef6716d18b7411b4_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:f441a07265d87fb59ee375723e98fbc9af5f3fd5a2c09761692b0e271205f0bb_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:af7bbec8e30b0e0d8393fe1e2bd656d7630b7c9828536be6664fa848fac61505_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:cf4e879101bc4e3666649dda0926de8bbd95e641dc6832c29dc457128256eb6c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:331f8435e1bd3dec98947a24346873d09056e37e2d7ed83a463098dbf9f31a47_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:5e83e352d083892699338da3fa4c9b8218561e7167b4dff102d22e401cbc7f75_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:86ca44b014be65651b83a49a38c0784dee640b491b935e3ed5f3d49d84d55362_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f9ee33c1c4d7f2a872861c9ad1dbb78ba8fed3ab562ae90f12f06a892147e367_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:0ea603487b204f43ebddb1514500cdeaa02a0b763a627e4e10979deec60b7d28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:29ff94de29714044377d060db9ad47f151afec858c8fc127c94ff04adbb984b7_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:2b6c00ee23df974d22c185b592ef4d7babbb76bcadc129a04c869f9983630103_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:e7c4da685e08c79d5b49e9f12ff5efa7cc7d9e26a03c91ab19f86c99e9f4ac23_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2dd15cd61e1e5d98791a68bb513572b82ce5d799dd3fa864d43a8134536b19ff_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:37938821d832d7b957aa6f9b4a468c0eed785625c2bb8257726b4dc094bab9bd_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:e94a31493c7207846ab5d13387311e9a6d99ffa7885d1b8faa8602750059c2a3_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:eb0500f30373c5bcf3e10e27b081f97e5ce8b29a71dde9ff9b7e1066fd5dd80e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:3dd54b885e3d63e5882284bf4878aa723c1fef6833601ed5d5a091b6b74c68d1_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:83f773633a864b707c7e371bd554f79622b999a1ecef4b1cd368e0dd72b7a9ad_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:1a85e42e32534b58410c519b4d8f7d84fe6ff96567612f18f4bd558fa3c895a6_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef72689e332c4e224a80603ffbcc1603cdf8fe4230b9fd60e7713f0b5c2d5045_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:1c15c95b65bfbcc620d4d429431eabca8f4714d32a38aa68cb15c549e1a6ce4c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:659acd52802b6f2300c223bcde827f1d9b80ac9a93fdb6f574fcb5a08b92607c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:6f44d3b3973c34677d347a67841dbfabd23817de1b5c26967f1b9952c27b48c8_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:b84eb1329e837895ca50d3284553e195918fefc71bdb9dc2550a90b2d927b6eb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-operator-bundle@sha256:74968eea50e067a335e830cfde6d8bf3cd130a9eba77ce918e25e252b7c1541e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:53a8389250e59e7c9f5a9a61914cac361946b256132649bd45f775c8f36b486a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:890b0e4467cdfd68985af367a6d015ff7e92a2b6a1f46e2c2bf233c3d621f1a8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:9f667eb88f5b085ec40b8b06e5f42cf6a0ced0913d7d2b0402cd0472eb4b428c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:eedab7e6fd4adb2bd697e8cbcbd6703291d9fe5d2a3a048e8c34d9529586c93a_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:12ac94419811458fb309d417091e279d485c4a665899d3a7d3157b8b32c1b03d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:4318d360c3a968ee79ef68979105ee5ffb93137757a3b4a6c42c15e6cf6b11ba_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:ba6188d3d284f030f90e117c87501a8d08c4b356383429ad39806472113aa41b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:05c7ffbd4dfa1f6ef760ed86f142d84d4c42583fa0b747eedc234763bef74ebb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:883f4ae255413c1409d3fb607f91fdf13badf534c5e8f78d9905c8da69cdeeed_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:b7f375f2f1f4eb828ee8255143143385c4662aab967c007a89954903c8a7c27f_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:d29d106e6c0f6a3ae971903a16cf4a564950bcf5336219eb6665cae98b824d33_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:5a2db37676e0f0b05fe2a8c5f82bb489ff3c8dd80f94b9fb3540488ab39ff6ca_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:bab28cfa3596192875dbf305a4ed7432db0ebebec604053d30895931818740cd_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66418"
},
{
"category": "external",
"summary": "RHBZ#2419455",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419455"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66418"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66418",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66418"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/24d7b67eac89f94e11003424bcf0d8f7b72222a8",
"url": "https://github.com/urllib3/urllib3/commit/24d7b67eac89f94e11003424bcf0d8f7b72222a8"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53"
}
],
"release_date": "2025-12-05T16:02:15.271000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-12T22:43:13+00:00",
"details": "For Red Hat OpenShift AI 2.25.2 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4333242b1f6f25f8656bd612870d02868f3724d80cf542c8d78ada49a8ad9cb2_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4519eccf48b1f2393bab39980fadde7e398cfff1933b78e9565029f95296ff05_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:a15b54532e9e06d91abce8fd7becf2aa3bfbce56f231036e25e9ffed15760f74_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:ce1e29736422aa55f1a3837fc38a365fbc1096d58b6794cca84ff907da273917_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:114fd9b55f5ea28a16c3fe2eef773a4cb4693c1885ef6193399cfea278191acb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:6490c1848b373efe6c327f8959e06b66b1ac3fe0f90fa697f7309d9f48c66765_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:816d8f81196bb0acfe5bbc792f9768916724bdecea3671172412eeb6948c4ff7_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:25077a998c7b6ec7e8122026f2152419a0efe293a00899bb745a66a57f913848_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:5178d3800d74d84a6282a7ddc888eea9b81d62c8a385ad57bb742fa28fb0f575_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:9070f6741e667a4a145ede8dc67d4f7545944ef5fe4937fdcb1a08e9f537e068_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:a7efdef6ef06af0aa97de86ebd0c0ccfc316719195289dfa835261da53b06589_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:22c745e5d04f7a0d9b188bf6657b1de053c61d99d813f11f6819550ef2a96732_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:49495dd44b7956a5e1bed226a896be649a07cd1b1f915de31d39041a77f6cdb5_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:741b836350d9ec48109468382c81066f401ebb4712ca414d44e3042894111419_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:9cf7f5bdebf6b53fce9cfed4fe530c380f36bb1d60120b53c06043371863d4e6_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:4a356900b1daca75092b8eac5c1d16f38703941caebba5ddec48120e854bd7e9_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:a26699523e44b43a0f237ee664b3574cbea8d11576bd4bc884c3766c0effb8df_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:84739168d6ea2813c5b9666773166649a6b328a279dac80b61c51311a6a2943a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2695"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:2c98b3b933276dbcead1fde142bfcd3f130d89e6812c6b433da7eed650ae2dbc_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:53c79641084ebe6c98274b31e34cc1a759b1443b96cf7dc45317008a30b1fc8d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4333242b1f6f25f8656bd612870d02868f3724d80cf542c8d78ada49a8ad9cb2_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4519eccf48b1f2393bab39980fadde7e398cfff1933b78e9565029f95296ff05_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:a15b54532e9e06d91abce8fd7becf2aa3bfbce56f231036e25e9ffed15760f74_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:ce1e29736422aa55f1a3837fc38a365fbc1096d58b6794cca84ff907da273917_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:42f631d436d62d7399ca3ef8fd89a334c7839823c8e6ffafe2cdd32ee36493bb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:56615395c62e26f3ef9bd267c0d5245331b8c67508df4bd8bbc83d72c4ef3b99_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:84a87320bee17439c05d2c6a1edf3b7e83b2f7ebfdd850399d12635e58da4d55_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:04a821296c01da5155ab36d9381b962866c26e9c7516f321ffe440b7fa13b4c5_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:33aaad4cc22d1e2998e4710cc644f4032bec8f140e5236fdc83d520a869626ef_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:d2cb739f949dc4ec9617bb9470a8482a8011077043e06e735ab0c9d7d1cac381_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:12d3d74ffbd7eb3a4817952835ab9bf5b89edf4fc9af661a28ec009f3251a519_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:1fb43684436f6b55152aab553177df048d5bb267c5efbc61f0f27cdbb0848957_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:c51fe06b557fa20d78af7b12cf6c6ddc3227f44f3957a52f3037c25700cfadb2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:1e1d5fad0aecf93b79b21112360aa0c308654c5b5df829cd3144488f8e217af4_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:72f613c382aac012e2e79e800df50c210f41693cc2aaa5b99cb28ab38f1966c8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7f027d05df255e62828ab28d5f188655fc125bc4ead872c7a33cedaf47b12f8c_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:cf586b7cb58dff92e7f31b8b9ebe5c971e55c67b8ba2c3320d2b71183c88fc7c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:2df297674884e6ac297bae685f80741489ddf1e1d0ae1d5ec354917dff1acdda_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:7af31fef4a2269c2cf444420048ea644c9949714e9a63417fe6d7288abee457b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:3ca10a19a0706af65bb590403adad92114810bf0ac64a89d6ac1d862e4cec671_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:56a321957afd15d357c8b53fc50299c0811981e8b925e64858dc7c4cfcea1993_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:633bfd24f1396c150b5902407879e7b26e7681074772fbbfeccc4d48cbe77b19_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:ff09ee957797fa15208f9130e246ae006c385cc799573a71d31aff9ddf0e805d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:1d258fe98c2477e4256a9b936f412f2501fb7ca9e3b810347f9712e0d5ce5c92_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:e8ccea3bfafbde4d5b91cc7b7732b2b64d6aa08499b5ca63b4d8f1e980291351_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:5bd1065dca1978c49c0143e2be4e921465c6a67fa786ab2a9254f0790259096e_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:8b34aaf5a7729ef1ccd01f2b1b1e3439b304343f3403de67f68255015206fbf4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:ade80e2ecb6fa56c20539e11677c29e57a1e20b5ce60f8414fd8ff3e83c9bc28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:3439c67a60c8323eb88f0181e8f811e5bdd7b51169f8b8cc687ab2148d1bfabe_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:820fd80dbce2d9d9cdf38989ce84ee5601e862786a732ad108fc319e28131944_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:d9a6959a71074ffc5ec0fa324af389fbd8277efbd22a827cef8a439b18cd2bcf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:8e9dbdc213745aa0990f47e50b1d899ac2121951b9346420131d76cc393a493a_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:95ca9b1ecee8f11d6edabd7af76f60d2987df91d11fd0fb4c6578df735717422_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:f01860f904557f887d8aafe42143c63352d6cb496dc727c265f14e3c2d296e06_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:1c76d957c8588ea2987d4b551bbefc2ef07c546cbaeb3148caff06f640b35ade_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:68e9797f37f8e4de817ee4e1cba7d583b541db2373c5d250ccc3344820720b85_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:7f362050312693129d3a15b6eed4fa06576d6529a99bc864f273c55145ae14ec_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:114fd9b55f5ea28a16c3fe2eef773a4cb4693c1885ef6193399cfea278191acb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:6490c1848b373efe6c327f8959e06b66b1ac3fe0f90fa697f7309d9f48c66765_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:816d8f81196bb0acfe5bbc792f9768916724bdecea3671172412eeb6948c4ff7_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:1e66abc3373c50b5ef69b0c63bf877a978e3aa0a368630973cf0a2be7374becf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:9c061b939c8094f4939cd183da381ad8e49d878cc2fdd373b8d26eecae07ab6d_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f0511f3768e51b6801b66c91b302010e6197facb71a0b7777c4d3ad3039b6c88_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:3e70ae3e8b5f776ad3e2a184a1f2f572de5c46386f34edb99e2b9d1d9249ae41_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:5924a7e64d6031aa926f9ecb9ee3be30d8251c4705813a9bef6716d18b7411b4_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:f441a07265d87fb59ee375723e98fbc9af5f3fd5a2c09761692b0e271205f0bb_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:af7bbec8e30b0e0d8393fe1e2bd656d7630b7c9828536be6664fa848fac61505_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:cf4e879101bc4e3666649dda0926de8bbd95e641dc6832c29dc457128256eb6c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:331f8435e1bd3dec98947a24346873d09056e37e2d7ed83a463098dbf9f31a47_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:5e83e352d083892699338da3fa4c9b8218561e7167b4dff102d22e401cbc7f75_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:86ca44b014be65651b83a49a38c0784dee640b491b935e3ed5f3d49d84d55362_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f9ee33c1c4d7f2a872861c9ad1dbb78ba8fed3ab562ae90f12f06a892147e367_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:0ea603487b204f43ebddb1514500cdeaa02a0b763a627e4e10979deec60b7d28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:29ff94de29714044377d060db9ad47f151afec858c8fc127c94ff04adbb984b7_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:2b6c00ee23df974d22c185b592ef4d7babbb76bcadc129a04c869f9983630103_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:e7c4da685e08c79d5b49e9f12ff5efa7cc7d9e26a03c91ab19f86c99e9f4ac23_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:25077a998c7b6ec7e8122026f2152419a0efe293a00899bb745a66a57f913848_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:5178d3800d74d84a6282a7ddc888eea9b81d62c8a385ad57bb742fa28fb0f575_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:9070f6741e667a4a145ede8dc67d4f7545944ef5fe4937fdcb1a08e9f537e068_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:a7efdef6ef06af0aa97de86ebd0c0ccfc316719195289dfa835261da53b06589_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2dd15cd61e1e5d98791a68bb513572b82ce5d799dd3fa864d43a8134536b19ff_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:37938821d832d7b957aa6f9b4a468c0eed785625c2bb8257726b4dc094bab9bd_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:e94a31493c7207846ab5d13387311e9a6d99ffa7885d1b8faa8602750059c2a3_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:eb0500f30373c5bcf3e10e27b081f97e5ce8b29a71dde9ff9b7e1066fd5dd80e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:22c745e5d04f7a0d9b188bf6657b1de053c61d99d813f11f6819550ef2a96732_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:49495dd44b7956a5e1bed226a896be649a07cd1b1f915de31d39041a77f6cdb5_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:741b836350d9ec48109468382c81066f401ebb4712ca414d44e3042894111419_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:9cf7f5bdebf6b53fce9cfed4fe530c380f36bb1d60120b53c06043371863d4e6_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:3dd54b885e3d63e5882284bf4878aa723c1fef6833601ed5d5a091b6b74c68d1_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:83f773633a864b707c7e371bd554f79622b999a1ecef4b1cd368e0dd72b7a9ad_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:4a356900b1daca75092b8eac5c1d16f38703941caebba5ddec48120e854bd7e9_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:a26699523e44b43a0f237ee664b3574cbea8d11576bd4bc884c3766c0effb8df_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:1a85e42e32534b58410c519b4d8f7d84fe6ff96567612f18f4bd558fa3c895a6_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef72689e332c4e224a80603ffbcc1603cdf8fe4230b9fd60e7713f0b5c2d5045_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:1c15c95b65bfbcc620d4d429431eabca8f4714d32a38aa68cb15c549e1a6ce4c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:659acd52802b6f2300c223bcde827f1d9b80ac9a93fdb6f574fcb5a08b92607c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:6f44d3b3973c34677d347a67841dbfabd23817de1b5c26967f1b9952c27b48c8_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:b84eb1329e837895ca50d3284553e195918fefc71bdb9dc2550a90b2d927b6eb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:84739168d6ea2813c5b9666773166649a6b328a279dac80b61c51311a6a2943a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-operator-bundle@sha256:74968eea50e067a335e830cfde6d8bf3cd130a9eba77ce918e25e252b7c1541e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:53a8389250e59e7c9f5a9a61914cac361946b256132649bd45f775c8f36b486a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:890b0e4467cdfd68985af367a6d015ff7e92a2b6a1f46e2c2bf233c3d621f1a8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:9f667eb88f5b085ec40b8b06e5f42cf6a0ced0913d7d2b0402cd0472eb4b428c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:eedab7e6fd4adb2bd697e8cbcbd6703291d9fe5d2a3a048e8c34d9529586c93a_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:12ac94419811458fb309d417091e279d485c4a665899d3a7d3157b8b32c1b03d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:4318d360c3a968ee79ef68979105ee5ffb93137757a3b4a6c42c15e6cf6b11ba_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:ba6188d3d284f030f90e117c87501a8d08c4b356383429ad39806472113aa41b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:05c7ffbd4dfa1f6ef760ed86f142d84d4c42583fa0b747eedc234763bef74ebb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:883f4ae255413c1409d3fb607f91fdf13badf534c5e8f78d9905c8da69cdeeed_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:b7f375f2f1f4eb828ee8255143143385c4662aab967c007a89954903c8a7c27f_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:d29d106e6c0f6a3ae971903a16cf4a564950bcf5336219eb6665cae98b824d33_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:5a2db37676e0f0b05fe2a8c5f82bb489ff3c8dd80f94b9fb3540488ab39ff6ca_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:bab28cfa3596192875dbf305a4ed7432db0ebebec604053d30895931818740cd_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion"
},
{
"cve": "CVE-2025-66471",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2025-12-05T17:02:21.597728+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:2c98b3b933276dbcead1fde142bfcd3f130d89e6812c6b433da7eed650ae2dbc_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:53c79641084ebe6c98274b31e34cc1a759b1443b96cf7dc45317008a30b1fc8d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4333242b1f6f25f8656bd612870d02868f3724d80cf542c8d78ada49a8ad9cb2_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4519eccf48b1f2393bab39980fadde7e398cfff1933b78e9565029f95296ff05_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:a15b54532e9e06d91abce8fd7becf2aa3bfbce56f231036e25e9ffed15760f74_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:ce1e29736422aa55f1a3837fc38a365fbc1096d58b6794cca84ff907da273917_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:42f631d436d62d7399ca3ef8fd89a334c7839823c8e6ffafe2cdd32ee36493bb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:56615395c62e26f3ef9bd267c0d5245331b8c67508df4bd8bbc83d72c4ef3b99_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:84a87320bee17439c05d2c6a1edf3b7e83b2f7ebfdd850399d12635e58da4d55_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:04a821296c01da5155ab36d9381b962866c26e9c7516f321ffe440b7fa13b4c5_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:33aaad4cc22d1e2998e4710cc644f4032bec8f140e5236fdc83d520a869626ef_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:d2cb739f949dc4ec9617bb9470a8482a8011077043e06e735ab0c9d7d1cac381_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:12d3d74ffbd7eb3a4817952835ab9bf5b89edf4fc9af661a28ec009f3251a519_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:1fb43684436f6b55152aab553177df048d5bb267c5efbc61f0f27cdbb0848957_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:c51fe06b557fa20d78af7b12cf6c6ddc3227f44f3957a52f3037c25700cfadb2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:1e1d5fad0aecf93b79b21112360aa0c308654c5b5df829cd3144488f8e217af4_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:72f613c382aac012e2e79e800df50c210f41693cc2aaa5b99cb28ab38f1966c8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7f027d05df255e62828ab28d5f188655fc125bc4ead872c7a33cedaf47b12f8c_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:cf586b7cb58dff92e7f31b8b9ebe5c971e55c67b8ba2c3320d2b71183c88fc7c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:2df297674884e6ac297bae685f80741489ddf1e1d0ae1d5ec354917dff1acdda_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:7af31fef4a2269c2cf444420048ea644c9949714e9a63417fe6d7288abee457b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:3ca10a19a0706af65bb590403adad92114810bf0ac64a89d6ac1d862e4cec671_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:56a321957afd15d357c8b53fc50299c0811981e8b925e64858dc7c4cfcea1993_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:633bfd24f1396c150b5902407879e7b26e7681074772fbbfeccc4d48cbe77b19_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:ff09ee957797fa15208f9130e246ae006c385cc799573a71d31aff9ddf0e805d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:1d258fe98c2477e4256a9b936f412f2501fb7ca9e3b810347f9712e0d5ce5c92_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:e8ccea3bfafbde4d5b91cc7b7732b2b64d6aa08499b5ca63b4d8f1e980291351_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:5bd1065dca1978c49c0143e2be4e921465c6a67fa786ab2a9254f0790259096e_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:8b34aaf5a7729ef1ccd01f2b1b1e3439b304343f3403de67f68255015206fbf4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:ade80e2ecb6fa56c20539e11677c29e57a1e20b5ce60f8414fd8ff3e83c9bc28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:3439c67a60c8323eb88f0181e8f811e5bdd7b51169f8b8cc687ab2148d1bfabe_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:820fd80dbce2d9d9cdf38989ce84ee5601e862786a732ad108fc319e28131944_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:d9a6959a71074ffc5ec0fa324af389fbd8277efbd22a827cef8a439b18cd2bcf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:8e9dbdc213745aa0990f47e50b1d899ac2121951b9346420131d76cc393a493a_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:95ca9b1ecee8f11d6edabd7af76f60d2987df91d11fd0fb4c6578df735717422_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:f01860f904557f887d8aafe42143c63352d6cb496dc727c265f14e3c2d296e06_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:1c76d957c8588ea2987d4b551bbefc2ef07c546cbaeb3148caff06f640b35ade_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:68e9797f37f8e4de817ee4e1cba7d583b541db2373c5d250ccc3344820720b85_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:7f362050312693129d3a15b6eed4fa06576d6529a99bc864f273c55145ae14ec_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:114fd9b55f5ea28a16c3fe2eef773a4cb4693c1885ef6193399cfea278191acb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:6490c1848b373efe6c327f8959e06b66b1ac3fe0f90fa697f7309d9f48c66765_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:816d8f81196bb0acfe5bbc792f9768916724bdecea3671172412eeb6948c4ff7_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:1e66abc3373c50b5ef69b0c63bf877a978e3aa0a368630973cf0a2be7374becf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:9c061b939c8094f4939cd183da381ad8e49d878cc2fdd373b8d26eecae07ab6d_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f0511f3768e51b6801b66c91b302010e6197facb71a0b7777c4d3ad3039b6c88_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:3e70ae3e8b5f776ad3e2a184a1f2f572de5c46386f34edb99e2b9d1d9249ae41_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:5924a7e64d6031aa926f9ecb9ee3be30d8251c4705813a9bef6716d18b7411b4_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:f441a07265d87fb59ee375723e98fbc9af5f3fd5a2c09761692b0e271205f0bb_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:af7bbec8e30b0e0d8393fe1e2bd656d7630b7c9828536be6664fa848fac61505_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:cf4e879101bc4e3666649dda0926de8bbd95e641dc6832c29dc457128256eb6c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:331f8435e1bd3dec98947a24346873d09056e37e2d7ed83a463098dbf9f31a47_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:5e83e352d083892699338da3fa4c9b8218561e7167b4dff102d22e401cbc7f75_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:86ca44b014be65651b83a49a38c0784dee640b491b935e3ed5f3d49d84d55362_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f9ee33c1c4d7f2a872861c9ad1dbb78ba8fed3ab562ae90f12f06a892147e367_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:0ea603487b204f43ebddb1514500cdeaa02a0b763a627e4e10979deec60b7d28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:29ff94de29714044377d060db9ad47f151afec858c8fc127c94ff04adbb984b7_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:2b6c00ee23df974d22c185b592ef4d7babbb76bcadc129a04c869f9983630103_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:e7c4da685e08c79d5b49e9f12ff5efa7cc7d9e26a03c91ab19f86c99e9f4ac23_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:25077a998c7b6ec7e8122026f2152419a0efe293a00899bb745a66a57f913848_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:5178d3800d74d84a6282a7ddc888eea9b81d62c8a385ad57bb742fa28fb0f575_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:9070f6741e667a4a145ede8dc67d4f7545944ef5fe4937fdcb1a08e9f537e068_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:a7efdef6ef06af0aa97de86ebd0c0ccfc316719195289dfa835261da53b06589_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2dd15cd61e1e5d98791a68bb513572b82ce5d799dd3fa864d43a8134536b19ff_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:37938821d832d7b957aa6f9b4a468c0eed785625c2bb8257726b4dc094bab9bd_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:e94a31493c7207846ab5d13387311e9a6d99ffa7885d1b8faa8602750059c2a3_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:eb0500f30373c5bcf3e10e27b081f97e5ce8b29a71dde9ff9b7e1066fd5dd80e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:22c745e5d04f7a0d9b188bf6657b1de053c61d99d813f11f6819550ef2a96732_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:49495dd44b7956a5e1bed226a896be649a07cd1b1f915de31d39041a77f6cdb5_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:741b836350d9ec48109468382c81066f401ebb4712ca414d44e3042894111419_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:9cf7f5bdebf6b53fce9cfed4fe530c380f36bb1d60120b53c06043371863d4e6_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:3dd54b885e3d63e5882284bf4878aa723c1fef6833601ed5d5a091b6b74c68d1_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:83f773633a864b707c7e371bd554f79622b999a1ecef4b1cd368e0dd72b7a9ad_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:1a85e42e32534b58410c519b4d8f7d84fe6ff96567612f18f4bd558fa3c895a6_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef72689e332c4e224a80603ffbcc1603cdf8fe4230b9fd60e7713f0b5c2d5045_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:1c15c95b65bfbcc620d4d429431eabca8f4714d32a38aa68cb15c549e1a6ce4c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:659acd52802b6f2300c223bcde827f1d9b80ac9a93fdb6f574fcb5a08b92607c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:6f44d3b3973c34677d347a67841dbfabd23817de1b5c26967f1b9952c27b48c8_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:b84eb1329e837895ca50d3284553e195918fefc71bdb9dc2550a90b2d927b6eb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:84739168d6ea2813c5b9666773166649a6b328a279dac80b61c51311a6a2943a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-operator-bundle@sha256:74968eea50e067a335e830cfde6d8bf3cd130a9eba77ce918e25e252b7c1541e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:53a8389250e59e7c9f5a9a61914cac361946b256132649bd45f775c8f36b486a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:890b0e4467cdfd68985af367a6d015ff7e92a2b6a1f46e2c2bf233c3d621f1a8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:9f667eb88f5b085ec40b8b06e5f42cf6a0ced0913d7d2b0402cd0472eb4b428c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:eedab7e6fd4adb2bd697e8cbcbd6703291d9fe5d2a3a048e8c34d9529586c93a_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:12ac94419811458fb309d417091e279d485c4a665899d3a7d3157b8b32c1b03d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:4318d360c3a968ee79ef68979105ee5ffb93137757a3b4a6c42c15e6cf6b11ba_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:ba6188d3d284f030f90e117c87501a8d08c4b356383429ad39806472113aa41b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:05c7ffbd4dfa1f6ef760ed86f142d84d4c42583fa0b747eedc234763bef74ebb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:883f4ae255413c1409d3fb607f91fdf13badf534c5e8f78d9905c8da69cdeeed_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:b7f375f2f1f4eb828ee8255143143385c4662aab967c007a89954903c8a7c27f_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:d29d106e6c0f6a3ae971903a16cf4a564950bcf5336219eb6665cae98b824d33_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:5a2db37676e0f0b05fe2a8c5f82bb489ff3c8dd80f94b9fb3540488ab39ff6ca_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:bab28cfa3596192875dbf305a4ed7432db0ebebec604053d30895931818740cd_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419467"
}
],
"notes": [
{
"category": "description",
"text": "A decompression handling flaw has been discovered in urllib3. When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header (e.g., gzip, deflate, br, or zstd). The library must read compressed data from the network and decompress it until the requested chunk size is met. Any resulting decompressed data that exceeds the requested amount is held in an internal buffer for the next read operation. The decompression logic could cause urllib3 to fully decode a small amount of highly compressed data in a single operation. This can result in excessive resource consumption (high CPU usage and massive memory allocation for the decompressed data; CWE-409) on the client side, even if the application only requested a small chunk of data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3 Streaming API improperly handles highly compressed data",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:4a356900b1daca75092b8eac5c1d16f38703941caebba5ddec48120e854bd7e9_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:a26699523e44b43a0f237ee664b3574cbea8d11576bd4bc884c3766c0effb8df_arm64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:2c98b3b933276dbcead1fde142bfcd3f130d89e6812c6b433da7eed650ae2dbc_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:53c79641084ebe6c98274b31e34cc1a759b1443b96cf7dc45317008a30b1fc8d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4333242b1f6f25f8656bd612870d02868f3724d80cf542c8d78ada49a8ad9cb2_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4519eccf48b1f2393bab39980fadde7e398cfff1933b78e9565029f95296ff05_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:a15b54532e9e06d91abce8fd7becf2aa3bfbce56f231036e25e9ffed15760f74_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:ce1e29736422aa55f1a3837fc38a365fbc1096d58b6794cca84ff907da273917_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:42f631d436d62d7399ca3ef8fd89a334c7839823c8e6ffafe2cdd32ee36493bb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:56615395c62e26f3ef9bd267c0d5245331b8c67508df4bd8bbc83d72c4ef3b99_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:84a87320bee17439c05d2c6a1edf3b7e83b2f7ebfdd850399d12635e58da4d55_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:04a821296c01da5155ab36d9381b962866c26e9c7516f321ffe440b7fa13b4c5_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:33aaad4cc22d1e2998e4710cc644f4032bec8f140e5236fdc83d520a869626ef_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:d2cb739f949dc4ec9617bb9470a8482a8011077043e06e735ab0c9d7d1cac381_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:12d3d74ffbd7eb3a4817952835ab9bf5b89edf4fc9af661a28ec009f3251a519_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:1fb43684436f6b55152aab553177df048d5bb267c5efbc61f0f27cdbb0848957_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:c51fe06b557fa20d78af7b12cf6c6ddc3227f44f3957a52f3037c25700cfadb2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:1e1d5fad0aecf93b79b21112360aa0c308654c5b5df829cd3144488f8e217af4_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:72f613c382aac012e2e79e800df50c210f41693cc2aaa5b99cb28ab38f1966c8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7f027d05df255e62828ab28d5f188655fc125bc4ead872c7a33cedaf47b12f8c_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:cf586b7cb58dff92e7f31b8b9ebe5c971e55c67b8ba2c3320d2b71183c88fc7c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:2df297674884e6ac297bae685f80741489ddf1e1d0ae1d5ec354917dff1acdda_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:7af31fef4a2269c2cf444420048ea644c9949714e9a63417fe6d7288abee457b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:3ca10a19a0706af65bb590403adad92114810bf0ac64a89d6ac1d862e4cec671_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:56a321957afd15d357c8b53fc50299c0811981e8b925e64858dc7c4cfcea1993_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:633bfd24f1396c150b5902407879e7b26e7681074772fbbfeccc4d48cbe77b19_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:ff09ee957797fa15208f9130e246ae006c385cc799573a71d31aff9ddf0e805d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:1d258fe98c2477e4256a9b936f412f2501fb7ca9e3b810347f9712e0d5ce5c92_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:e8ccea3bfafbde4d5b91cc7b7732b2b64d6aa08499b5ca63b4d8f1e980291351_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:5bd1065dca1978c49c0143e2be4e921465c6a67fa786ab2a9254f0790259096e_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:8b34aaf5a7729ef1ccd01f2b1b1e3439b304343f3403de67f68255015206fbf4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:ade80e2ecb6fa56c20539e11677c29e57a1e20b5ce60f8414fd8ff3e83c9bc28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:3439c67a60c8323eb88f0181e8f811e5bdd7b51169f8b8cc687ab2148d1bfabe_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:820fd80dbce2d9d9cdf38989ce84ee5601e862786a732ad108fc319e28131944_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:d9a6959a71074ffc5ec0fa324af389fbd8277efbd22a827cef8a439b18cd2bcf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:8e9dbdc213745aa0990f47e50b1d899ac2121951b9346420131d76cc393a493a_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:95ca9b1ecee8f11d6edabd7af76f60d2987df91d11fd0fb4c6578df735717422_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:f01860f904557f887d8aafe42143c63352d6cb496dc727c265f14e3c2d296e06_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:1c76d957c8588ea2987d4b551bbefc2ef07c546cbaeb3148caff06f640b35ade_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:68e9797f37f8e4de817ee4e1cba7d583b541db2373c5d250ccc3344820720b85_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:7f362050312693129d3a15b6eed4fa06576d6529a99bc864f273c55145ae14ec_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:114fd9b55f5ea28a16c3fe2eef773a4cb4693c1885ef6193399cfea278191acb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:6490c1848b373efe6c327f8959e06b66b1ac3fe0f90fa697f7309d9f48c66765_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:816d8f81196bb0acfe5bbc792f9768916724bdecea3671172412eeb6948c4ff7_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:1e66abc3373c50b5ef69b0c63bf877a978e3aa0a368630973cf0a2be7374becf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:9c061b939c8094f4939cd183da381ad8e49d878cc2fdd373b8d26eecae07ab6d_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f0511f3768e51b6801b66c91b302010e6197facb71a0b7777c4d3ad3039b6c88_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:3e70ae3e8b5f776ad3e2a184a1f2f572de5c46386f34edb99e2b9d1d9249ae41_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:5924a7e64d6031aa926f9ecb9ee3be30d8251c4705813a9bef6716d18b7411b4_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:f441a07265d87fb59ee375723e98fbc9af5f3fd5a2c09761692b0e271205f0bb_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:af7bbec8e30b0e0d8393fe1e2bd656d7630b7c9828536be6664fa848fac61505_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:cf4e879101bc4e3666649dda0926de8bbd95e641dc6832c29dc457128256eb6c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:331f8435e1bd3dec98947a24346873d09056e37e2d7ed83a463098dbf9f31a47_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:5e83e352d083892699338da3fa4c9b8218561e7167b4dff102d22e401cbc7f75_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:86ca44b014be65651b83a49a38c0784dee640b491b935e3ed5f3d49d84d55362_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f9ee33c1c4d7f2a872861c9ad1dbb78ba8fed3ab562ae90f12f06a892147e367_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:0ea603487b204f43ebddb1514500cdeaa02a0b763a627e4e10979deec60b7d28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:29ff94de29714044377d060db9ad47f151afec858c8fc127c94ff04adbb984b7_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:2b6c00ee23df974d22c185b592ef4d7babbb76bcadc129a04c869f9983630103_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:e7c4da685e08c79d5b49e9f12ff5efa7cc7d9e26a03c91ab19f86c99e9f4ac23_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:25077a998c7b6ec7e8122026f2152419a0efe293a00899bb745a66a57f913848_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:5178d3800d74d84a6282a7ddc888eea9b81d62c8a385ad57bb742fa28fb0f575_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:9070f6741e667a4a145ede8dc67d4f7545944ef5fe4937fdcb1a08e9f537e068_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:a7efdef6ef06af0aa97de86ebd0c0ccfc316719195289dfa835261da53b06589_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2dd15cd61e1e5d98791a68bb513572b82ce5d799dd3fa864d43a8134536b19ff_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:37938821d832d7b957aa6f9b4a468c0eed785625c2bb8257726b4dc094bab9bd_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:e94a31493c7207846ab5d13387311e9a6d99ffa7885d1b8faa8602750059c2a3_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:eb0500f30373c5bcf3e10e27b081f97e5ce8b29a71dde9ff9b7e1066fd5dd80e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:22c745e5d04f7a0d9b188bf6657b1de053c61d99d813f11f6819550ef2a96732_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:49495dd44b7956a5e1bed226a896be649a07cd1b1f915de31d39041a77f6cdb5_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:741b836350d9ec48109468382c81066f401ebb4712ca414d44e3042894111419_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:9cf7f5bdebf6b53fce9cfed4fe530c380f36bb1d60120b53c06043371863d4e6_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:3dd54b885e3d63e5882284bf4878aa723c1fef6833601ed5d5a091b6b74c68d1_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:83f773633a864b707c7e371bd554f79622b999a1ecef4b1cd368e0dd72b7a9ad_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:1a85e42e32534b58410c519b4d8f7d84fe6ff96567612f18f4bd558fa3c895a6_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef72689e332c4e224a80603ffbcc1603cdf8fe4230b9fd60e7713f0b5c2d5045_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:1c15c95b65bfbcc620d4d429431eabca8f4714d32a38aa68cb15c549e1a6ce4c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:659acd52802b6f2300c223bcde827f1d9b80ac9a93fdb6f574fcb5a08b92607c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:6f44d3b3973c34677d347a67841dbfabd23817de1b5c26967f1b9952c27b48c8_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:b84eb1329e837895ca50d3284553e195918fefc71bdb9dc2550a90b2d927b6eb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:84739168d6ea2813c5b9666773166649a6b328a279dac80b61c51311a6a2943a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-operator-bundle@sha256:74968eea50e067a335e830cfde6d8bf3cd130a9eba77ce918e25e252b7c1541e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:53a8389250e59e7c9f5a9a61914cac361946b256132649bd45f775c8f36b486a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:890b0e4467cdfd68985af367a6d015ff7e92a2b6a1f46e2c2bf233c3d621f1a8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:9f667eb88f5b085ec40b8b06e5f42cf6a0ced0913d7d2b0402cd0472eb4b428c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:eedab7e6fd4adb2bd697e8cbcbd6703291d9fe5d2a3a048e8c34d9529586c93a_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:12ac94419811458fb309d417091e279d485c4a665899d3a7d3157b8b32c1b03d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:4318d360c3a968ee79ef68979105ee5ffb93137757a3b4a6c42c15e6cf6b11ba_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:ba6188d3d284f030f90e117c87501a8d08c4b356383429ad39806472113aa41b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:05c7ffbd4dfa1f6ef760ed86f142d84d4c42583fa0b747eedc234763bef74ebb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:883f4ae255413c1409d3fb607f91fdf13badf534c5e8f78d9905c8da69cdeeed_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:b7f375f2f1f4eb828ee8255143143385c4662aab967c007a89954903c8a7c27f_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:d29d106e6c0f6a3ae971903a16cf4a564950bcf5336219eb6665cae98b824d33_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:5a2db37676e0f0b05fe2a8c5f82bb489ff3c8dd80f94b9fb3540488ab39ff6ca_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:bab28cfa3596192875dbf305a4ed7432db0ebebec604053d30895931818740cd_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66471"
},
{
"category": "external",
"summary": "RHBZ#2419467",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419467"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66471",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66471"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66471",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66471"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/c19571de34c47de3a766541b041637ba5f716ed7",
"url": "https://github.com/urllib3/urllib3/commit/c19571de34c47de3a766541b041637ba5f716ed7"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37"
}
],
"release_date": "2025-12-05T16:06:08.531000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-12T22:43:13+00:00",
"details": "For Red Hat OpenShift AI 2.25.2 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:4a356900b1daca75092b8eac5c1d16f38703941caebba5ddec48120e854bd7e9_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:a26699523e44b43a0f237ee664b3574cbea8d11576bd4bc884c3766c0effb8df_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2695"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:2c98b3b933276dbcead1fde142bfcd3f130d89e6812c6b433da7eed650ae2dbc_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:53c79641084ebe6c98274b31e34cc1a759b1443b96cf7dc45317008a30b1fc8d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4333242b1f6f25f8656bd612870d02868f3724d80cf542c8d78ada49a8ad9cb2_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4519eccf48b1f2393bab39980fadde7e398cfff1933b78e9565029f95296ff05_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:a15b54532e9e06d91abce8fd7becf2aa3bfbce56f231036e25e9ffed15760f74_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:ce1e29736422aa55f1a3837fc38a365fbc1096d58b6794cca84ff907da273917_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:42f631d436d62d7399ca3ef8fd89a334c7839823c8e6ffafe2cdd32ee36493bb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:56615395c62e26f3ef9bd267c0d5245331b8c67508df4bd8bbc83d72c4ef3b99_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:84a87320bee17439c05d2c6a1edf3b7e83b2f7ebfdd850399d12635e58da4d55_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:04a821296c01da5155ab36d9381b962866c26e9c7516f321ffe440b7fa13b4c5_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:33aaad4cc22d1e2998e4710cc644f4032bec8f140e5236fdc83d520a869626ef_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:d2cb739f949dc4ec9617bb9470a8482a8011077043e06e735ab0c9d7d1cac381_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:12d3d74ffbd7eb3a4817952835ab9bf5b89edf4fc9af661a28ec009f3251a519_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:1fb43684436f6b55152aab553177df048d5bb267c5efbc61f0f27cdbb0848957_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:c51fe06b557fa20d78af7b12cf6c6ddc3227f44f3957a52f3037c25700cfadb2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:1e1d5fad0aecf93b79b21112360aa0c308654c5b5df829cd3144488f8e217af4_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:72f613c382aac012e2e79e800df50c210f41693cc2aaa5b99cb28ab38f1966c8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7f027d05df255e62828ab28d5f188655fc125bc4ead872c7a33cedaf47b12f8c_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:cf586b7cb58dff92e7f31b8b9ebe5c971e55c67b8ba2c3320d2b71183c88fc7c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:2df297674884e6ac297bae685f80741489ddf1e1d0ae1d5ec354917dff1acdda_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:7af31fef4a2269c2cf444420048ea644c9949714e9a63417fe6d7288abee457b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:3ca10a19a0706af65bb590403adad92114810bf0ac64a89d6ac1d862e4cec671_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:56a321957afd15d357c8b53fc50299c0811981e8b925e64858dc7c4cfcea1993_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:633bfd24f1396c150b5902407879e7b26e7681074772fbbfeccc4d48cbe77b19_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:ff09ee957797fa15208f9130e246ae006c385cc799573a71d31aff9ddf0e805d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:1d258fe98c2477e4256a9b936f412f2501fb7ca9e3b810347f9712e0d5ce5c92_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:e8ccea3bfafbde4d5b91cc7b7732b2b64d6aa08499b5ca63b4d8f1e980291351_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:5bd1065dca1978c49c0143e2be4e921465c6a67fa786ab2a9254f0790259096e_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:8b34aaf5a7729ef1ccd01f2b1b1e3439b304343f3403de67f68255015206fbf4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:ade80e2ecb6fa56c20539e11677c29e57a1e20b5ce60f8414fd8ff3e83c9bc28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:3439c67a60c8323eb88f0181e8f811e5bdd7b51169f8b8cc687ab2148d1bfabe_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:820fd80dbce2d9d9cdf38989ce84ee5601e862786a732ad108fc319e28131944_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:d9a6959a71074ffc5ec0fa324af389fbd8277efbd22a827cef8a439b18cd2bcf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:8e9dbdc213745aa0990f47e50b1d899ac2121951b9346420131d76cc393a493a_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:95ca9b1ecee8f11d6edabd7af76f60d2987df91d11fd0fb4c6578df735717422_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:f01860f904557f887d8aafe42143c63352d6cb496dc727c265f14e3c2d296e06_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:1c76d957c8588ea2987d4b551bbefc2ef07c546cbaeb3148caff06f640b35ade_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:68e9797f37f8e4de817ee4e1cba7d583b541db2373c5d250ccc3344820720b85_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:7f362050312693129d3a15b6eed4fa06576d6529a99bc864f273c55145ae14ec_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:114fd9b55f5ea28a16c3fe2eef773a4cb4693c1885ef6193399cfea278191acb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:6490c1848b373efe6c327f8959e06b66b1ac3fe0f90fa697f7309d9f48c66765_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:816d8f81196bb0acfe5bbc792f9768916724bdecea3671172412eeb6948c4ff7_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:1e66abc3373c50b5ef69b0c63bf877a978e3aa0a368630973cf0a2be7374becf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:9c061b939c8094f4939cd183da381ad8e49d878cc2fdd373b8d26eecae07ab6d_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f0511f3768e51b6801b66c91b302010e6197facb71a0b7777c4d3ad3039b6c88_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:3e70ae3e8b5f776ad3e2a184a1f2f572de5c46386f34edb99e2b9d1d9249ae41_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:5924a7e64d6031aa926f9ecb9ee3be30d8251c4705813a9bef6716d18b7411b4_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:f441a07265d87fb59ee375723e98fbc9af5f3fd5a2c09761692b0e271205f0bb_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:af7bbec8e30b0e0d8393fe1e2bd656d7630b7c9828536be6664fa848fac61505_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:cf4e879101bc4e3666649dda0926de8bbd95e641dc6832c29dc457128256eb6c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:331f8435e1bd3dec98947a24346873d09056e37e2d7ed83a463098dbf9f31a47_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:5e83e352d083892699338da3fa4c9b8218561e7167b4dff102d22e401cbc7f75_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:86ca44b014be65651b83a49a38c0784dee640b491b935e3ed5f3d49d84d55362_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f9ee33c1c4d7f2a872861c9ad1dbb78ba8fed3ab562ae90f12f06a892147e367_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:0ea603487b204f43ebddb1514500cdeaa02a0b763a627e4e10979deec60b7d28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:29ff94de29714044377d060db9ad47f151afec858c8fc127c94ff04adbb984b7_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:2b6c00ee23df974d22c185b592ef4d7babbb76bcadc129a04c869f9983630103_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:e7c4da685e08c79d5b49e9f12ff5efa7cc7d9e26a03c91ab19f86c99e9f4ac23_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:25077a998c7b6ec7e8122026f2152419a0efe293a00899bb745a66a57f913848_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:5178d3800d74d84a6282a7ddc888eea9b81d62c8a385ad57bb742fa28fb0f575_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:9070f6741e667a4a145ede8dc67d4f7545944ef5fe4937fdcb1a08e9f537e068_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:a7efdef6ef06af0aa97de86ebd0c0ccfc316719195289dfa835261da53b06589_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2dd15cd61e1e5d98791a68bb513572b82ce5d799dd3fa864d43a8134536b19ff_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:37938821d832d7b957aa6f9b4a468c0eed785625c2bb8257726b4dc094bab9bd_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:e94a31493c7207846ab5d13387311e9a6d99ffa7885d1b8faa8602750059c2a3_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:eb0500f30373c5bcf3e10e27b081f97e5ce8b29a71dde9ff9b7e1066fd5dd80e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:22c745e5d04f7a0d9b188bf6657b1de053c61d99d813f11f6819550ef2a96732_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:49495dd44b7956a5e1bed226a896be649a07cd1b1f915de31d39041a77f6cdb5_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:741b836350d9ec48109468382c81066f401ebb4712ca414d44e3042894111419_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:9cf7f5bdebf6b53fce9cfed4fe530c380f36bb1d60120b53c06043371863d4e6_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:3dd54b885e3d63e5882284bf4878aa723c1fef6833601ed5d5a091b6b74c68d1_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:83f773633a864b707c7e371bd554f79622b999a1ecef4b1cd368e0dd72b7a9ad_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:4a356900b1daca75092b8eac5c1d16f38703941caebba5ddec48120e854bd7e9_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:a26699523e44b43a0f237ee664b3574cbea8d11576bd4bc884c3766c0effb8df_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:1a85e42e32534b58410c519b4d8f7d84fe6ff96567612f18f4bd558fa3c895a6_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef72689e332c4e224a80603ffbcc1603cdf8fe4230b9fd60e7713f0b5c2d5045_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:1c15c95b65bfbcc620d4d429431eabca8f4714d32a38aa68cb15c549e1a6ce4c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:659acd52802b6f2300c223bcde827f1d9b80ac9a93fdb6f574fcb5a08b92607c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:6f44d3b3973c34677d347a67841dbfabd23817de1b5c26967f1b9952c27b48c8_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:b84eb1329e837895ca50d3284553e195918fefc71bdb9dc2550a90b2d927b6eb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:84739168d6ea2813c5b9666773166649a6b328a279dac80b61c51311a6a2943a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-operator-bundle@sha256:74968eea50e067a335e830cfde6d8bf3cd130a9eba77ce918e25e252b7c1541e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:53a8389250e59e7c9f5a9a61914cac361946b256132649bd45f775c8f36b486a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:890b0e4467cdfd68985af367a6d015ff7e92a2b6a1f46e2c2bf233c3d621f1a8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:9f667eb88f5b085ec40b8b06e5f42cf6a0ced0913d7d2b0402cd0472eb4b428c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:eedab7e6fd4adb2bd697e8cbcbd6703291d9fe5d2a3a048e8c34d9529586c93a_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:12ac94419811458fb309d417091e279d485c4a665899d3a7d3157b8b32c1b03d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:4318d360c3a968ee79ef68979105ee5ffb93137757a3b4a6c42c15e6cf6b11ba_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:ba6188d3d284f030f90e117c87501a8d08c4b356383429ad39806472113aa41b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:05c7ffbd4dfa1f6ef760ed86f142d84d4c42583fa0b747eedc234763bef74ebb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:883f4ae255413c1409d3fb607f91fdf13badf534c5e8f78d9905c8da69cdeeed_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:b7f375f2f1f4eb828ee8255143143385c4662aab967c007a89954903c8a7c27f_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:d29d106e6c0f6a3ae971903a16cf4a564950bcf5336219eb6665cae98b824d33_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:5a2db37676e0f0b05fe2a8c5f82bb489ff3c8dd80f94b9fb3540488ab39ff6ca_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:bab28cfa3596192875dbf305a4ed7432db0ebebec604053d30895931818740cd_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:2c98b3b933276dbcead1fde142bfcd3f130d89e6812c6b433da7eed650ae2dbc_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:53c79641084ebe6c98274b31e34cc1a759b1443b96cf7dc45317008a30b1fc8d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4333242b1f6f25f8656bd612870d02868f3724d80cf542c8d78ada49a8ad9cb2_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4519eccf48b1f2393bab39980fadde7e398cfff1933b78e9565029f95296ff05_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:a15b54532e9e06d91abce8fd7becf2aa3bfbce56f231036e25e9ffed15760f74_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:ce1e29736422aa55f1a3837fc38a365fbc1096d58b6794cca84ff907da273917_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:42f631d436d62d7399ca3ef8fd89a334c7839823c8e6ffafe2cdd32ee36493bb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:56615395c62e26f3ef9bd267c0d5245331b8c67508df4bd8bbc83d72c4ef3b99_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:84a87320bee17439c05d2c6a1edf3b7e83b2f7ebfdd850399d12635e58da4d55_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:04a821296c01da5155ab36d9381b962866c26e9c7516f321ffe440b7fa13b4c5_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:33aaad4cc22d1e2998e4710cc644f4032bec8f140e5236fdc83d520a869626ef_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:d2cb739f949dc4ec9617bb9470a8482a8011077043e06e735ab0c9d7d1cac381_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:12d3d74ffbd7eb3a4817952835ab9bf5b89edf4fc9af661a28ec009f3251a519_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:1fb43684436f6b55152aab553177df048d5bb267c5efbc61f0f27cdbb0848957_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:c51fe06b557fa20d78af7b12cf6c6ddc3227f44f3957a52f3037c25700cfadb2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:1e1d5fad0aecf93b79b21112360aa0c308654c5b5df829cd3144488f8e217af4_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:72f613c382aac012e2e79e800df50c210f41693cc2aaa5b99cb28ab38f1966c8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7f027d05df255e62828ab28d5f188655fc125bc4ead872c7a33cedaf47b12f8c_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:cf586b7cb58dff92e7f31b8b9ebe5c971e55c67b8ba2c3320d2b71183c88fc7c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:2df297674884e6ac297bae685f80741489ddf1e1d0ae1d5ec354917dff1acdda_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:7af31fef4a2269c2cf444420048ea644c9949714e9a63417fe6d7288abee457b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:3ca10a19a0706af65bb590403adad92114810bf0ac64a89d6ac1d862e4cec671_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:56a321957afd15d357c8b53fc50299c0811981e8b925e64858dc7c4cfcea1993_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:633bfd24f1396c150b5902407879e7b26e7681074772fbbfeccc4d48cbe77b19_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:ff09ee957797fa15208f9130e246ae006c385cc799573a71d31aff9ddf0e805d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:1d258fe98c2477e4256a9b936f412f2501fb7ca9e3b810347f9712e0d5ce5c92_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:e8ccea3bfafbde4d5b91cc7b7732b2b64d6aa08499b5ca63b4d8f1e980291351_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:5bd1065dca1978c49c0143e2be4e921465c6a67fa786ab2a9254f0790259096e_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:8b34aaf5a7729ef1ccd01f2b1b1e3439b304343f3403de67f68255015206fbf4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:ade80e2ecb6fa56c20539e11677c29e57a1e20b5ce60f8414fd8ff3e83c9bc28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:3439c67a60c8323eb88f0181e8f811e5bdd7b51169f8b8cc687ab2148d1bfabe_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:820fd80dbce2d9d9cdf38989ce84ee5601e862786a732ad108fc319e28131944_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:d9a6959a71074ffc5ec0fa324af389fbd8277efbd22a827cef8a439b18cd2bcf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:8e9dbdc213745aa0990f47e50b1d899ac2121951b9346420131d76cc393a493a_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:95ca9b1ecee8f11d6edabd7af76f60d2987df91d11fd0fb4c6578df735717422_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:f01860f904557f887d8aafe42143c63352d6cb496dc727c265f14e3c2d296e06_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:1c76d957c8588ea2987d4b551bbefc2ef07c546cbaeb3148caff06f640b35ade_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:68e9797f37f8e4de817ee4e1cba7d583b541db2373c5d250ccc3344820720b85_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:7f362050312693129d3a15b6eed4fa06576d6529a99bc864f273c55145ae14ec_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:114fd9b55f5ea28a16c3fe2eef773a4cb4693c1885ef6193399cfea278191acb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:6490c1848b373efe6c327f8959e06b66b1ac3fe0f90fa697f7309d9f48c66765_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:816d8f81196bb0acfe5bbc792f9768916724bdecea3671172412eeb6948c4ff7_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:1e66abc3373c50b5ef69b0c63bf877a978e3aa0a368630973cf0a2be7374becf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:9c061b939c8094f4939cd183da381ad8e49d878cc2fdd373b8d26eecae07ab6d_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f0511f3768e51b6801b66c91b302010e6197facb71a0b7777c4d3ad3039b6c88_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:3e70ae3e8b5f776ad3e2a184a1f2f572de5c46386f34edb99e2b9d1d9249ae41_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:5924a7e64d6031aa926f9ecb9ee3be30d8251c4705813a9bef6716d18b7411b4_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:f441a07265d87fb59ee375723e98fbc9af5f3fd5a2c09761692b0e271205f0bb_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:af7bbec8e30b0e0d8393fe1e2bd656d7630b7c9828536be6664fa848fac61505_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:cf4e879101bc4e3666649dda0926de8bbd95e641dc6832c29dc457128256eb6c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:331f8435e1bd3dec98947a24346873d09056e37e2d7ed83a463098dbf9f31a47_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:5e83e352d083892699338da3fa4c9b8218561e7167b4dff102d22e401cbc7f75_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:86ca44b014be65651b83a49a38c0784dee640b491b935e3ed5f3d49d84d55362_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f9ee33c1c4d7f2a872861c9ad1dbb78ba8fed3ab562ae90f12f06a892147e367_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:0ea603487b204f43ebddb1514500cdeaa02a0b763a627e4e10979deec60b7d28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:29ff94de29714044377d060db9ad47f151afec858c8fc127c94ff04adbb984b7_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:2b6c00ee23df974d22c185b592ef4d7babbb76bcadc129a04c869f9983630103_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:e7c4da685e08c79d5b49e9f12ff5efa7cc7d9e26a03c91ab19f86c99e9f4ac23_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:25077a998c7b6ec7e8122026f2152419a0efe293a00899bb745a66a57f913848_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:5178d3800d74d84a6282a7ddc888eea9b81d62c8a385ad57bb742fa28fb0f575_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:9070f6741e667a4a145ede8dc67d4f7545944ef5fe4937fdcb1a08e9f537e068_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:a7efdef6ef06af0aa97de86ebd0c0ccfc316719195289dfa835261da53b06589_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2dd15cd61e1e5d98791a68bb513572b82ce5d799dd3fa864d43a8134536b19ff_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:37938821d832d7b957aa6f9b4a468c0eed785625c2bb8257726b4dc094bab9bd_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:e94a31493c7207846ab5d13387311e9a6d99ffa7885d1b8faa8602750059c2a3_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:eb0500f30373c5bcf3e10e27b081f97e5ce8b29a71dde9ff9b7e1066fd5dd80e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:22c745e5d04f7a0d9b188bf6657b1de053c61d99d813f11f6819550ef2a96732_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:49495dd44b7956a5e1bed226a896be649a07cd1b1f915de31d39041a77f6cdb5_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:741b836350d9ec48109468382c81066f401ebb4712ca414d44e3042894111419_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:9cf7f5bdebf6b53fce9cfed4fe530c380f36bb1d60120b53c06043371863d4e6_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:3dd54b885e3d63e5882284bf4878aa723c1fef6833601ed5d5a091b6b74c68d1_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:83f773633a864b707c7e371bd554f79622b999a1ecef4b1cd368e0dd72b7a9ad_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:4a356900b1daca75092b8eac5c1d16f38703941caebba5ddec48120e854bd7e9_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:a26699523e44b43a0f237ee664b3574cbea8d11576bd4bc884c3766c0effb8df_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:1a85e42e32534b58410c519b4d8f7d84fe6ff96567612f18f4bd558fa3c895a6_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef72689e332c4e224a80603ffbcc1603cdf8fe4230b9fd60e7713f0b5c2d5045_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:1c15c95b65bfbcc620d4d429431eabca8f4714d32a38aa68cb15c549e1a6ce4c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:659acd52802b6f2300c223bcde827f1d9b80ac9a93fdb6f574fcb5a08b92607c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:6f44d3b3973c34677d347a67841dbfabd23817de1b5c26967f1b9952c27b48c8_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:b84eb1329e837895ca50d3284553e195918fefc71bdb9dc2550a90b2d927b6eb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:84739168d6ea2813c5b9666773166649a6b328a279dac80b61c51311a6a2943a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-operator-bundle@sha256:74968eea50e067a335e830cfde6d8bf3cd130a9eba77ce918e25e252b7c1541e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:53a8389250e59e7c9f5a9a61914cac361946b256132649bd45f775c8f36b486a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:890b0e4467cdfd68985af367a6d015ff7e92a2b6a1f46e2c2bf233c3d621f1a8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:9f667eb88f5b085ec40b8b06e5f42cf6a0ced0913d7d2b0402cd0472eb4b428c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:eedab7e6fd4adb2bd697e8cbcbd6703291d9fe5d2a3a048e8c34d9529586c93a_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:12ac94419811458fb309d417091e279d485c4a665899d3a7d3157b8b32c1b03d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:4318d360c3a968ee79ef68979105ee5ffb93137757a3b4a6c42c15e6cf6b11ba_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:ba6188d3d284f030f90e117c87501a8d08c4b356383429ad39806472113aa41b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:05c7ffbd4dfa1f6ef760ed86f142d84d4c42583fa0b747eedc234763bef74ebb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:883f4ae255413c1409d3fb607f91fdf13badf534c5e8f78d9905c8da69cdeeed_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:b7f375f2f1f4eb828ee8255143143385c4662aab967c007a89954903c8a7c27f_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:d29d106e6c0f6a3ae971903a16cf4a564950bcf5336219eb6665cae98b824d33_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:5a2db37676e0f0b05fe2a8c5f82bb489ff3c8dd80f94b9fb3540488ab39ff6ca_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:bab28cfa3596192875dbf305a4ed7432db0ebebec604053d30895931818740cd_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3 Streaming API improperly handles highly compressed data"
},
{
"cve": "CVE-2025-66506",
"cwe": {
"id": "CWE-405",
"name": "Asymmetric Resource Consumption (Amplification)"
},
"discovery_date": "2025-12-04T23:01:20.507333+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:2c98b3b933276dbcead1fde142bfcd3f130d89e6812c6b433da7eed650ae2dbc_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:53c79641084ebe6c98274b31e34cc1a759b1443b96cf7dc45317008a30b1fc8d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4333242b1f6f25f8656bd612870d02868f3724d80cf542c8d78ada49a8ad9cb2_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4519eccf48b1f2393bab39980fadde7e398cfff1933b78e9565029f95296ff05_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:a15b54532e9e06d91abce8fd7becf2aa3bfbce56f231036e25e9ffed15760f74_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:ce1e29736422aa55f1a3837fc38a365fbc1096d58b6794cca84ff907da273917_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:42f631d436d62d7399ca3ef8fd89a334c7839823c8e6ffafe2cdd32ee36493bb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:56615395c62e26f3ef9bd267c0d5245331b8c67508df4bd8bbc83d72c4ef3b99_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:84a87320bee17439c05d2c6a1edf3b7e83b2f7ebfdd850399d12635e58da4d55_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:04a821296c01da5155ab36d9381b962866c26e9c7516f321ffe440b7fa13b4c5_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:33aaad4cc22d1e2998e4710cc644f4032bec8f140e5236fdc83d520a869626ef_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:d2cb739f949dc4ec9617bb9470a8482a8011077043e06e735ab0c9d7d1cac381_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:12d3d74ffbd7eb3a4817952835ab9bf5b89edf4fc9af661a28ec009f3251a519_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:1fb43684436f6b55152aab553177df048d5bb267c5efbc61f0f27cdbb0848957_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:c51fe06b557fa20d78af7b12cf6c6ddc3227f44f3957a52f3037c25700cfadb2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:1e1d5fad0aecf93b79b21112360aa0c308654c5b5df829cd3144488f8e217af4_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:72f613c382aac012e2e79e800df50c210f41693cc2aaa5b99cb28ab38f1966c8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7f027d05df255e62828ab28d5f188655fc125bc4ead872c7a33cedaf47b12f8c_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:cf586b7cb58dff92e7f31b8b9ebe5c971e55c67b8ba2c3320d2b71183c88fc7c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:2df297674884e6ac297bae685f80741489ddf1e1d0ae1d5ec354917dff1acdda_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:7af31fef4a2269c2cf444420048ea644c9949714e9a63417fe6d7288abee457b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:3ca10a19a0706af65bb590403adad92114810bf0ac64a89d6ac1d862e4cec671_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:56a321957afd15d357c8b53fc50299c0811981e8b925e64858dc7c4cfcea1993_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:633bfd24f1396c150b5902407879e7b26e7681074772fbbfeccc4d48cbe77b19_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:ff09ee957797fa15208f9130e246ae006c385cc799573a71d31aff9ddf0e805d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:1d258fe98c2477e4256a9b936f412f2501fb7ca9e3b810347f9712e0d5ce5c92_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:e8ccea3bfafbde4d5b91cc7b7732b2b64d6aa08499b5ca63b4d8f1e980291351_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:5bd1065dca1978c49c0143e2be4e921465c6a67fa786ab2a9254f0790259096e_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:8b34aaf5a7729ef1ccd01f2b1b1e3439b304343f3403de67f68255015206fbf4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:ade80e2ecb6fa56c20539e11677c29e57a1e20b5ce60f8414fd8ff3e83c9bc28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:3439c67a60c8323eb88f0181e8f811e5bdd7b51169f8b8cc687ab2148d1bfabe_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:820fd80dbce2d9d9cdf38989ce84ee5601e862786a732ad108fc319e28131944_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:d9a6959a71074ffc5ec0fa324af389fbd8277efbd22a827cef8a439b18cd2bcf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:8e9dbdc213745aa0990f47e50b1d899ac2121951b9346420131d76cc393a493a_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:95ca9b1ecee8f11d6edabd7af76f60d2987df91d11fd0fb4c6578df735717422_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:f01860f904557f887d8aafe42143c63352d6cb496dc727c265f14e3c2d296e06_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:1c76d957c8588ea2987d4b551bbefc2ef07c546cbaeb3148caff06f640b35ade_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:68e9797f37f8e4de817ee4e1cba7d583b541db2373c5d250ccc3344820720b85_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:7f362050312693129d3a15b6eed4fa06576d6529a99bc864f273c55145ae14ec_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:1e66abc3373c50b5ef69b0c63bf877a978e3aa0a368630973cf0a2be7374becf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:9c061b939c8094f4939cd183da381ad8e49d878cc2fdd373b8d26eecae07ab6d_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f0511f3768e51b6801b66c91b302010e6197facb71a0b7777c4d3ad3039b6c88_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:3e70ae3e8b5f776ad3e2a184a1f2f572de5c46386f34edb99e2b9d1d9249ae41_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:5924a7e64d6031aa926f9ecb9ee3be30d8251c4705813a9bef6716d18b7411b4_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:f441a07265d87fb59ee375723e98fbc9af5f3fd5a2c09761692b0e271205f0bb_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:af7bbec8e30b0e0d8393fe1e2bd656d7630b7c9828536be6664fa848fac61505_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:cf4e879101bc4e3666649dda0926de8bbd95e641dc6832c29dc457128256eb6c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:331f8435e1bd3dec98947a24346873d09056e37e2d7ed83a463098dbf9f31a47_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:5e83e352d083892699338da3fa4c9b8218561e7167b4dff102d22e401cbc7f75_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:86ca44b014be65651b83a49a38c0784dee640b491b935e3ed5f3d49d84d55362_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f9ee33c1c4d7f2a872861c9ad1dbb78ba8fed3ab562ae90f12f06a892147e367_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:0ea603487b204f43ebddb1514500cdeaa02a0b763a627e4e10979deec60b7d28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:29ff94de29714044377d060db9ad47f151afec858c8fc127c94ff04adbb984b7_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:2b6c00ee23df974d22c185b592ef4d7babbb76bcadc129a04c869f9983630103_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:e7c4da685e08c79d5b49e9f12ff5efa7cc7d9e26a03c91ab19f86c99e9f4ac23_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2dd15cd61e1e5d98791a68bb513572b82ce5d799dd3fa864d43a8134536b19ff_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:37938821d832d7b957aa6f9b4a468c0eed785625c2bb8257726b4dc094bab9bd_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:e94a31493c7207846ab5d13387311e9a6d99ffa7885d1b8faa8602750059c2a3_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:eb0500f30373c5bcf3e10e27b081f97e5ce8b29a71dde9ff9b7e1066fd5dd80e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:22c745e5d04f7a0d9b188bf6657b1de053c61d99d813f11f6819550ef2a96732_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:49495dd44b7956a5e1bed226a896be649a07cd1b1f915de31d39041a77f6cdb5_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:741b836350d9ec48109468382c81066f401ebb4712ca414d44e3042894111419_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:9cf7f5bdebf6b53fce9cfed4fe530c380f36bb1d60120b53c06043371863d4e6_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:3dd54b885e3d63e5882284bf4878aa723c1fef6833601ed5d5a091b6b74c68d1_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:83f773633a864b707c7e371bd554f79622b999a1ecef4b1cd368e0dd72b7a9ad_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:4a356900b1daca75092b8eac5c1d16f38703941caebba5ddec48120e854bd7e9_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:a26699523e44b43a0f237ee664b3574cbea8d11576bd4bc884c3766c0effb8df_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:1a85e42e32534b58410c519b4d8f7d84fe6ff96567612f18f4bd558fa3c895a6_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef72689e332c4e224a80603ffbcc1603cdf8fe4230b9fd60e7713f0b5c2d5045_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:1c15c95b65bfbcc620d4d429431eabca8f4714d32a38aa68cb15c549e1a6ce4c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:659acd52802b6f2300c223bcde827f1d9b80ac9a93fdb6f574fcb5a08b92607c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:6f44d3b3973c34677d347a67841dbfabd23817de1b5c26967f1b9952c27b48c8_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:b84eb1329e837895ca50d3284553e195918fefc71bdb9dc2550a90b2d927b6eb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:84739168d6ea2813c5b9666773166649a6b328a279dac80b61c51311a6a2943a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-operator-bundle@sha256:74968eea50e067a335e830cfde6d8bf3cd130a9eba77ce918e25e252b7c1541e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:53a8389250e59e7c9f5a9a61914cac361946b256132649bd45f775c8f36b486a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:890b0e4467cdfd68985af367a6d015ff7e92a2b6a1f46e2c2bf233c3d621f1a8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:9f667eb88f5b085ec40b8b06e5f42cf6a0ced0913d7d2b0402cd0472eb4b428c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:eedab7e6fd4adb2bd697e8cbcbd6703291d9fe5d2a3a048e8c34d9529586c93a_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:12ac94419811458fb309d417091e279d485c4a665899d3a7d3157b8b32c1b03d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:4318d360c3a968ee79ef68979105ee5ffb93137757a3b4a6c42c15e6cf6b11ba_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:ba6188d3d284f030f90e117c87501a8d08c4b356383429ad39806472113aa41b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:05c7ffbd4dfa1f6ef760ed86f142d84d4c42583fa0b747eedc234763bef74ebb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:883f4ae255413c1409d3fb607f91fdf13badf534c5e8f78d9905c8da69cdeeed_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:b7f375f2f1f4eb828ee8255143143385c4662aab967c007a89954903c8a7c27f_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:d29d106e6c0f6a3ae971903a16cf4a564950bcf5336219eb6665cae98b824d33_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:5a2db37676e0f0b05fe2a8c5f82bb489ff3c8dd80f94b9fb3540488ab39ff6ca_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:bab28cfa3596192875dbf305a4ed7432db0ebebec604053d30895931818740cd_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419056"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Fulcio, a free-to-use certificate authority. This vulnerability allows a denial of service (DoS) due to excessive memory allocation when processing a malicious OpenID Connect (OIDC) identity token containing numerous period characters.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/sigstore/fulcio: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat as Fulcio, a certificate authority used for issuing code signing certificates, is susceptible to a denial of service when processing a specially crafted OpenID Connect (OIDC) token. This could lead to resource exhaustion and service unavailability in affected Red Hat products that utilize Fulcio.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:114fd9b55f5ea28a16c3fe2eef773a4cb4693c1885ef6193399cfea278191acb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:6490c1848b373efe6c327f8959e06b66b1ac3fe0f90fa697f7309d9f48c66765_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:816d8f81196bb0acfe5bbc792f9768916724bdecea3671172412eeb6948c4ff7_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:25077a998c7b6ec7e8122026f2152419a0efe293a00899bb745a66a57f913848_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:5178d3800d74d84a6282a7ddc888eea9b81d62c8a385ad57bb742fa28fb0f575_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:9070f6741e667a4a145ede8dc67d4f7545944ef5fe4937fdcb1a08e9f537e068_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:a7efdef6ef06af0aa97de86ebd0c0ccfc316719195289dfa835261da53b06589_arm64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:2c98b3b933276dbcead1fde142bfcd3f130d89e6812c6b433da7eed650ae2dbc_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:53c79641084ebe6c98274b31e34cc1a759b1443b96cf7dc45317008a30b1fc8d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4333242b1f6f25f8656bd612870d02868f3724d80cf542c8d78ada49a8ad9cb2_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4519eccf48b1f2393bab39980fadde7e398cfff1933b78e9565029f95296ff05_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:a15b54532e9e06d91abce8fd7becf2aa3bfbce56f231036e25e9ffed15760f74_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:ce1e29736422aa55f1a3837fc38a365fbc1096d58b6794cca84ff907da273917_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:42f631d436d62d7399ca3ef8fd89a334c7839823c8e6ffafe2cdd32ee36493bb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:56615395c62e26f3ef9bd267c0d5245331b8c67508df4bd8bbc83d72c4ef3b99_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:84a87320bee17439c05d2c6a1edf3b7e83b2f7ebfdd850399d12635e58da4d55_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:04a821296c01da5155ab36d9381b962866c26e9c7516f321ffe440b7fa13b4c5_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:33aaad4cc22d1e2998e4710cc644f4032bec8f140e5236fdc83d520a869626ef_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:d2cb739f949dc4ec9617bb9470a8482a8011077043e06e735ab0c9d7d1cac381_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:12d3d74ffbd7eb3a4817952835ab9bf5b89edf4fc9af661a28ec009f3251a519_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:1fb43684436f6b55152aab553177df048d5bb267c5efbc61f0f27cdbb0848957_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:c51fe06b557fa20d78af7b12cf6c6ddc3227f44f3957a52f3037c25700cfadb2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:1e1d5fad0aecf93b79b21112360aa0c308654c5b5df829cd3144488f8e217af4_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:72f613c382aac012e2e79e800df50c210f41693cc2aaa5b99cb28ab38f1966c8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7f027d05df255e62828ab28d5f188655fc125bc4ead872c7a33cedaf47b12f8c_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:cf586b7cb58dff92e7f31b8b9ebe5c971e55c67b8ba2c3320d2b71183c88fc7c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:2df297674884e6ac297bae685f80741489ddf1e1d0ae1d5ec354917dff1acdda_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:7af31fef4a2269c2cf444420048ea644c9949714e9a63417fe6d7288abee457b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:3ca10a19a0706af65bb590403adad92114810bf0ac64a89d6ac1d862e4cec671_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:56a321957afd15d357c8b53fc50299c0811981e8b925e64858dc7c4cfcea1993_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:633bfd24f1396c150b5902407879e7b26e7681074772fbbfeccc4d48cbe77b19_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:ff09ee957797fa15208f9130e246ae006c385cc799573a71d31aff9ddf0e805d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:1d258fe98c2477e4256a9b936f412f2501fb7ca9e3b810347f9712e0d5ce5c92_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:e8ccea3bfafbde4d5b91cc7b7732b2b64d6aa08499b5ca63b4d8f1e980291351_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:5bd1065dca1978c49c0143e2be4e921465c6a67fa786ab2a9254f0790259096e_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:8b34aaf5a7729ef1ccd01f2b1b1e3439b304343f3403de67f68255015206fbf4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:ade80e2ecb6fa56c20539e11677c29e57a1e20b5ce60f8414fd8ff3e83c9bc28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:3439c67a60c8323eb88f0181e8f811e5bdd7b51169f8b8cc687ab2148d1bfabe_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:820fd80dbce2d9d9cdf38989ce84ee5601e862786a732ad108fc319e28131944_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:d9a6959a71074ffc5ec0fa324af389fbd8277efbd22a827cef8a439b18cd2bcf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:8e9dbdc213745aa0990f47e50b1d899ac2121951b9346420131d76cc393a493a_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:95ca9b1ecee8f11d6edabd7af76f60d2987df91d11fd0fb4c6578df735717422_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:f01860f904557f887d8aafe42143c63352d6cb496dc727c265f14e3c2d296e06_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:1c76d957c8588ea2987d4b551bbefc2ef07c546cbaeb3148caff06f640b35ade_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:68e9797f37f8e4de817ee4e1cba7d583b541db2373c5d250ccc3344820720b85_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:7f362050312693129d3a15b6eed4fa06576d6529a99bc864f273c55145ae14ec_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:1e66abc3373c50b5ef69b0c63bf877a978e3aa0a368630973cf0a2be7374becf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:9c061b939c8094f4939cd183da381ad8e49d878cc2fdd373b8d26eecae07ab6d_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f0511f3768e51b6801b66c91b302010e6197facb71a0b7777c4d3ad3039b6c88_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:3e70ae3e8b5f776ad3e2a184a1f2f572de5c46386f34edb99e2b9d1d9249ae41_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:5924a7e64d6031aa926f9ecb9ee3be30d8251c4705813a9bef6716d18b7411b4_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:f441a07265d87fb59ee375723e98fbc9af5f3fd5a2c09761692b0e271205f0bb_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:af7bbec8e30b0e0d8393fe1e2bd656d7630b7c9828536be6664fa848fac61505_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:cf4e879101bc4e3666649dda0926de8bbd95e641dc6832c29dc457128256eb6c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:331f8435e1bd3dec98947a24346873d09056e37e2d7ed83a463098dbf9f31a47_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:5e83e352d083892699338da3fa4c9b8218561e7167b4dff102d22e401cbc7f75_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:86ca44b014be65651b83a49a38c0784dee640b491b935e3ed5f3d49d84d55362_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f9ee33c1c4d7f2a872861c9ad1dbb78ba8fed3ab562ae90f12f06a892147e367_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:0ea603487b204f43ebddb1514500cdeaa02a0b763a627e4e10979deec60b7d28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:29ff94de29714044377d060db9ad47f151afec858c8fc127c94ff04adbb984b7_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:2b6c00ee23df974d22c185b592ef4d7babbb76bcadc129a04c869f9983630103_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:e7c4da685e08c79d5b49e9f12ff5efa7cc7d9e26a03c91ab19f86c99e9f4ac23_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2dd15cd61e1e5d98791a68bb513572b82ce5d799dd3fa864d43a8134536b19ff_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:37938821d832d7b957aa6f9b4a468c0eed785625c2bb8257726b4dc094bab9bd_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:e94a31493c7207846ab5d13387311e9a6d99ffa7885d1b8faa8602750059c2a3_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:eb0500f30373c5bcf3e10e27b081f97e5ce8b29a71dde9ff9b7e1066fd5dd80e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:22c745e5d04f7a0d9b188bf6657b1de053c61d99d813f11f6819550ef2a96732_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:49495dd44b7956a5e1bed226a896be649a07cd1b1f915de31d39041a77f6cdb5_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:741b836350d9ec48109468382c81066f401ebb4712ca414d44e3042894111419_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:9cf7f5bdebf6b53fce9cfed4fe530c380f36bb1d60120b53c06043371863d4e6_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:3dd54b885e3d63e5882284bf4878aa723c1fef6833601ed5d5a091b6b74c68d1_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:83f773633a864b707c7e371bd554f79622b999a1ecef4b1cd368e0dd72b7a9ad_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:4a356900b1daca75092b8eac5c1d16f38703941caebba5ddec48120e854bd7e9_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:a26699523e44b43a0f237ee664b3574cbea8d11576bd4bc884c3766c0effb8df_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:1a85e42e32534b58410c519b4d8f7d84fe6ff96567612f18f4bd558fa3c895a6_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef72689e332c4e224a80603ffbcc1603cdf8fe4230b9fd60e7713f0b5c2d5045_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:1c15c95b65bfbcc620d4d429431eabca8f4714d32a38aa68cb15c549e1a6ce4c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:659acd52802b6f2300c223bcde827f1d9b80ac9a93fdb6f574fcb5a08b92607c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:6f44d3b3973c34677d347a67841dbfabd23817de1b5c26967f1b9952c27b48c8_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:b84eb1329e837895ca50d3284553e195918fefc71bdb9dc2550a90b2d927b6eb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:84739168d6ea2813c5b9666773166649a6b328a279dac80b61c51311a6a2943a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-operator-bundle@sha256:74968eea50e067a335e830cfde6d8bf3cd130a9eba77ce918e25e252b7c1541e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:53a8389250e59e7c9f5a9a61914cac361946b256132649bd45f775c8f36b486a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:890b0e4467cdfd68985af367a6d015ff7e92a2b6a1f46e2c2bf233c3d621f1a8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:9f667eb88f5b085ec40b8b06e5f42cf6a0ced0913d7d2b0402cd0472eb4b428c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:eedab7e6fd4adb2bd697e8cbcbd6703291d9fe5d2a3a048e8c34d9529586c93a_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:12ac94419811458fb309d417091e279d485c4a665899d3a7d3157b8b32c1b03d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:4318d360c3a968ee79ef68979105ee5ffb93137757a3b4a6c42c15e6cf6b11ba_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:ba6188d3d284f030f90e117c87501a8d08c4b356383429ad39806472113aa41b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:05c7ffbd4dfa1f6ef760ed86f142d84d4c42583fa0b747eedc234763bef74ebb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:883f4ae255413c1409d3fb607f91fdf13badf534c5e8f78d9905c8da69cdeeed_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:b7f375f2f1f4eb828ee8255143143385c4662aab967c007a89954903c8a7c27f_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:d29d106e6c0f6a3ae971903a16cf4a564950bcf5336219eb6665cae98b824d33_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:5a2db37676e0f0b05fe2a8c5f82bb489ff3c8dd80f94b9fb3540488ab39ff6ca_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:bab28cfa3596192875dbf305a4ed7432db0ebebec604053d30895931818740cd_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66506"
},
{
"category": "external",
"summary": "RHBZ#2419056",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419056"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66506"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66506",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66506"
},
{
"category": "external",
"summary": "https://github.com/sigstore/fulcio/commit/765a0e57608b9ef390e1eeeea8595b9054c63a5a",
"url": "https://github.com/sigstore/fulcio/commit/765a0e57608b9ef390e1eeeea8595b9054c63a5a"
},
{
"category": "external",
"summary": "https://github.com/sigstore/fulcio/security/advisories/GHSA-f83f-xpx7-ffpw",
"url": "https://github.com/sigstore/fulcio/security/advisories/GHSA-f83f-xpx7-ffpw"
}
],
"release_date": "2025-12-04T22:04:41.637000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-12T22:43:13+00:00",
"details": "For Red Hat OpenShift AI 2.25.2 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:114fd9b55f5ea28a16c3fe2eef773a4cb4693c1885ef6193399cfea278191acb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:6490c1848b373efe6c327f8959e06b66b1ac3fe0f90fa697f7309d9f48c66765_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:816d8f81196bb0acfe5bbc792f9768916724bdecea3671172412eeb6948c4ff7_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:25077a998c7b6ec7e8122026f2152419a0efe293a00899bb745a66a57f913848_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:5178d3800d74d84a6282a7ddc888eea9b81d62c8a385ad57bb742fa28fb0f575_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:9070f6741e667a4a145ede8dc67d4f7545944ef5fe4937fdcb1a08e9f537e068_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:a7efdef6ef06af0aa97de86ebd0c0ccfc316719195289dfa835261da53b06589_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2695"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:2c98b3b933276dbcead1fde142bfcd3f130d89e6812c6b433da7eed650ae2dbc_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:53c79641084ebe6c98274b31e34cc1a759b1443b96cf7dc45317008a30b1fc8d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4333242b1f6f25f8656bd612870d02868f3724d80cf542c8d78ada49a8ad9cb2_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4519eccf48b1f2393bab39980fadde7e398cfff1933b78e9565029f95296ff05_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:a15b54532e9e06d91abce8fd7becf2aa3bfbce56f231036e25e9ffed15760f74_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:ce1e29736422aa55f1a3837fc38a365fbc1096d58b6794cca84ff907da273917_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:42f631d436d62d7399ca3ef8fd89a334c7839823c8e6ffafe2cdd32ee36493bb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:56615395c62e26f3ef9bd267c0d5245331b8c67508df4bd8bbc83d72c4ef3b99_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:84a87320bee17439c05d2c6a1edf3b7e83b2f7ebfdd850399d12635e58da4d55_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:04a821296c01da5155ab36d9381b962866c26e9c7516f321ffe440b7fa13b4c5_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:33aaad4cc22d1e2998e4710cc644f4032bec8f140e5236fdc83d520a869626ef_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:d2cb739f949dc4ec9617bb9470a8482a8011077043e06e735ab0c9d7d1cac381_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:12d3d74ffbd7eb3a4817952835ab9bf5b89edf4fc9af661a28ec009f3251a519_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:1fb43684436f6b55152aab553177df048d5bb267c5efbc61f0f27cdbb0848957_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:c51fe06b557fa20d78af7b12cf6c6ddc3227f44f3957a52f3037c25700cfadb2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:1e1d5fad0aecf93b79b21112360aa0c308654c5b5df829cd3144488f8e217af4_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:72f613c382aac012e2e79e800df50c210f41693cc2aaa5b99cb28ab38f1966c8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7f027d05df255e62828ab28d5f188655fc125bc4ead872c7a33cedaf47b12f8c_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:cf586b7cb58dff92e7f31b8b9ebe5c971e55c67b8ba2c3320d2b71183c88fc7c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:2df297674884e6ac297bae685f80741489ddf1e1d0ae1d5ec354917dff1acdda_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:7af31fef4a2269c2cf444420048ea644c9949714e9a63417fe6d7288abee457b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:3ca10a19a0706af65bb590403adad92114810bf0ac64a89d6ac1d862e4cec671_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:56a321957afd15d357c8b53fc50299c0811981e8b925e64858dc7c4cfcea1993_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:633bfd24f1396c150b5902407879e7b26e7681074772fbbfeccc4d48cbe77b19_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:ff09ee957797fa15208f9130e246ae006c385cc799573a71d31aff9ddf0e805d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:1d258fe98c2477e4256a9b936f412f2501fb7ca9e3b810347f9712e0d5ce5c92_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:e8ccea3bfafbde4d5b91cc7b7732b2b64d6aa08499b5ca63b4d8f1e980291351_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:5bd1065dca1978c49c0143e2be4e921465c6a67fa786ab2a9254f0790259096e_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:8b34aaf5a7729ef1ccd01f2b1b1e3439b304343f3403de67f68255015206fbf4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:ade80e2ecb6fa56c20539e11677c29e57a1e20b5ce60f8414fd8ff3e83c9bc28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:3439c67a60c8323eb88f0181e8f811e5bdd7b51169f8b8cc687ab2148d1bfabe_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:820fd80dbce2d9d9cdf38989ce84ee5601e862786a732ad108fc319e28131944_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:d9a6959a71074ffc5ec0fa324af389fbd8277efbd22a827cef8a439b18cd2bcf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:8e9dbdc213745aa0990f47e50b1d899ac2121951b9346420131d76cc393a493a_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:95ca9b1ecee8f11d6edabd7af76f60d2987df91d11fd0fb4c6578df735717422_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:f01860f904557f887d8aafe42143c63352d6cb496dc727c265f14e3c2d296e06_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:1c76d957c8588ea2987d4b551bbefc2ef07c546cbaeb3148caff06f640b35ade_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:68e9797f37f8e4de817ee4e1cba7d583b541db2373c5d250ccc3344820720b85_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:7f362050312693129d3a15b6eed4fa06576d6529a99bc864f273c55145ae14ec_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:114fd9b55f5ea28a16c3fe2eef773a4cb4693c1885ef6193399cfea278191acb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:6490c1848b373efe6c327f8959e06b66b1ac3fe0f90fa697f7309d9f48c66765_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:816d8f81196bb0acfe5bbc792f9768916724bdecea3671172412eeb6948c4ff7_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:1e66abc3373c50b5ef69b0c63bf877a978e3aa0a368630973cf0a2be7374becf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:9c061b939c8094f4939cd183da381ad8e49d878cc2fdd373b8d26eecae07ab6d_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f0511f3768e51b6801b66c91b302010e6197facb71a0b7777c4d3ad3039b6c88_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:3e70ae3e8b5f776ad3e2a184a1f2f572de5c46386f34edb99e2b9d1d9249ae41_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:5924a7e64d6031aa926f9ecb9ee3be30d8251c4705813a9bef6716d18b7411b4_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:f441a07265d87fb59ee375723e98fbc9af5f3fd5a2c09761692b0e271205f0bb_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:af7bbec8e30b0e0d8393fe1e2bd656d7630b7c9828536be6664fa848fac61505_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:cf4e879101bc4e3666649dda0926de8bbd95e641dc6832c29dc457128256eb6c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:331f8435e1bd3dec98947a24346873d09056e37e2d7ed83a463098dbf9f31a47_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:5e83e352d083892699338da3fa4c9b8218561e7167b4dff102d22e401cbc7f75_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:86ca44b014be65651b83a49a38c0784dee640b491b935e3ed5f3d49d84d55362_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f9ee33c1c4d7f2a872861c9ad1dbb78ba8fed3ab562ae90f12f06a892147e367_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:0ea603487b204f43ebddb1514500cdeaa02a0b763a627e4e10979deec60b7d28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:29ff94de29714044377d060db9ad47f151afec858c8fc127c94ff04adbb984b7_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:2b6c00ee23df974d22c185b592ef4d7babbb76bcadc129a04c869f9983630103_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:e7c4da685e08c79d5b49e9f12ff5efa7cc7d9e26a03c91ab19f86c99e9f4ac23_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:25077a998c7b6ec7e8122026f2152419a0efe293a00899bb745a66a57f913848_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:5178d3800d74d84a6282a7ddc888eea9b81d62c8a385ad57bb742fa28fb0f575_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:9070f6741e667a4a145ede8dc67d4f7545944ef5fe4937fdcb1a08e9f537e068_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:a7efdef6ef06af0aa97de86ebd0c0ccfc316719195289dfa835261da53b06589_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2dd15cd61e1e5d98791a68bb513572b82ce5d799dd3fa864d43a8134536b19ff_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:37938821d832d7b957aa6f9b4a468c0eed785625c2bb8257726b4dc094bab9bd_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:e94a31493c7207846ab5d13387311e9a6d99ffa7885d1b8faa8602750059c2a3_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:eb0500f30373c5bcf3e10e27b081f97e5ce8b29a71dde9ff9b7e1066fd5dd80e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:22c745e5d04f7a0d9b188bf6657b1de053c61d99d813f11f6819550ef2a96732_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:49495dd44b7956a5e1bed226a896be649a07cd1b1f915de31d39041a77f6cdb5_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:741b836350d9ec48109468382c81066f401ebb4712ca414d44e3042894111419_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:9cf7f5bdebf6b53fce9cfed4fe530c380f36bb1d60120b53c06043371863d4e6_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:3dd54b885e3d63e5882284bf4878aa723c1fef6833601ed5d5a091b6b74c68d1_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:83f773633a864b707c7e371bd554f79622b999a1ecef4b1cd368e0dd72b7a9ad_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:4a356900b1daca75092b8eac5c1d16f38703941caebba5ddec48120e854bd7e9_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:a26699523e44b43a0f237ee664b3574cbea8d11576bd4bc884c3766c0effb8df_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:1a85e42e32534b58410c519b4d8f7d84fe6ff96567612f18f4bd558fa3c895a6_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef72689e332c4e224a80603ffbcc1603cdf8fe4230b9fd60e7713f0b5c2d5045_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:1c15c95b65bfbcc620d4d429431eabca8f4714d32a38aa68cb15c549e1a6ce4c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:659acd52802b6f2300c223bcde827f1d9b80ac9a93fdb6f574fcb5a08b92607c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:6f44d3b3973c34677d347a67841dbfabd23817de1b5c26967f1b9952c27b48c8_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:b84eb1329e837895ca50d3284553e195918fefc71bdb9dc2550a90b2d927b6eb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:84739168d6ea2813c5b9666773166649a6b328a279dac80b61c51311a6a2943a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-operator-bundle@sha256:74968eea50e067a335e830cfde6d8bf3cd130a9eba77ce918e25e252b7c1541e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:53a8389250e59e7c9f5a9a61914cac361946b256132649bd45f775c8f36b486a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:890b0e4467cdfd68985af367a6d015ff7e92a2b6a1f46e2c2bf233c3d621f1a8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:9f667eb88f5b085ec40b8b06e5f42cf6a0ced0913d7d2b0402cd0472eb4b428c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:eedab7e6fd4adb2bd697e8cbcbd6703291d9fe5d2a3a048e8c34d9529586c93a_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:12ac94419811458fb309d417091e279d485c4a665899d3a7d3157b8b32c1b03d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:4318d360c3a968ee79ef68979105ee5ffb93137757a3b4a6c42c15e6cf6b11ba_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:ba6188d3d284f030f90e117c87501a8d08c4b356383429ad39806472113aa41b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:05c7ffbd4dfa1f6ef760ed86f142d84d4c42583fa0b747eedc234763bef74ebb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:883f4ae255413c1409d3fb607f91fdf13badf534c5e8f78d9905c8da69cdeeed_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:b7f375f2f1f4eb828ee8255143143385c4662aab967c007a89954903c8a7c27f_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:d29d106e6c0f6a3ae971903a16cf4a564950bcf5336219eb6665cae98b824d33_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:5a2db37676e0f0b05fe2a8c5f82bb489ff3c8dd80f94b9fb3540488ab39ff6ca_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:bab28cfa3596192875dbf305a4ed7432db0ebebec604053d30895931818740cd_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/sigstore/fulcio: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token"
},
{
"cve": "CVE-2025-66626",
"cwe": {
"id": "CWE-73",
"name": "External Control of File Name or Path"
},
"discovery_date": "2025-12-09T21:01:10.560389+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:2c98b3b933276dbcead1fde142bfcd3f130d89e6812c6b433da7eed650ae2dbc_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:53c79641084ebe6c98274b31e34cc1a759b1443b96cf7dc45317008a30b1fc8d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4333242b1f6f25f8656bd612870d02868f3724d80cf542c8d78ada49a8ad9cb2_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4519eccf48b1f2393bab39980fadde7e398cfff1933b78e9565029f95296ff05_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:a15b54532e9e06d91abce8fd7becf2aa3bfbce56f231036e25e9ffed15760f74_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:ce1e29736422aa55f1a3837fc38a365fbc1096d58b6794cca84ff907da273917_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:12d3d74ffbd7eb3a4817952835ab9bf5b89edf4fc9af661a28ec009f3251a519_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:1fb43684436f6b55152aab553177df048d5bb267c5efbc61f0f27cdbb0848957_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:c51fe06b557fa20d78af7b12cf6c6ddc3227f44f3957a52f3037c25700cfadb2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:1e1d5fad0aecf93b79b21112360aa0c308654c5b5df829cd3144488f8e217af4_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:72f613c382aac012e2e79e800df50c210f41693cc2aaa5b99cb28ab38f1966c8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7f027d05df255e62828ab28d5f188655fc125bc4ead872c7a33cedaf47b12f8c_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:cf586b7cb58dff92e7f31b8b9ebe5c971e55c67b8ba2c3320d2b71183c88fc7c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:2df297674884e6ac297bae685f80741489ddf1e1d0ae1d5ec354917dff1acdda_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:7af31fef4a2269c2cf444420048ea644c9949714e9a63417fe6d7288abee457b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:3ca10a19a0706af65bb590403adad92114810bf0ac64a89d6ac1d862e4cec671_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:56a321957afd15d357c8b53fc50299c0811981e8b925e64858dc7c4cfcea1993_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:633bfd24f1396c150b5902407879e7b26e7681074772fbbfeccc4d48cbe77b19_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:ff09ee957797fa15208f9130e246ae006c385cc799573a71d31aff9ddf0e805d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:1d258fe98c2477e4256a9b936f412f2501fb7ca9e3b810347f9712e0d5ce5c92_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:e8ccea3bfafbde4d5b91cc7b7732b2b64d6aa08499b5ca63b4d8f1e980291351_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:114fd9b55f5ea28a16c3fe2eef773a4cb4693c1885ef6193399cfea278191acb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:6490c1848b373efe6c327f8959e06b66b1ac3fe0f90fa697f7309d9f48c66765_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:816d8f81196bb0acfe5bbc792f9768916724bdecea3671172412eeb6948c4ff7_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:3e70ae3e8b5f776ad3e2a184a1f2f572de5c46386f34edb99e2b9d1d9249ae41_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:5924a7e64d6031aa926f9ecb9ee3be30d8251c4705813a9bef6716d18b7411b4_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:f441a07265d87fb59ee375723e98fbc9af5f3fd5a2c09761692b0e271205f0bb_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:af7bbec8e30b0e0d8393fe1e2bd656d7630b7c9828536be6664fa848fac61505_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:cf4e879101bc4e3666649dda0926de8bbd95e641dc6832c29dc457128256eb6c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:331f8435e1bd3dec98947a24346873d09056e37e2d7ed83a463098dbf9f31a47_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:5e83e352d083892699338da3fa4c9b8218561e7167b4dff102d22e401cbc7f75_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:86ca44b014be65651b83a49a38c0784dee640b491b935e3ed5f3d49d84d55362_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f9ee33c1c4d7f2a872861c9ad1dbb78ba8fed3ab562ae90f12f06a892147e367_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:0ea603487b204f43ebddb1514500cdeaa02a0b763a627e4e10979deec60b7d28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:29ff94de29714044377d060db9ad47f151afec858c8fc127c94ff04adbb984b7_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:2b6c00ee23df974d22c185b592ef4d7babbb76bcadc129a04c869f9983630103_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:e7c4da685e08c79d5b49e9f12ff5efa7cc7d9e26a03c91ab19f86c99e9f4ac23_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:25077a998c7b6ec7e8122026f2152419a0efe293a00899bb745a66a57f913848_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:5178d3800d74d84a6282a7ddc888eea9b81d62c8a385ad57bb742fa28fb0f575_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:9070f6741e667a4a145ede8dc67d4f7545944ef5fe4937fdcb1a08e9f537e068_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:a7efdef6ef06af0aa97de86ebd0c0ccfc316719195289dfa835261da53b06589_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2dd15cd61e1e5d98791a68bb513572b82ce5d799dd3fa864d43a8134536b19ff_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:37938821d832d7b957aa6f9b4a468c0eed785625c2bb8257726b4dc094bab9bd_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:e94a31493c7207846ab5d13387311e9a6d99ffa7885d1b8faa8602750059c2a3_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:eb0500f30373c5bcf3e10e27b081f97e5ce8b29a71dde9ff9b7e1066fd5dd80e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:22c745e5d04f7a0d9b188bf6657b1de053c61d99d813f11f6819550ef2a96732_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:49495dd44b7956a5e1bed226a896be649a07cd1b1f915de31d39041a77f6cdb5_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:741b836350d9ec48109468382c81066f401ebb4712ca414d44e3042894111419_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:9cf7f5bdebf6b53fce9cfed4fe530c380f36bb1d60120b53c06043371863d4e6_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:3dd54b885e3d63e5882284bf4878aa723c1fef6833601ed5d5a091b6b74c68d1_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:83f773633a864b707c7e371bd554f79622b999a1ecef4b1cd368e0dd72b7a9ad_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:4a356900b1daca75092b8eac5c1d16f38703941caebba5ddec48120e854bd7e9_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:a26699523e44b43a0f237ee664b3574cbea8d11576bd4bc884c3766c0effb8df_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:1a85e42e32534b58410c519b4d8f7d84fe6ff96567612f18f4bd558fa3c895a6_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef72689e332c4e224a80603ffbcc1603cdf8fe4230b9fd60e7713f0b5c2d5045_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:1c15c95b65bfbcc620d4d429431eabca8f4714d32a38aa68cb15c549e1a6ce4c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:659acd52802b6f2300c223bcde827f1d9b80ac9a93fdb6f574fcb5a08b92607c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:6f44d3b3973c34677d347a67841dbfabd23817de1b5c26967f1b9952c27b48c8_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:b84eb1329e837895ca50d3284553e195918fefc71bdb9dc2550a90b2d927b6eb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:84739168d6ea2813c5b9666773166649a6b328a279dac80b61c51311a6a2943a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-operator-bundle@sha256:74968eea50e067a335e830cfde6d8bf3cd130a9eba77ce918e25e252b7c1541e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:53a8389250e59e7c9f5a9a61914cac361946b256132649bd45f775c8f36b486a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:890b0e4467cdfd68985af367a6d015ff7e92a2b6a1f46e2c2bf233c3d621f1a8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:9f667eb88f5b085ec40b8b06e5f42cf6a0ced0913d7d2b0402cd0472eb4b428c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:eedab7e6fd4adb2bd697e8cbcbd6703291d9fe5d2a3a048e8c34d9529586c93a_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:12ac94419811458fb309d417091e279d485c4a665899d3a7d3157b8b32c1b03d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:4318d360c3a968ee79ef68979105ee5ffb93137757a3b4a6c42c15e6cf6b11ba_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:ba6188d3d284f030f90e117c87501a8d08c4b356383429ad39806472113aa41b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:05c7ffbd4dfa1f6ef760ed86f142d84d4c42583fa0b747eedc234763bef74ebb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:883f4ae255413c1409d3fb607f91fdf13badf534c5e8f78d9905c8da69cdeeed_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:b7f375f2f1f4eb828ee8255143143385c4662aab967c007a89954903c8a7c27f_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:d29d106e6c0f6a3ae971903a16cf4a564950bcf5336219eb6665cae98b824d33_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:5a2db37676e0f0b05fe2a8c5f82bb489ff3c8dd80f94b9fb3540488ab39ff6ca_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:bab28cfa3596192875dbf305a4ed7432db0ebebec604053d30895931818740cd_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2420818"
}
],
"notes": [
{
"category": "description",
"text": "A path traversal and arbitrary file overwrite vulnerability has been identified in Argo Workflows during the extraction of archived artifacts, where symbolic links inside a crafted archive are not safely validated before file extraction. An attacker could exploit this flaw by submitting a malicious archive containing symbolic links that point outside the intended extraction directory, causing files to be written or overwritten in unintended locations within the workflow pod. Successful exploitation may allow an attacker to overwrite execution control files and achieve arbitrary command execution during pod startup.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/argoproj/argo-workflows: argoproj/argo-workflows is vulnerable to RCE via ZipSlip and symbolic links",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security has rated this issue as High severity (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H, 8.3) because an attacker with basic workflow submission privileges can supply a specially crafted archive that is automatically extracted without proper validation. The attack complexity is low and does not require user interaction once the malicious workflow is submitted. Successful exploitation allows arbitrary file overwrite within the affected pod, including critical execution files, which can result in code execution at pod startup. While the impact is generally limited to the compromised pod and does not directly lead to host-level compromise, the integrity and availability impacts within the container are significant, justifying a High severity rating.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:42f631d436d62d7399ca3ef8fd89a334c7839823c8e6ffafe2cdd32ee36493bb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:56615395c62e26f3ef9bd267c0d5245331b8c67508df4bd8bbc83d72c4ef3b99_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:84a87320bee17439c05d2c6a1edf3b7e83b2f7ebfdd850399d12635e58da4d55_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:04a821296c01da5155ab36d9381b962866c26e9c7516f321ffe440b7fa13b4c5_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:33aaad4cc22d1e2998e4710cc644f4032bec8f140e5236fdc83d520a869626ef_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:d2cb739f949dc4ec9617bb9470a8482a8011077043e06e735ab0c9d7d1cac381_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:5bd1065dca1978c49c0143e2be4e921465c6a67fa786ab2a9254f0790259096e_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:8b34aaf5a7729ef1ccd01f2b1b1e3439b304343f3403de67f68255015206fbf4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:ade80e2ecb6fa56c20539e11677c29e57a1e20b5ce60f8414fd8ff3e83c9bc28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:3439c67a60c8323eb88f0181e8f811e5bdd7b51169f8b8cc687ab2148d1bfabe_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:820fd80dbce2d9d9cdf38989ce84ee5601e862786a732ad108fc319e28131944_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:d9a6959a71074ffc5ec0fa324af389fbd8277efbd22a827cef8a439b18cd2bcf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:8e9dbdc213745aa0990f47e50b1d899ac2121951b9346420131d76cc393a493a_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:95ca9b1ecee8f11d6edabd7af76f60d2987df91d11fd0fb4c6578df735717422_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:f01860f904557f887d8aafe42143c63352d6cb496dc727c265f14e3c2d296e06_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:1c76d957c8588ea2987d4b551bbefc2ef07c546cbaeb3148caff06f640b35ade_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:68e9797f37f8e4de817ee4e1cba7d583b541db2373c5d250ccc3344820720b85_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:7f362050312693129d3a15b6eed4fa06576d6529a99bc864f273c55145ae14ec_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:1e66abc3373c50b5ef69b0c63bf877a978e3aa0a368630973cf0a2be7374becf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:9c061b939c8094f4939cd183da381ad8e49d878cc2fdd373b8d26eecae07ab6d_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f0511f3768e51b6801b66c91b302010e6197facb71a0b7777c4d3ad3039b6c88_arm64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:2c98b3b933276dbcead1fde142bfcd3f130d89e6812c6b433da7eed650ae2dbc_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:53c79641084ebe6c98274b31e34cc1a759b1443b96cf7dc45317008a30b1fc8d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4333242b1f6f25f8656bd612870d02868f3724d80cf542c8d78ada49a8ad9cb2_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4519eccf48b1f2393bab39980fadde7e398cfff1933b78e9565029f95296ff05_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:a15b54532e9e06d91abce8fd7becf2aa3bfbce56f231036e25e9ffed15760f74_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:ce1e29736422aa55f1a3837fc38a365fbc1096d58b6794cca84ff907da273917_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:12d3d74ffbd7eb3a4817952835ab9bf5b89edf4fc9af661a28ec009f3251a519_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:1fb43684436f6b55152aab553177df048d5bb267c5efbc61f0f27cdbb0848957_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:c51fe06b557fa20d78af7b12cf6c6ddc3227f44f3957a52f3037c25700cfadb2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:1e1d5fad0aecf93b79b21112360aa0c308654c5b5df829cd3144488f8e217af4_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:72f613c382aac012e2e79e800df50c210f41693cc2aaa5b99cb28ab38f1966c8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7f027d05df255e62828ab28d5f188655fc125bc4ead872c7a33cedaf47b12f8c_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:cf586b7cb58dff92e7f31b8b9ebe5c971e55c67b8ba2c3320d2b71183c88fc7c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:2df297674884e6ac297bae685f80741489ddf1e1d0ae1d5ec354917dff1acdda_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:7af31fef4a2269c2cf444420048ea644c9949714e9a63417fe6d7288abee457b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:3ca10a19a0706af65bb590403adad92114810bf0ac64a89d6ac1d862e4cec671_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:56a321957afd15d357c8b53fc50299c0811981e8b925e64858dc7c4cfcea1993_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:633bfd24f1396c150b5902407879e7b26e7681074772fbbfeccc4d48cbe77b19_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:ff09ee957797fa15208f9130e246ae006c385cc799573a71d31aff9ddf0e805d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:1d258fe98c2477e4256a9b936f412f2501fb7ca9e3b810347f9712e0d5ce5c92_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:e8ccea3bfafbde4d5b91cc7b7732b2b64d6aa08499b5ca63b4d8f1e980291351_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:114fd9b55f5ea28a16c3fe2eef773a4cb4693c1885ef6193399cfea278191acb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:6490c1848b373efe6c327f8959e06b66b1ac3fe0f90fa697f7309d9f48c66765_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:816d8f81196bb0acfe5bbc792f9768916724bdecea3671172412eeb6948c4ff7_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:3e70ae3e8b5f776ad3e2a184a1f2f572de5c46386f34edb99e2b9d1d9249ae41_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:5924a7e64d6031aa926f9ecb9ee3be30d8251c4705813a9bef6716d18b7411b4_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:f441a07265d87fb59ee375723e98fbc9af5f3fd5a2c09761692b0e271205f0bb_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:af7bbec8e30b0e0d8393fe1e2bd656d7630b7c9828536be6664fa848fac61505_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:cf4e879101bc4e3666649dda0926de8bbd95e641dc6832c29dc457128256eb6c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:331f8435e1bd3dec98947a24346873d09056e37e2d7ed83a463098dbf9f31a47_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:5e83e352d083892699338da3fa4c9b8218561e7167b4dff102d22e401cbc7f75_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:86ca44b014be65651b83a49a38c0784dee640b491b935e3ed5f3d49d84d55362_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f9ee33c1c4d7f2a872861c9ad1dbb78ba8fed3ab562ae90f12f06a892147e367_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:0ea603487b204f43ebddb1514500cdeaa02a0b763a627e4e10979deec60b7d28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:29ff94de29714044377d060db9ad47f151afec858c8fc127c94ff04adbb984b7_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:2b6c00ee23df974d22c185b592ef4d7babbb76bcadc129a04c869f9983630103_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:e7c4da685e08c79d5b49e9f12ff5efa7cc7d9e26a03c91ab19f86c99e9f4ac23_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:25077a998c7b6ec7e8122026f2152419a0efe293a00899bb745a66a57f913848_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:5178d3800d74d84a6282a7ddc888eea9b81d62c8a385ad57bb742fa28fb0f575_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:9070f6741e667a4a145ede8dc67d4f7545944ef5fe4937fdcb1a08e9f537e068_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:a7efdef6ef06af0aa97de86ebd0c0ccfc316719195289dfa835261da53b06589_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2dd15cd61e1e5d98791a68bb513572b82ce5d799dd3fa864d43a8134536b19ff_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:37938821d832d7b957aa6f9b4a468c0eed785625c2bb8257726b4dc094bab9bd_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:e94a31493c7207846ab5d13387311e9a6d99ffa7885d1b8faa8602750059c2a3_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:eb0500f30373c5bcf3e10e27b081f97e5ce8b29a71dde9ff9b7e1066fd5dd80e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:22c745e5d04f7a0d9b188bf6657b1de053c61d99d813f11f6819550ef2a96732_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:49495dd44b7956a5e1bed226a896be649a07cd1b1f915de31d39041a77f6cdb5_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:741b836350d9ec48109468382c81066f401ebb4712ca414d44e3042894111419_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:9cf7f5bdebf6b53fce9cfed4fe530c380f36bb1d60120b53c06043371863d4e6_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:3dd54b885e3d63e5882284bf4878aa723c1fef6833601ed5d5a091b6b74c68d1_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:83f773633a864b707c7e371bd554f79622b999a1ecef4b1cd368e0dd72b7a9ad_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:4a356900b1daca75092b8eac5c1d16f38703941caebba5ddec48120e854bd7e9_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:a26699523e44b43a0f237ee664b3574cbea8d11576bd4bc884c3766c0effb8df_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:1a85e42e32534b58410c519b4d8f7d84fe6ff96567612f18f4bd558fa3c895a6_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef72689e332c4e224a80603ffbcc1603cdf8fe4230b9fd60e7713f0b5c2d5045_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:1c15c95b65bfbcc620d4d429431eabca8f4714d32a38aa68cb15c549e1a6ce4c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:659acd52802b6f2300c223bcde827f1d9b80ac9a93fdb6f574fcb5a08b92607c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:6f44d3b3973c34677d347a67841dbfabd23817de1b5c26967f1b9952c27b48c8_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:b84eb1329e837895ca50d3284553e195918fefc71bdb9dc2550a90b2d927b6eb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:84739168d6ea2813c5b9666773166649a6b328a279dac80b61c51311a6a2943a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-operator-bundle@sha256:74968eea50e067a335e830cfde6d8bf3cd130a9eba77ce918e25e252b7c1541e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:53a8389250e59e7c9f5a9a61914cac361946b256132649bd45f775c8f36b486a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:890b0e4467cdfd68985af367a6d015ff7e92a2b6a1f46e2c2bf233c3d621f1a8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:9f667eb88f5b085ec40b8b06e5f42cf6a0ced0913d7d2b0402cd0472eb4b428c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:eedab7e6fd4adb2bd697e8cbcbd6703291d9fe5d2a3a048e8c34d9529586c93a_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:12ac94419811458fb309d417091e279d485c4a665899d3a7d3157b8b32c1b03d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:4318d360c3a968ee79ef68979105ee5ffb93137757a3b4a6c42c15e6cf6b11ba_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:ba6188d3d284f030f90e117c87501a8d08c4b356383429ad39806472113aa41b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:05c7ffbd4dfa1f6ef760ed86f142d84d4c42583fa0b747eedc234763bef74ebb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:883f4ae255413c1409d3fb607f91fdf13badf534c5e8f78d9905c8da69cdeeed_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:b7f375f2f1f4eb828ee8255143143385c4662aab967c007a89954903c8a7c27f_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:d29d106e6c0f6a3ae971903a16cf4a564950bcf5336219eb6665cae98b824d33_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:5a2db37676e0f0b05fe2a8c5f82bb489ff3c8dd80f94b9fb3540488ab39ff6ca_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:bab28cfa3596192875dbf305a4ed7432db0ebebec604053d30895931818740cd_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66626"
},
{
"category": "external",
"summary": "RHBZ#2420818",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2420818"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66626",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66626"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66626",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66626"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-p84v-gxvw-73pf",
"url": "https://github.com/advisories/GHSA-p84v-gxvw-73pf"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-workflows/blob/5291e0b01f94ba864f96f795bb500f2cfc5ad799/workflow/executor/executor.go#L1034-L1037",
"url": "https://github.com/argoproj/argo-workflows/blob/5291e0b01f94ba864f96f795bb500f2cfc5ad799/workflow/executor/executor.go#L1034-L1037"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-workflows/commit/6b92af23f35aed4d4de8b04adcaf19d68f006de1",
"url": "https://github.com/argoproj/argo-workflows/commit/6b92af23f35aed4d4de8b04adcaf19d68f006de1"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-workflows/security/advisories/GHSA-xrqc-7xgx-c9vh",
"url": "https://github.com/argoproj/argo-workflows/security/advisories/GHSA-xrqc-7xgx-c9vh"
}
],
"release_date": "2025-12-09T20:19:14.680000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-12T22:43:13+00:00",
"details": "For Red Hat OpenShift AI 2.25.2 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:42f631d436d62d7399ca3ef8fd89a334c7839823c8e6ffafe2cdd32ee36493bb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:56615395c62e26f3ef9bd267c0d5245331b8c67508df4bd8bbc83d72c4ef3b99_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:84a87320bee17439c05d2c6a1edf3b7e83b2f7ebfdd850399d12635e58da4d55_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:04a821296c01da5155ab36d9381b962866c26e9c7516f321ffe440b7fa13b4c5_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:33aaad4cc22d1e2998e4710cc644f4032bec8f140e5236fdc83d520a869626ef_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:d2cb739f949dc4ec9617bb9470a8482a8011077043e06e735ab0c9d7d1cac381_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:5bd1065dca1978c49c0143e2be4e921465c6a67fa786ab2a9254f0790259096e_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:8b34aaf5a7729ef1ccd01f2b1b1e3439b304343f3403de67f68255015206fbf4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:ade80e2ecb6fa56c20539e11677c29e57a1e20b5ce60f8414fd8ff3e83c9bc28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:3439c67a60c8323eb88f0181e8f811e5bdd7b51169f8b8cc687ab2148d1bfabe_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:820fd80dbce2d9d9cdf38989ce84ee5601e862786a732ad108fc319e28131944_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:d9a6959a71074ffc5ec0fa324af389fbd8277efbd22a827cef8a439b18cd2bcf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:8e9dbdc213745aa0990f47e50b1d899ac2121951b9346420131d76cc393a493a_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:95ca9b1ecee8f11d6edabd7af76f60d2987df91d11fd0fb4c6578df735717422_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:f01860f904557f887d8aafe42143c63352d6cb496dc727c265f14e3c2d296e06_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:1c76d957c8588ea2987d4b551bbefc2ef07c546cbaeb3148caff06f640b35ade_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:68e9797f37f8e4de817ee4e1cba7d583b541db2373c5d250ccc3344820720b85_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:7f362050312693129d3a15b6eed4fa06576d6529a99bc864f273c55145ae14ec_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:1e66abc3373c50b5ef69b0c63bf877a978e3aa0a368630973cf0a2be7374becf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:9c061b939c8094f4939cd183da381ad8e49d878cc2fdd373b8d26eecae07ab6d_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f0511f3768e51b6801b66c91b302010e6197facb71a0b7777c4d3ad3039b6c88_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2695"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:2c98b3b933276dbcead1fde142bfcd3f130d89e6812c6b433da7eed650ae2dbc_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:53c79641084ebe6c98274b31e34cc1a759b1443b96cf7dc45317008a30b1fc8d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4333242b1f6f25f8656bd612870d02868f3724d80cf542c8d78ada49a8ad9cb2_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4519eccf48b1f2393bab39980fadde7e398cfff1933b78e9565029f95296ff05_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:a15b54532e9e06d91abce8fd7becf2aa3bfbce56f231036e25e9ffed15760f74_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:ce1e29736422aa55f1a3837fc38a365fbc1096d58b6794cca84ff907da273917_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:42f631d436d62d7399ca3ef8fd89a334c7839823c8e6ffafe2cdd32ee36493bb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:56615395c62e26f3ef9bd267c0d5245331b8c67508df4bd8bbc83d72c4ef3b99_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:84a87320bee17439c05d2c6a1edf3b7e83b2f7ebfdd850399d12635e58da4d55_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:04a821296c01da5155ab36d9381b962866c26e9c7516f321ffe440b7fa13b4c5_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:33aaad4cc22d1e2998e4710cc644f4032bec8f140e5236fdc83d520a869626ef_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:d2cb739f949dc4ec9617bb9470a8482a8011077043e06e735ab0c9d7d1cac381_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:12d3d74ffbd7eb3a4817952835ab9bf5b89edf4fc9af661a28ec009f3251a519_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:1fb43684436f6b55152aab553177df048d5bb267c5efbc61f0f27cdbb0848957_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:c51fe06b557fa20d78af7b12cf6c6ddc3227f44f3957a52f3037c25700cfadb2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:1e1d5fad0aecf93b79b21112360aa0c308654c5b5df829cd3144488f8e217af4_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:72f613c382aac012e2e79e800df50c210f41693cc2aaa5b99cb28ab38f1966c8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7f027d05df255e62828ab28d5f188655fc125bc4ead872c7a33cedaf47b12f8c_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:cf586b7cb58dff92e7f31b8b9ebe5c971e55c67b8ba2c3320d2b71183c88fc7c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:2df297674884e6ac297bae685f80741489ddf1e1d0ae1d5ec354917dff1acdda_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:7af31fef4a2269c2cf444420048ea644c9949714e9a63417fe6d7288abee457b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:3ca10a19a0706af65bb590403adad92114810bf0ac64a89d6ac1d862e4cec671_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:56a321957afd15d357c8b53fc50299c0811981e8b925e64858dc7c4cfcea1993_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:633bfd24f1396c150b5902407879e7b26e7681074772fbbfeccc4d48cbe77b19_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:ff09ee957797fa15208f9130e246ae006c385cc799573a71d31aff9ddf0e805d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:1d258fe98c2477e4256a9b936f412f2501fb7ca9e3b810347f9712e0d5ce5c92_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:e8ccea3bfafbde4d5b91cc7b7732b2b64d6aa08499b5ca63b4d8f1e980291351_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:5bd1065dca1978c49c0143e2be4e921465c6a67fa786ab2a9254f0790259096e_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:8b34aaf5a7729ef1ccd01f2b1b1e3439b304343f3403de67f68255015206fbf4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:ade80e2ecb6fa56c20539e11677c29e57a1e20b5ce60f8414fd8ff3e83c9bc28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:3439c67a60c8323eb88f0181e8f811e5bdd7b51169f8b8cc687ab2148d1bfabe_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:820fd80dbce2d9d9cdf38989ce84ee5601e862786a732ad108fc319e28131944_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:d9a6959a71074ffc5ec0fa324af389fbd8277efbd22a827cef8a439b18cd2bcf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:8e9dbdc213745aa0990f47e50b1d899ac2121951b9346420131d76cc393a493a_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:95ca9b1ecee8f11d6edabd7af76f60d2987df91d11fd0fb4c6578df735717422_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:f01860f904557f887d8aafe42143c63352d6cb496dc727c265f14e3c2d296e06_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:1c76d957c8588ea2987d4b551bbefc2ef07c546cbaeb3148caff06f640b35ade_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:68e9797f37f8e4de817ee4e1cba7d583b541db2373c5d250ccc3344820720b85_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:7f362050312693129d3a15b6eed4fa06576d6529a99bc864f273c55145ae14ec_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:114fd9b55f5ea28a16c3fe2eef773a4cb4693c1885ef6193399cfea278191acb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:6490c1848b373efe6c327f8959e06b66b1ac3fe0f90fa697f7309d9f48c66765_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:816d8f81196bb0acfe5bbc792f9768916724bdecea3671172412eeb6948c4ff7_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:1e66abc3373c50b5ef69b0c63bf877a978e3aa0a368630973cf0a2be7374becf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:9c061b939c8094f4939cd183da381ad8e49d878cc2fdd373b8d26eecae07ab6d_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f0511f3768e51b6801b66c91b302010e6197facb71a0b7777c4d3ad3039b6c88_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:3e70ae3e8b5f776ad3e2a184a1f2f572de5c46386f34edb99e2b9d1d9249ae41_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:5924a7e64d6031aa926f9ecb9ee3be30d8251c4705813a9bef6716d18b7411b4_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:f441a07265d87fb59ee375723e98fbc9af5f3fd5a2c09761692b0e271205f0bb_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:af7bbec8e30b0e0d8393fe1e2bd656d7630b7c9828536be6664fa848fac61505_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:cf4e879101bc4e3666649dda0926de8bbd95e641dc6832c29dc457128256eb6c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:331f8435e1bd3dec98947a24346873d09056e37e2d7ed83a463098dbf9f31a47_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:5e83e352d083892699338da3fa4c9b8218561e7167b4dff102d22e401cbc7f75_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:86ca44b014be65651b83a49a38c0784dee640b491b935e3ed5f3d49d84d55362_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f9ee33c1c4d7f2a872861c9ad1dbb78ba8fed3ab562ae90f12f06a892147e367_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:0ea603487b204f43ebddb1514500cdeaa02a0b763a627e4e10979deec60b7d28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:29ff94de29714044377d060db9ad47f151afec858c8fc127c94ff04adbb984b7_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:2b6c00ee23df974d22c185b592ef4d7babbb76bcadc129a04c869f9983630103_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:e7c4da685e08c79d5b49e9f12ff5efa7cc7d9e26a03c91ab19f86c99e9f4ac23_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:25077a998c7b6ec7e8122026f2152419a0efe293a00899bb745a66a57f913848_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:5178d3800d74d84a6282a7ddc888eea9b81d62c8a385ad57bb742fa28fb0f575_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:9070f6741e667a4a145ede8dc67d4f7545944ef5fe4937fdcb1a08e9f537e068_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:a7efdef6ef06af0aa97de86ebd0c0ccfc316719195289dfa835261da53b06589_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2dd15cd61e1e5d98791a68bb513572b82ce5d799dd3fa864d43a8134536b19ff_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:37938821d832d7b957aa6f9b4a468c0eed785625c2bb8257726b4dc094bab9bd_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:e94a31493c7207846ab5d13387311e9a6d99ffa7885d1b8faa8602750059c2a3_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:eb0500f30373c5bcf3e10e27b081f97e5ce8b29a71dde9ff9b7e1066fd5dd80e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:22c745e5d04f7a0d9b188bf6657b1de053c61d99d813f11f6819550ef2a96732_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:49495dd44b7956a5e1bed226a896be649a07cd1b1f915de31d39041a77f6cdb5_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:741b836350d9ec48109468382c81066f401ebb4712ca414d44e3042894111419_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:9cf7f5bdebf6b53fce9cfed4fe530c380f36bb1d60120b53c06043371863d4e6_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:3dd54b885e3d63e5882284bf4878aa723c1fef6833601ed5d5a091b6b74c68d1_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:83f773633a864b707c7e371bd554f79622b999a1ecef4b1cd368e0dd72b7a9ad_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:4a356900b1daca75092b8eac5c1d16f38703941caebba5ddec48120e854bd7e9_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:a26699523e44b43a0f237ee664b3574cbea8d11576bd4bc884c3766c0effb8df_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:1a85e42e32534b58410c519b4d8f7d84fe6ff96567612f18f4bd558fa3c895a6_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef72689e332c4e224a80603ffbcc1603cdf8fe4230b9fd60e7713f0b5c2d5045_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:1c15c95b65bfbcc620d4d429431eabca8f4714d32a38aa68cb15c549e1a6ce4c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:659acd52802b6f2300c223bcde827f1d9b80ac9a93fdb6f574fcb5a08b92607c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:6f44d3b3973c34677d347a67841dbfabd23817de1b5c26967f1b9952c27b48c8_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:b84eb1329e837895ca50d3284553e195918fefc71bdb9dc2550a90b2d927b6eb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:84739168d6ea2813c5b9666773166649a6b328a279dac80b61c51311a6a2943a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-operator-bundle@sha256:74968eea50e067a335e830cfde6d8bf3cd130a9eba77ce918e25e252b7c1541e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:53a8389250e59e7c9f5a9a61914cac361946b256132649bd45f775c8f36b486a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:890b0e4467cdfd68985af367a6d015ff7e92a2b6a1f46e2c2bf233c3d621f1a8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:9f667eb88f5b085ec40b8b06e5f42cf6a0ced0913d7d2b0402cd0472eb4b428c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:eedab7e6fd4adb2bd697e8cbcbd6703291d9fe5d2a3a048e8c34d9529586c93a_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:12ac94419811458fb309d417091e279d485c4a665899d3a7d3157b8b32c1b03d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:4318d360c3a968ee79ef68979105ee5ffb93137757a3b4a6c42c15e6cf6b11ba_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:ba6188d3d284f030f90e117c87501a8d08c4b356383429ad39806472113aa41b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:05c7ffbd4dfa1f6ef760ed86f142d84d4c42583fa0b747eedc234763bef74ebb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:883f4ae255413c1409d3fb607f91fdf13badf534c5e8f78d9905c8da69cdeeed_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:b7f375f2f1f4eb828ee8255143143385c4662aab967c007a89954903c8a7c27f_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:d29d106e6c0f6a3ae971903a16cf4a564950bcf5336219eb6665cae98b824d33_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:5a2db37676e0f0b05fe2a8c5f82bb489ff3c8dd80f94b9fb3540488ab39ff6ca_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:bab28cfa3596192875dbf305a4ed7432db0ebebec604053d30895931818740cd_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:2c98b3b933276dbcead1fde142bfcd3f130d89e6812c6b433da7eed650ae2dbc_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:53c79641084ebe6c98274b31e34cc1a759b1443b96cf7dc45317008a30b1fc8d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4333242b1f6f25f8656bd612870d02868f3724d80cf542c8d78ada49a8ad9cb2_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4519eccf48b1f2393bab39980fadde7e398cfff1933b78e9565029f95296ff05_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:a15b54532e9e06d91abce8fd7becf2aa3bfbce56f231036e25e9ffed15760f74_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:ce1e29736422aa55f1a3837fc38a365fbc1096d58b6794cca84ff907da273917_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:42f631d436d62d7399ca3ef8fd89a334c7839823c8e6ffafe2cdd32ee36493bb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:56615395c62e26f3ef9bd267c0d5245331b8c67508df4bd8bbc83d72c4ef3b99_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:84a87320bee17439c05d2c6a1edf3b7e83b2f7ebfdd850399d12635e58da4d55_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:04a821296c01da5155ab36d9381b962866c26e9c7516f321ffe440b7fa13b4c5_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:33aaad4cc22d1e2998e4710cc644f4032bec8f140e5236fdc83d520a869626ef_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:d2cb739f949dc4ec9617bb9470a8482a8011077043e06e735ab0c9d7d1cac381_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:12d3d74ffbd7eb3a4817952835ab9bf5b89edf4fc9af661a28ec009f3251a519_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:1fb43684436f6b55152aab553177df048d5bb267c5efbc61f0f27cdbb0848957_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:c51fe06b557fa20d78af7b12cf6c6ddc3227f44f3957a52f3037c25700cfadb2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:1e1d5fad0aecf93b79b21112360aa0c308654c5b5df829cd3144488f8e217af4_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:72f613c382aac012e2e79e800df50c210f41693cc2aaa5b99cb28ab38f1966c8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7f027d05df255e62828ab28d5f188655fc125bc4ead872c7a33cedaf47b12f8c_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:cf586b7cb58dff92e7f31b8b9ebe5c971e55c67b8ba2c3320d2b71183c88fc7c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:2df297674884e6ac297bae685f80741489ddf1e1d0ae1d5ec354917dff1acdda_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:7af31fef4a2269c2cf444420048ea644c9949714e9a63417fe6d7288abee457b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:3ca10a19a0706af65bb590403adad92114810bf0ac64a89d6ac1d862e4cec671_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:56a321957afd15d357c8b53fc50299c0811981e8b925e64858dc7c4cfcea1993_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:633bfd24f1396c150b5902407879e7b26e7681074772fbbfeccc4d48cbe77b19_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:ff09ee957797fa15208f9130e246ae006c385cc799573a71d31aff9ddf0e805d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:1d258fe98c2477e4256a9b936f412f2501fb7ca9e3b810347f9712e0d5ce5c92_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:e8ccea3bfafbde4d5b91cc7b7732b2b64d6aa08499b5ca63b4d8f1e980291351_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:5bd1065dca1978c49c0143e2be4e921465c6a67fa786ab2a9254f0790259096e_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:8b34aaf5a7729ef1ccd01f2b1b1e3439b304343f3403de67f68255015206fbf4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:ade80e2ecb6fa56c20539e11677c29e57a1e20b5ce60f8414fd8ff3e83c9bc28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:3439c67a60c8323eb88f0181e8f811e5bdd7b51169f8b8cc687ab2148d1bfabe_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:820fd80dbce2d9d9cdf38989ce84ee5601e862786a732ad108fc319e28131944_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:d9a6959a71074ffc5ec0fa324af389fbd8277efbd22a827cef8a439b18cd2bcf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:8e9dbdc213745aa0990f47e50b1d899ac2121951b9346420131d76cc393a493a_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:95ca9b1ecee8f11d6edabd7af76f60d2987df91d11fd0fb4c6578df735717422_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:f01860f904557f887d8aafe42143c63352d6cb496dc727c265f14e3c2d296e06_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:1c76d957c8588ea2987d4b551bbefc2ef07c546cbaeb3148caff06f640b35ade_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:68e9797f37f8e4de817ee4e1cba7d583b541db2373c5d250ccc3344820720b85_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:7f362050312693129d3a15b6eed4fa06576d6529a99bc864f273c55145ae14ec_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:114fd9b55f5ea28a16c3fe2eef773a4cb4693c1885ef6193399cfea278191acb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:6490c1848b373efe6c327f8959e06b66b1ac3fe0f90fa697f7309d9f48c66765_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:816d8f81196bb0acfe5bbc792f9768916724bdecea3671172412eeb6948c4ff7_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:1e66abc3373c50b5ef69b0c63bf877a978e3aa0a368630973cf0a2be7374becf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:9c061b939c8094f4939cd183da381ad8e49d878cc2fdd373b8d26eecae07ab6d_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f0511f3768e51b6801b66c91b302010e6197facb71a0b7777c4d3ad3039b6c88_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:3e70ae3e8b5f776ad3e2a184a1f2f572de5c46386f34edb99e2b9d1d9249ae41_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:5924a7e64d6031aa926f9ecb9ee3be30d8251c4705813a9bef6716d18b7411b4_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:f441a07265d87fb59ee375723e98fbc9af5f3fd5a2c09761692b0e271205f0bb_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:af7bbec8e30b0e0d8393fe1e2bd656d7630b7c9828536be6664fa848fac61505_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:cf4e879101bc4e3666649dda0926de8bbd95e641dc6832c29dc457128256eb6c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:331f8435e1bd3dec98947a24346873d09056e37e2d7ed83a463098dbf9f31a47_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:5e83e352d083892699338da3fa4c9b8218561e7167b4dff102d22e401cbc7f75_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:86ca44b014be65651b83a49a38c0784dee640b491b935e3ed5f3d49d84d55362_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f9ee33c1c4d7f2a872861c9ad1dbb78ba8fed3ab562ae90f12f06a892147e367_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:0ea603487b204f43ebddb1514500cdeaa02a0b763a627e4e10979deec60b7d28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:29ff94de29714044377d060db9ad47f151afec858c8fc127c94ff04adbb984b7_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:2b6c00ee23df974d22c185b592ef4d7babbb76bcadc129a04c869f9983630103_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:e7c4da685e08c79d5b49e9f12ff5efa7cc7d9e26a03c91ab19f86c99e9f4ac23_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:25077a998c7b6ec7e8122026f2152419a0efe293a00899bb745a66a57f913848_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:5178d3800d74d84a6282a7ddc888eea9b81d62c8a385ad57bb742fa28fb0f575_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:9070f6741e667a4a145ede8dc67d4f7545944ef5fe4937fdcb1a08e9f537e068_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:a7efdef6ef06af0aa97de86ebd0c0ccfc316719195289dfa835261da53b06589_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2dd15cd61e1e5d98791a68bb513572b82ce5d799dd3fa864d43a8134536b19ff_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:37938821d832d7b957aa6f9b4a468c0eed785625c2bb8257726b4dc094bab9bd_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:e94a31493c7207846ab5d13387311e9a6d99ffa7885d1b8faa8602750059c2a3_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:eb0500f30373c5bcf3e10e27b081f97e5ce8b29a71dde9ff9b7e1066fd5dd80e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:22c745e5d04f7a0d9b188bf6657b1de053c61d99d813f11f6819550ef2a96732_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:49495dd44b7956a5e1bed226a896be649a07cd1b1f915de31d39041a77f6cdb5_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:741b836350d9ec48109468382c81066f401ebb4712ca414d44e3042894111419_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:9cf7f5bdebf6b53fce9cfed4fe530c380f36bb1d60120b53c06043371863d4e6_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:3dd54b885e3d63e5882284bf4878aa723c1fef6833601ed5d5a091b6b74c68d1_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:83f773633a864b707c7e371bd554f79622b999a1ecef4b1cd368e0dd72b7a9ad_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:4a356900b1daca75092b8eac5c1d16f38703941caebba5ddec48120e854bd7e9_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:a26699523e44b43a0f237ee664b3574cbea8d11576bd4bc884c3766c0effb8df_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:1a85e42e32534b58410c519b4d8f7d84fe6ff96567612f18f4bd558fa3c895a6_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef72689e332c4e224a80603ffbcc1603cdf8fe4230b9fd60e7713f0b5c2d5045_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:1c15c95b65bfbcc620d4d429431eabca8f4714d32a38aa68cb15c549e1a6ce4c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:659acd52802b6f2300c223bcde827f1d9b80ac9a93fdb6f574fcb5a08b92607c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:6f44d3b3973c34677d347a67841dbfabd23817de1b5c26967f1b9952c27b48c8_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:b84eb1329e837895ca50d3284553e195918fefc71bdb9dc2550a90b2d927b6eb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:84739168d6ea2813c5b9666773166649a6b328a279dac80b61c51311a6a2943a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-operator-bundle@sha256:74968eea50e067a335e830cfde6d8bf3cd130a9eba77ce918e25e252b7c1541e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:53a8389250e59e7c9f5a9a61914cac361946b256132649bd45f775c8f36b486a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:890b0e4467cdfd68985af367a6d015ff7e92a2b6a1f46e2c2bf233c3d621f1a8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:9f667eb88f5b085ec40b8b06e5f42cf6a0ced0913d7d2b0402cd0472eb4b428c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:eedab7e6fd4adb2bd697e8cbcbd6703291d9fe5d2a3a048e8c34d9529586c93a_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:12ac94419811458fb309d417091e279d485c4a665899d3a7d3157b8b32c1b03d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:4318d360c3a968ee79ef68979105ee5ffb93137757a3b4a6c42c15e6cf6b11ba_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:ba6188d3d284f030f90e117c87501a8d08c4b356383429ad39806472113aa41b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:05c7ffbd4dfa1f6ef760ed86f142d84d4c42583fa0b747eedc234763bef74ebb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:883f4ae255413c1409d3fb607f91fdf13badf534c5e8f78d9905c8da69cdeeed_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:b7f375f2f1f4eb828ee8255143143385c4662aab967c007a89954903c8a7c27f_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:d29d106e6c0f6a3ae971903a16cf4a564950bcf5336219eb6665cae98b824d33_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:5a2db37676e0f0b05fe2a8c5f82bb489ff3c8dd80f94b9fb3540488ab39ff6ca_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:bab28cfa3596192875dbf305a4ed7432db0ebebec604053d30895931818740cd_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/argoproj/argo-workflows: argoproj/argo-workflows is vulnerable to RCE via ZipSlip and symbolic links"
},
{
"cve": "CVE-2025-68156",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-12-16T19:01:42.049157+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:2c98b3b933276dbcead1fde142bfcd3f130d89e6812c6b433da7eed650ae2dbc_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:53c79641084ebe6c98274b31e34cc1a759b1443b96cf7dc45317008a30b1fc8d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4333242b1f6f25f8656bd612870d02868f3724d80cf542c8d78ada49a8ad9cb2_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4519eccf48b1f2393bab39980fadde7e398cfff1933b78e9565029f95296ff05_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:a15b54532e9e06d91abce8fd7becf2aa3bfbce56f231036e25e9ffed15760f74_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:ce1e29736422aa55f1a3837fc38a365fbc1096d58b6794cca84ff907da273917_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:12d3d74ffbd7eb3a4817952835ab9bf5b89edf4fc9af661a28ec009f3251a519_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:1fb43684436f6b55152aab553177df048d5bb267c5efbc61f0f27cdbb0848957_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:c51fe06b557fa20d78af7b12cf6c6ddc3227f44f3957a52f3037c25700cfadb2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:1e1d5fad0aecf93b79b21112360aa0c308654c5b5df829cd3144488f8e217af4_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:72f613c382aac012e2e79e800df50c210f41693cc2aaa5b99cb28ab38f1966c8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7f027d05df255e62828ab28d5f188655fc125bc4ead872c7a33cedaf47b12f8c_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:cf586b7cb58dff92e7f31b8b9ebe5c971e55c67b8ba2c3320d2b71183c88fc7c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:2df297674884e6ac297bae685f80741489ddf1e1d0ae1d5ec354917dff1acdda_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:7af31fef4a2269c2cf444420048ea644c9949714e9a63417fe6d7288abee457b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:3ca10a19a0706af65bb590403adad92114810bf0ac64a89d6ac1d862e4cec671_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:56a321957afd15d357c8b53fc50299c0811981e8b925e64858dc7c4cfcea1993_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:633bfd24f1396c150b5902407879e7b26e7681074772fbbfeccc4d48cbe77b19_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:ff09ee957797fa15208f9130e246ae006c385cc799573a71d31aff9ddf0e805d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:1d258fe98c2477e4256a9b936f412f2501fb7ca9e3b810347f9712e0d5ce5c92_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:e8ccea3bfafbde4d5b91cc7b7732b2b64d6aa08499b5ca63b4d8f1e980291351_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:114fd9b55f5ea28a16c3fe2eef773a4cb4693c1885ef6193399cfea278191acb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:6490c1848b373efe6c327f8959e06b66b1ac3fe0f90fa697f7309d9f48c66765_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:816d8f81196bb0acfe5bbc792f9768916724bdecea3671172412eeb6948c4ff7_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:3e70ae3e8b5f776ad3e2a184a1f2f572de5c46386f34edb99e2b9d1d9249ae41_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:5924a7e64d6031aa926f9ecb9ee3be30d8251c4705813a9bef6716d18b7411b4_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:f441a07265d87fb59ee375723e98fbc9af5f3fd5a2c09761692b0e271205f0bb_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:af7bbec8e30b0e0d8393fe1e2bd656d7630b7c9828536be6664fa848fac61505_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:cf4e879101bc4e3666649dda0926de8bbd95e641dc6832c29dc457128256eb6c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:331f8435e1bd3dec98947a24346873d09056e37e2d7ed83a463098dbf9f31a47_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:5e83e352d083892699338da3fa4c9b8218561e7167b4dff102d22e401cbc7f75_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:86ca44b014be65651b83a49a38c0784dee640b491b935e3ed5f3d49d84d55362_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f9ee33c1c4d7f2a872861c9ad1dbb78ba8fed3ab562ae90f12f06a892147e367_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:25077a998c7b6ec7e8122026f2152419a0efe293a00899bb745a66a57f913848_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:5178d3800d74d84a6282a7ddc888eea9b81d62c8a385ad57bb742fa28fb0f575_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:9070f6741e667a4a145ede8dc67d4f7545944ef5fe4937fdcb1a08e9f537e068_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:a7efdef6ef06af0aa97de86ebd0c0ccfc316719195289dfa835261da53b06589_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2dd15cd61e1e5d98791a68bb513572b82ce5d799dd3fa864d43a8134536b19ff_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:37938821d832d7b957aa6f9b4a468c0eed785625c2bb8257726b4dc094bab9bd_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:e94a31493c7207846ab5d13387311e9a6d99ffa7885d1b8faa8602750059c2a3_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:eb0500f30373c5bcf3e10e27b081f97e5ce8b29a71dde9ff9b7e1066fd5dd80e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:3dd54b885e3d63e5882284bf4878aa723c1fef6833601ed5d5a091b6b74c68d1_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:83f773633a864b707c7e371bd554f79622b999a1ecef4b1cd368e0dd72b7a9ad_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:4a356900b1daca75092b8eac5c1d16f38703941caebba5ddec48120e854bd7e9_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:a26699523e44b43a0f237ee664b3574cbea8d11576bd4bc884c3766c0effb8df_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:1a85e42e32534b58410c519b4d8f7d84fe6ff96567612f18f4bd558fa3c895a6_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef72689e332c4e224a80603ffbcc1603cdf8fe4230b9fd60e7713f0b5c2d5045_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:1c15c95b65bfbcc620d4d429431eabca8f4714d32a38aa68cb15c549e1a6ce4c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:659acd52802b6f2300c223bcde827f1d9b80ac9a93fdb6f574fcb5a08b92607c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:6f44d3b3973c34677d347a67841dbfabd23817de1b5c26967f1b9952c27b48c8_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:b84eb1329e837895ca50d3284553e195918fefc71bdb9dc2550a90b2d927b6eb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:84739168d6ea2813c5b9666773166649a6b328a279dac80b61c51311a6a2943a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-operator-bundle@sha256:74968eea50e067a335e830cfde6d8bf3cd130a9eba77ce918e25e252b7c1541e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:53a8389250e59e7c9f5a9a61914cac361946b256132649bd45f775c8f36b486a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:890b0e4467cdfd68985af367a6d015ff7e92a2b6a1f46e2c2bf233c3d621f1a8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:9f667eb88f5b085ec40b8b06e5f42cf6a0ced0913d7d2b0402cd0472eb4b428c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:eedab7e6fd4adb2bd697e8cbcbd6703291d9fe5d2a3a048e8c34d9529586c93a_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:12ac94419811458fb309d417091e279d485c4a665899d3a7d3157b8b32c1b03d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:4318d360c3a968ee79ef68979105ee5ffb93137757a3b4a6c42c15e6cf6b11ba_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:ba6188d3d284f030f90e117c87501a8d08c4b356383429ad39806472113aa41b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:05c7ffbd4dfa1f6ef760ed86f142d84d4c42583fa0b747eedc234763bef74ebb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:883f4ae255413c1409d3fb607f91fdf13badf534c5e8f78d9905c8da69cdeeed_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:b7f375f2f1f4eb828ee8255143143385c4662aab967c007a89954903c8a7c27f_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:d29d106e6c0f6a3ae971903a16cf4a564950bcf5336219eb6665cae98b824d33_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:5a2db37676e0f0b05fe2a8c5f82bb489ff3c8dd80f94b9fb3540488ab39ff6ca_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:bab28cfa3596192875dbf305a4ed7432db0ebebec604053d30895931818740cd_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2422891"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Expr, an expression language and expression evaluation for Go. This vulnerability allows a denial of service (DoS) via recursive traversal over user-provided deeply nested or cyclic data structures without enforcing a maximum recursion depth, leading to a stack overflow panic and application crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/expr-lang/expr: Expr: Denial of Service via uncontrolled recursion in expression evaluation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products utilizing the `Expr` Go library because it can lead to a denial-of-service. Exploitation requires an application to evaluate expressions against untrusted or insufficiently validated data structures containing deeply nested or cyclic references, which can cause a stack overflow and application crash. Products that do not process untrusted input with `Expr` are not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:42f631d436d62d7399ca3ef8fd89a334c7839823c8e6ffafe2cdd32ee36493bb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:56615395c62e26f3ef9bd267c0d5245331b8c67508df4bd8bbc83d72c4ef3b99_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:84a87320bee17439c05d2c6a1edf3b7e83b2f7ebfdd850399d12635e58da4d55_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:04a821296c01da5155ab36d9381b962866c26e9c7516f321ffe440b7fa13b4c5_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:33aaad4cc22d1e2998e4710cc644f4032bec8f140e5236fdc83d520a869626ef_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:d2cb739f949dc4ec9617bb9470a8482a8011077043e06e735ab0c9d7d1cac381_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:5bd1065dca1978c49c0143e2be4e921465c6a67fa786ab2a9254f0790259096e_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:8b34aaf5a7729ef1ccd01f2b1b1e3439b304343f3403de67f68255015206fbf4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:ade80e2ecb6fa56c20539e11677c29e57a1e20b5ce60f8414fd8ff3e83c9bc28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:3439c67a60c8323eb88f0181e8f811e5bdd7b51169f8b8cc687ab2148d1bfabe_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:820fd80dbce2d9d9cdf38989ce84ee5601e862786a732ad108fc319e28131944_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:d9a6959a71074ffc5ec0fa324af389fbd8277efbd22a827cef8a439b18cd2bcf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:8e9dbdc213745aa0990f47e50b1d899ac2121951b9346420131d76cc393a493a_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:95ca9b1ecee8f11d6edabd7af76f60d2987df91d11fd0fb4c6578df735717422_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:f01860f904557f887d8aafe42143c63352d6cb496dc727c265f14e3c2d296e06_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:1c76d957c8588ea2987d4b551bbefc2ef07c546cbaeb3148caff06f640b35ade_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:68e9797f37f8e4de817ee4e1cba7d583b541db2373c5d250ccc3344820720b85_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:7f362050312693129d3a15b6eed4fa06576d6529a99bc864f273c55145ae14ec_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:1e66abc3373c50b5ef69b0c63bf877a978e3aa0a368630973cf0a2be7374becf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:9c061b939c8094f4939cd183da381ad8e49d878cc2fdd373b8d26eecae07ab6d_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f0511f3768e51b6801b66c91b302010e6197facb71a0b7777c4d3ad3039b6c88_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:0ea603487b204f43ebddb1514500cdeaa02a0b763a627e4e10979deec60b7d28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:29ff94de29714044377d060db9ad47f151afec858c8fc127c94ff04adbb984b7_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:2b6c00ee23df974d22c185b592ef4d7babbb76bcadc129a04c869f9983630103_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:e7c4da685e08c79d5b49e9f12ff5efa7cc7d9e26a03c91ab19f86c99e9f4ac23_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:22c745e5d04f7a0d9b188bf6657b1de053c61d99d813f11f6819550ef2a96732_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:49495dd44b7956a5e1bed226a896be649a07cd1b1f915de31d39041a77f6cdb5_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:741b836350d9ec48109468382c81066f401ebb4712ca414d44e3042894111419_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:9cf7f5bdebf6b53fce9cfed4fe530c380f36bb1d60120b53c06043371863d4e6_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:2c98b3b933276dbcead1fde142bfcd3f130d89e6812c6b433da7eed650ae2dbc_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:53c79641084ebe6c98274b31e34cc1a759b1443b96cf7dc45317008a30b1fc8d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4333242b1f6f25f8656bd612870d02868f3724d80cf542c8d78ada49a8ad9cb2_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4519eccf48b1f2393bab39980fadde7e398cfff1933b78e9565029f95296ff05_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:a15b54532e9e06d91abce8fd7becf2aa3bfbce56f231036e25e9ffed15760f74_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:ce1e29736422aa55f1a3837fc38a365fbc1096d58b6794cca84ff907da273917_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:12d3d74ffbd7eb3a4817952835ab9bf5b89edf4fc9af661a28ec009f3251a519_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:1fb43684436f6b55152aab553177df048d5bb267c5efbc61f0f27cdbb0848957_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:c51fe06b557fa20d78af7b12cf6c6ddc3227f44f3957a52f3037c25700cfadb2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:1e1d5fad0aecf93b79b21112360aa0c308654c5b5df829cd3144488f8e217af4_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:72f613c382aac012e2e79e800df50c210f41693cc2aaa5b99cb28ab38f1966c8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7f027d05df255e62828ab28d5f188655fc125bc4ead872c7a33cedaf47b12f8c_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:cf586b7cb58dff92e7f31b8b9ebe5c971e55c67b8ba2c3320d2b71183c88fc7c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:2df297674884e6ac297bae685f80741489ddf1e1d0ae1d5ec354917dff1acdda_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:7af31fef4a2269c2cf444420048ea644c9949714e9a63417fe6d7288abee457b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:3ca10a19a0706af65bb590403adad92114810bf0ac64a89d6ac1d862e4cec671_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:56a321957afd15d357c8b53fc50299c0811981e8b925e64858dc7c4cfcea1993_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:633bfd24f1396c150b5902407879e7b26e7681074772fbbfeccc4d48cbe77b19_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:ff09ee957797fa15208f9130e246ae006c385cc799573a71d31aff9ddf0e805d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:1d258fe98c2477e4256a9b936f412f2501fb7ca9e3b810347f9712e0d5ce5c92_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:e8ccea3bfafbde4d5b91cc7b7732b2b64d6aa08499b5ca63b4d8f1e980291351_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:114fd9b55f5ea28a16c3fe2eef773a4cb4693c1885ef6193399cfea278191acb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:6490c1848b373efe6c327f8959e06b66b1ac3fe0f90fa697f7309d9f48c66765_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:816d8f81196bb0acfe5bbc792f9768916724bdecea3671172412eeb6948c4ff7_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:3e70ae3e8b5f776ad3e2a184a1f2f572de5c46386f34edb99e2b9d1d9249ae41_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:5924a7e64d6031aa926f9ecb9ee3be30d8251c4705813a9bef6716d18b7411b4_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:f441a07265d87fb59ee375723e98fbc9af5f3fd5a2c09761692b0e271205f0bb_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:af7bbec8e30b0e0d8393fe1e2bd656d7630b7c9828536be6664fa848fac61505_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:cf4e879101bc4e3666649dda0926de8bbd95e641dc6832c29dc457128256eb6c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:331f8435e1bd3dec98947a24346873d09056e37e2d7ed83a463098dbf9f31a47_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:5e83e352d083892699338da3fa4c9b8218561e7167b4dff102d22e401cbc7f75_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:86ca44b014be65651b83a49a38c0784dee640b491b935e3ed5f3d49d84d55362_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f9ee33c1c4d7f2a872861c9ad1dbb78ba8fed3ab562ae90f12f06a892147e367_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:25077a998c7b6ec7e8122026f2152419a0efe293a00899bb745a66a57f913848_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:5178d3800d74d84a6282a7ddc888eea9b81d62c8a385ad57bb742fa28fb0f575_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:9070f6741e667a4a145ede8dc67d4f7545944ef5fe4937fdcb1a08e9f537e068_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:a7efdef6ef06af0aa97de86ebd0c0ccfc316719195289dfa835261da53b06589_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2dd15cd61e1e5d98791a68bb513572b82ce5d799dd3fa864d43a8134536b19ff_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:37938821d832d7b957aa6f9b4a468c0eed785625c2bb8257726b4dc094bab9bd_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:e94a31493c7207846ab5d13387311e9a6d99ffa7885d1b8faa8602750059c2a3_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:eb0500f30373c5bcf3e10e27b081f97e5ce8b29a71dde9ff9b7e1066fd5dd80e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:3dd54b885e3d63e5882284bf4878aa723c1fef6833601ed5d5a091b6b74c68d1_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:83f773633a864b707c7e371bd554f79622b999a1ecef4b1cd368e0dd72b7a9ad_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:4a356900b1daca75092b8eac5c1d16f38703941caebba5ddec48120e854bd7e9_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:a26699523e44b43a0f237ee664b3574cbea8d11576bd4bc884c3766c0effb8df_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:1a85e42e32534b58410c519b4d8f7d84fe6ff96567612f18f4bd558fa3c895a6_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef72689e332c4e224a80603ffbcc1603cdf8fe4230b9fd60e7713f0b5c2d5045_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:1c15c95b65bfbcc620d4d429431eabca8f4714d32a38aa68cb15c549e1a6ce4c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:659acd52802b6f2300c223bcde827f1d9b80ac9a93fdb6f574fcb5a08b92607c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:6f44d3b3973c34677d347a67841dbfabd23817de1b5c26967f1b9952c27b48c8_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:b84eb1329e837895ca50d3284553e195918fefc71bdb9dc2550a90b2d927b6eb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:84739168d6ea2813c5b9666773166649a6b328a279dac80b61c51311a6a2943a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-operator-bundle@sha256:74968eea50e067a335e830cfde6d8bf3cd130a9eba77ce918e25e252b7c1541e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:53a8389250e59e7c9f5a9a61914cac361946b256132649bd45f775c8f36b486a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:890b0e4467cdfd68985af367a6d015ff7e92a2b6a1f46e2c2bf233c3d621f1a8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:9f667eb88f5b085ec40b8b06e5f42cf6a0ced0913d7d2b0402cd0472eb4b428c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:eedab7e6fd4adb2bd697e8cbcbd6703291d9fe5d2a3a048e8c34d9529586c93a_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:12ac94419811458fb309d417091e279d485c4a665899d3a7d3157b8b32c1b03d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:4318d360c3a968ee79ef68979105ee5ffb93137757a3b4a6c42c15e6cf6b11ba_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:ba6188d3d284f030f90e117c87501a8d08c4b356383429ad39806472113aa41b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:05c7ffbd4dfa1f6ef760ed86f142d84d4c42583fa0b747eedc234763bef74ebb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:883f4ae255413c1409d3fb607f91fdf13badf534c5e8f78d9905c8da69cdeeed_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:b7f375f2f1f4eb828ee8255143143385c4662aab967c007a89954903c8a7c27f_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:d29d106e6c0f6a3ae971903a16cf4a564950bcf5336219eb6665cae98b824d33_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:5a2db37676e0f0b05fe2a8c5f82bb489ff3c8dd80f94b9fb3540488ab39ff6ca_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:bab28cfa3596192875dbf305a4ed7432db0ebebec604053d30895931818740cd_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68156"
},
{
"category": "external",
"summary": "RHBZ#2422891",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2422891"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68156",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68156"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68156",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68156"
},
{
"category": "external",
"summary": "https://github.com/expr-lang/expr/pull/870",
"url": "https://github.com/expr-lang/expr/pull/870"
},
{
"category": "external",
"summary": "https://github.com/expr-lang/expr/security/advisories/GHSA-cfpf-hrx2-8rv6",
"url": "https://github.com/expr-lang/expr/security/advisories/GHSA-cfpf-hrx2-8rv6"
}
],
"release_date": "2025-12-16T18:24:11.648000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-12T22:43:13+00:00",
"details": "For Red Hat OpenShift AI 2.25.2 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:42f631d436d62d7399ca3ef8fd89a334c7839823c8e6ffafe2cdd32ee36493bb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:56615395c62e26f3ef9bd267c0d5245331b8c67508df4bd8bbc83d72c4ef3b99_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:84a87320bee17439c05d2c6a1edf3b7e83b2f7ebfdd850399d12635e58da4d55_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:04a821296c01da5155ab36d9381b962866c26e9c7516f321ffe440b7fa13b4c5_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:33aaad4cc22d1e2998e4710cc644f4032bec8f140e5236fdc83d520a869626ef_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:d2cb739f949dc4ec9617bb9470a8482a8011077043e06e735ab0c9d7d1cac381_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:5bd1065dca1978c49c0143e2be4e921465c6a67fa786ab2a9254f0790259096e_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:8b34aaf5a7729ef1ccd01f2b1b1e3439b304343f3403de67f68255015206fbf4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:ade80e2ecb6fa56c20539e11677c29e57a1e20b5ce60f8414fd8ff3e83c9bc28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:3439c67a60c8323eb88f0181e8f811e5bdd7b51169f8b8cc687ab2148d1bfabe_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:820fd80dbce2d9d9cdf38989ce84ee5601e862786a732ad108fc319e28131944_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:d9a6959a71074ffc5ec0fa324af389fbd8277efbd22a827cef8a439b18cd2bcf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:8e9dbdc213745aa0990f47e50b1d899ac2121951b9346420131d76cc393a493a_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:95ca9b1ecee8f11d6edabd7af76f60d2987df91d11fd0fb4c6578df735717422_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:f01860f904557f887d8aafe42143c63352d6cb496dc727c265f14e3c2d296e06_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:1c76d957c8588ea2987d4b551bbefc2ef07c546cbaeb3148caff06f640b35ade_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:68e9797f37f8e4de817ee4e1cba7d583b541db2373c5d250ccc3344820720b85_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:7f362050312693129d3a15b6eed4fa06576d6529a99bc864f273c55145ae14ec_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:1e66abc3373c50b5ef69b0c63bf877a978e3aa0a368630973cf0a2be7374becf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:9c061b939c8094f4939cd183da381ad8e49d878cc2fdd373b8d26eecae07ab6d_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f0511f3768e51b6801b66c91b302010e6197facb71a0b7777c4d3ad3039b6c88_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:0ea603487b204f43ebddb1514500cdeaa02a0b763a627e4e10979deec60b7d28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:29ff94de29714044377d060db9ad47f151afec858c8fc127c94ff04adbb984b7_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:2b6c00ee23df974d22c185b592ef4d7babbb76bcadc129a04c869f9983630103_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:e7c4da685e08c79d5b49e9f12ff5efa7cc7d9e26a03c91ab19f86c99e9f4ac23_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:22c745e5d04f7a0d9b188bf6657b1de053c61d99d813f11f6819550ef2a96732_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:49495dd44b7956a5e1bed226a896be649a07cd1b1f915de31d39041a77f6cdb5_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:741b836350d9ec48109468382c81066f401ebb4712ca414d44e3042894111419_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:9cf7f5bdebf6b53fce9cfed4fe530c380f36bb1d60120b53c06043371863d4e6_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2695"
},
{
"category": "workaround",
"details": "To mitigate this issue, applications using the `Expr` library should ensure that evaluation environments do not contain cyclic references. Additionally, externally supplied data structures must be validated or sanitized before being passed to `Expr` for evaluation. As a last-resort defensive measure, expression evaluation can be wrapped with panic recovery to prevent a full process crash.",
"product_ids": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:2c98b3b933276dbcead1fde142bfcd3f130d89e6812c6b433da7eed650ae2dbc_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:53c79641084ebe6c98274b31e34cc1a759b1443b96cf7dc45317008a30b1fc8d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4333242b1f6f25f8656bd612870d02868f3724d80cf542c8d78ada49a8ad9cb2_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4519eccf48b1f2393bab39980fadde7e398cfff1933b78e9565029f95296ff05_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:a15b54532e9e06d91abce8fd7becf2aa3bfbce56f231036e25e9ffed15760f74_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:ce1e29736422aa55f1a3837fc38a365fbc1096d58b6794cca84ff907da273917_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:42f631d436d62d7399ca3ef8fd89a334c7839823c8e6ffafe2cdd32ee36493bb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:56615395c62e26f3ef9bd267c0d5245331b8c67508df4bd8bbc83d72c4ef3b99_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:84a87320bee17439c05d2c6a1edf3b7e83b2f7ebfdd850399d12635e58da4d55_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:04a821296c01da5155ab36d9381b962866c26e9c7516f321ffe440b7fa13b4c5_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:33aaad4cc22d1e2998e4710cc644f4032bec8f140e5236fdc83d520a869626ef_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:d2cb739f949dc4ec9617bb9470a8482a8011077043e06e735ab0c9d7d1cac381_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:12d3d74ffbd7eb3a4817952835ab9bf5b89edf4fc9af661a28ec009f3251a519_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:1fb43684436f6b55152aab553177df048d5bb267c5efbc61f0f27cdbb0848957_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:c51fe06b557fa20d78af7b12cf6c6ddc3227f44f3957a52f3037c25700cfadb2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:1e1d5fad0aecf93b79b21112360aa0c308654c5b5df829cd3144488f8e217af4_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:72f613c382aac012e2e79e800df50c210f41693cc2aaa5b99cb28ab38f1966c8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7f027d05df255e62828ab28d5f188655fc125bc4ead872c7a33cedaf47b12f8c_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:cf586b7cb58dff92e7f31b8b9ebe5c971e55c67b8ba2c3320d2b71183c88fc7c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:2df297674884e6ac297bae685f80741489ddf1e1d0ae1d5ec354917dff1acdda_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:7af31fef4a2269c2cf444420048ea644c9949714e9a63417fe6d7288abee457b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:3ca10a19a0706af65bb590403adad92114810bf0ac64a89d6ac1d862e4cec671_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:56a321957afd15d357c8b53fc50299c0811981e8b925e64858dc7c4cfcea1993_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:633bfd24f1396c150b5902407879e7b26e7681074772fbbfeccc4d48cbe77b19_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:ff09ee957797fa15208f9130e246ae006c385cc799573a71d31aff9ddf0e805d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:1d258fe98c2477e4256a9b936f412f2501fb7ca9e3b810347f9712e0d5ce5c92_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:e8ccea3bfafbde4d5b91cc7b7732b2b64d6aa08499b5ca63b4d8f1e980291351_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:5bd1065dca1978c49c0143e2be4e921465c6a67fa786ab2a9254f0790259096e_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:8b34aaf5a7729ef1ccd01f2b1b1e3439b304343f3403de67f68255015206fbf4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:ade80e2ecb6fa56c20539e11677c29e57a1e20b5ce60f8414fd8ff3e83c9bc28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:3439c67a60c8323eb88f0181e8f811e5bdd7b51169f8b8cc687ab2148d1bfabe_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:820fd80dbce2d9d9cdf38989ce84ee5601e862786a732ad108fc319e28131944_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:d9a6959a71074ffc5ec0fa324af389fbd8277efbd22a827cef8a439b18cd2bcf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:8e9dbdc213745aa0990f47e50b1d899ac2121951b9346420131d76cc393a493a_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:95ca9b1ecee8f11d6edabd7af76f60d2987df91d11fd0fb4c6578df735717422_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:f01860f904557f887d8aafe42143c63352d6cb496dc727c265f14e3c2d296e06_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:1c76d957c8588ea2987d4b551bbefc2ef07c546cbaeb3148caff06f640b35ade_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:68e9797f37f8e4de817ee4e1cba7d583b541db2373c5d250ccc3344820720b85_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:7f362050312693129d3a15b6eed4fa06576d6529a99bc864f273c55145ae14ec_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:114fd9b55f5ea28a16c3fe2eef773a4cb4693c1885ef6193399cfea278191acb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:6490c1848b373efe6c327f8959e06b66b1ac3fe0f90fa697f7309d9f48c66765_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:816d8f81196bb0acfe5bbc792f9768916724bdecea3671172412eeb6948c4ff7_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:1e66abc3373c50b5ef69b0c63bf877a978e3aa0a368630973cf0a2be7374becf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:9c061b939c8094f4939cd183da381ad8e49d878cc2fdd373b8d26eecae07ab6d_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f0511f3768e51b6801b66c91b302010e6197facb71a0b7777c4d3ad3039b6c88_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:3e70ae3e8b5f776ad3e2a184a1f2f572de5c46386f34edb99e2b9d1d9249ae41_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:5924a7e64d6031aa926f9ecb9ee3be30d8251c4705813a9bef6716d18b7411b4_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:f441a07265d87fb59ee375723e98fbc9af5f3fd5a2c09761692b0e271205f0bb_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:af7bbec8e30b0e0d8393fe1e2bd656d7630b7c9828536be6664fa848fac61505_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:cf4e879101bc4e3666649dda0926de8bbd95e641dc6832c29dc457128256eb6c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:331f8435e1bd3dec98947a24346873d09056e37e2d7ed83a463098dbf9f31a47_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:5e83e352d083892699338da3fa4c9b8218561e7167b4dff102d22e401cbc7f75_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:86ca44b014be65651b83a49a38c0784dee640b491b935e3ed5f3d49d84d55362_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f9ee33c1c4d7f2a872861c9ad1dbb78ba8fed3ab562ae90f12f06a892147e367_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:0ea603487b204f43ebddb1514500cdeaa02a0b763a627e4e10979deec60b7d28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:29ff94de29714044377d060db9ad47f151afec858c8fc127c94ff04adbb984b7_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:2b6c00ee23df974d22c185b592ef4d7babbb76bcadc129a04c869f9983630103_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:e7c4da685e08c79d5b49e9f12ff5efa7cc7d9e26a03c91ab19f86c99e9f4ac23_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:25077a998c7b6ec7e8122026f2152419a0efe293a00899bb745a66a57f913848_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:5178d3800d74d84a6282a7ddc888eea9b81d62c8a385ad57bb742fa28fb0f575_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:9070f6741e667a4a145ede8dc67d4f7545944ef5fe4937fdcb1a08e9f537e068_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:a7efdef6ef06af0aa97de86ebd0c0ccfc316719195289dfa835261da53b06589_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2dd15cd61e1e5d98791a68bb513572b82ce5d799dd3fa864d43a8134536b19ff_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:37938821d832d7b957aa6f9b4a468c0eed785625c2bb8257726b4dc094bab9bd_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:e94a31493c7207846ab5d13387311e9a6d99ffa7885d1b8faa8602750059c2a3_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:eb0500f30373c5bcf3e10e27b081f97e5ce8b29a71dde9ff9b7e1066fd5dd80e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:22c745e5d04f7a0d9b188bf6657b1de053c61d99d813f11f6819550ef2a96732_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:49495dd44b7956a5e1bed226a896be649a07cd1b1f915de31d39041a77f6cdb5_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:741b836350d9ec48109468382c81066f401ebb4712ca414d44e3042894111419_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:9cf7f5bdebf6b53fce9cfed4fe530c380f36bb1d60120b53c06043371863d4e6_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:3dd54b885e3d63e5882284bf4878aa723c1fef6833601ed5d5a091b6b74c68d1_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:83f773633a864b707c7e371bd554f79622b999a1ecef4b1cd368e0dd72b7a9ad_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:4a356900b1daca75092b8eac5c1d16f38703941caebba5ddec48120e854bd7e9_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:a26699523e44b43a0f237ee664b3574cbea8d11576bd4bc884c3766c0effb8df_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:1a85e42e32534b58410c519b4d8f7d84fe6ff96567612f18f4bd558fa3c895a6_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef72689e332c4e224a80603ffbcc1603cdf8fe4230b9fd60e7713f0b5c2d5045_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:1c15c95b65bfbcc620d4d429431eabca8f4714d32a38aa68cb15c549e1a6ce4c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:659acd52802b6f2300c223bcde827f1d9b80ac9a93fdb6f574fcb5a08b92607c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:6f44d3b3973c34677d347a67841dbfabd23817de1b5c26967f1b9952c27b48c8_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:b84eb1329e837895ca50d3284553e195918fefc71bdb9dc2550a90b2d927b6eb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:84739168d6ea2813c5b9666773166649a6b328a279dac80b61c51311a6a2943a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-operator-bundle@sha256:74968eea50e067a335e830cfde6d8bf3cd130a9eba77ce918e25e252b7c1541e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:53a8389250e59e7c9f5a9a61914cac361946b256132649bd45f775c8f36b486a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:890b0e4467cdfd68985af367a6d015ff7e92a2b6a1f46e2c2bf233c3d621f1a8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:9f667eb88f5b085ec40b8b06e5f42cf6a0ced0913d7d2b0402cd0472eb4b428c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:eedab7e6fd4adb2bd697e8cbcbd6703291d9fe5d2a3a048e8c34d9529586c93a_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:12ac94419811458fb309d417091e279d485c4a665899d3a7d3157b8b32c1b03d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:4318d360c3a968ee79ef68979105ee5ffb93137757a3b4a6c42c15e6cf6b11ba_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:ba6188d3d284f030f90e117c87501a8d08c4b356383429ad39806472113aa41b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:05c7ffbd4dfa1f6ef760ed86f142d84d4c42583fa0b747eedc234763bef74ebb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:883f4ae255413c1409d3fb607f91fdf13badf534c5e8f78d9905c8da69cdeeed_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:b7f375f2f1f4eb828ee8255143143385c4662aab967c007a89954903c8a7c27f_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:d29d106e6c0f6a3ae971903a16cf4a564950bcf5336219eb6665cae98b824d33_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:5a2db37676e0f0b05fe2a8c5f82bb489ff3c8dd80f94b9fb3540488ab39ff6ca_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:bab28cfa3596192875dbf305a4ed7432db0ebebec604053d30895931818740cd_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:2c98b3b933276dbcead1fde142bfcd3f130d89e6812c6b433da7eed650ae2dbc_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:53c79641084ebe6c98274b31e34cc1a759b1443b96cf7dc45317008a30b1fc8d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4333242b1f6f25f8656bd612870d02868f3724d80cf542c8d78ada49a8ad9cb2_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4519eccf48b1f2393bab39980fadde7e398cfff1933b78e9565029f95296ff05_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:a15b54532e9e06d91abce8fd7becf2aa3bfbce56f231036e25e9ffed15760f74_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:ce1e29736422aa55f1a3837fc38a365fbc1096d58b6794cca84ff907da273917_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:42f631d436d62d7399ca3ef8fd89a334c7839823c8e6ffafe2cdd32ee36493bb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:56615395c62e26f3ef9bd267c0d5245331b8c67508df4bd8bbc83d72c4ef3b99_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:84a87320bee17439c05d2c6a1edf3b7e83b2f7ebfdd850399d12635e58da4d55_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:04a821296c01da5155ab36d9381b962866c26e9c7516f321ffe440b7fa13b4c5_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:33aaad4cc22d1e2998e4710cc644f4032bec8f140e5236fdc83d520a869626ef_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:d2cb739f949dc4ec9617bb9470a8482a8011077043e06e735ab0c9d7d1cac381_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:12d3d74ffbd7eb3a4817952835ab9bf5b89edf4fc9af661a28ec009f3251a519_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:1fb43684436f6b55152aab553177df048d5bb267c5efbc61f0f27cdbb0848957_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:c51fe06b557fa20d78af7b12cf6c6ddc3227f44f3957a52f3037c25700cfadb2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:1e1d5fad0aecf93b79b21112360aa0c308654c5b5df829cd3144488f8e217af4_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:72f613c382aac012e2e79e800df50c210f41693cc2aaa5b99cb28ab38f1966c8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7f027d05df255e62828ab28d5f188655fc125bc4ead872c7a33cedaf47b12f8c_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:cf586b7cb58dff92e7f31b8b9ebe5c971e55c67b8ba2c3320d2b71183c88fc7c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:2df297674884e6ac297bae685f80741489ddf1e1d0ae1d5ec354917dff1acdda_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:7af31fef4a2269c2cf444420048ea644c9949714e9a63417fe6d7288abee457b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:3ca10a19a0706af65bb590403adad92114810bf0ac64a89d6ac1d862e4cec671_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:56a321957afd15d357c8b53fc50299c0811981e8b925e64858dc7c4cfcea1993_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:633bfd24f1396c150b5902407879e7b26e7681074772fbbfeccc4d48cbe77b19_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:ff09ee957797fa15208f9130e246ae006c385cc799573a71d31aff9ddf0e805d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:1d258fe98c2477e4256a9b936f412f2501fb7ca9e3b810347f9712e0d5ce5c92_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:e8ccea3bfafbde4d5b91cc7b7732b2b64d6aa08499b5ca63b4d8f1e980291351_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:5bd1065dca1978c49c0143e2be4e921465c6a67fa786ab2a9254f0790259096e_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:8b34aaf5a7729ef1ccd01f2b1b1e3439b304343f3403de67f68255015206fbf4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:ade80e2ecb6fa56c20539e11677c29e57a1e20b5ce60f8414fd8ff3e83c9bc28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:3439c67a60c8323eb88f0181e8f811e5bdd7b51169f8b8cc687ab2148d1bfabe_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:820fd80dbce2d9d9cdf38989ce84ee5601e862786a732ad108fc319e28131944_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:d9a6959a71074ffc5ec0fa324af389fbd8277efbd22a827cef8a439b18cd2bcf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:8e9dbdc213745aa0990f47e50b1d899ac2121951b9346420131d76cc393a493a_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:95ca9b1ecee8f11d6edabd7af76f60d2987df91d11fd0fb4c6578df735717422_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:f01860f904557f887d8aafe42143c63352d6cb496dc727c265f14e3c2d296e06_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:1c76d957c8588ea2987d4b551bbefc2ef07c546cbaeb3148caff06f640b35ade_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:68e9797f37f8e4de817ee4e1cba7d583b541db2373c5d250ccc3344820720b85_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:7f362050312693129d3a15b6eed4fa06576d6529a99bc864f273c55145ae14ec_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:114fd9b55f5ea28a16c3fe2eef773a4cb4693c1885ef6193399cfea278191acb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:6490c1848b373efe6c327f8959e06b66b1ac3fe0f90fa697f7309d9f48c66765_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:816d8f81196bb0acfe5bbc792f9768916724bdecea3671172412eeb6948c4ff7_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:1e66abc3373c50b5ef69b0c63bf877a978e3aa0a368630973cf0a2be7374becf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:9c061b939c8094f4939cd183da381ad8e49d878cc2fdd373b8d26eecae07ab6d_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f0511f3768e51b6801b66c91b302010e6197facb71a0b7777c4d3ad3039b6c88_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:3e70ae3e8b5f776ad3e2a184a1f2f572de5c46386f34edb99e2b9d1d9249ae41_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:5924a7e64d6031aa926f9ecb9ee3be30d8251c4705813a9bef6716d18b7411b4_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:f441a07265d87fb59ee375723e98fbc9af5f3fd5a2c09761692b0e271205f0bb_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:af7bbec8e30b0e0d8393fe1e2bd656d7630b7c9828536be6664fa848fac61505_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:cf4e879101bc4e3666649dda0926de8bbd95e641dc6832c29dc457128256eb6c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:331f8435e1bd3dec98947a24346873d09056e37e2d7ed83a463098dbf9f31a47_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:5e83e352d083892699338da3fa4c9b8218561e7167b4dff102d22e401cbc7f75_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:86ca44b014be65651b83a49a38c0784dee640b491b935e3ed5f3d49d84d55362_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f9ee33c1c4d7f2a872861c9ad1dbb78ba8fed3ab562ae90f12f06a892147e367_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:0ea603487b204f43ebddb1514500cdeaa02a0b763a627e4e10979deec60b7d28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:29ff94de29714044377d060db9ad47f151afec858c8fc127c94ff04adbb984b7_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:2b6c00ee23df974d22c185b592ef4d7babbb76bcadc129a04c869f9983630103_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:e7c4da685e08c79d5b49e9f12ff5efa7cc7d9e26a03c91ab19f86c99e9f4ac23_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:25077a998c7b6ec7e8122026f2152419a0efe293a00899bb745a66a57f913848_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:5178d3800d74d84a6282a7ddc888eea9b81d62c8a385ad57bb742fa28fb0f575_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:9070f6741e667a4a145ede8dc67d4f7545944ef5fe4937fdcb1a08e9f537e068_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:a7efdef6ef06af0aa97de86ebd0c0ccfc316719195289dfa835261da53b06589_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2dd15cd61e1e5d98791a68bb513572b82ce5d799dd3fa864d43a8134536b19ff_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:37938821d832d7b957aa6f9b4a468c0eed785625c2bb8257726b4dc094bab9bd_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:e94a31493c7207846ab5d13387311e9a6d99ffa7885d1b8faa8602750059c2a3_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:eb0500f30373c5bcf3e10e27b081f97e5ce8b29a71dde9ff9b7e1066fd5dd80e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:22c745e5d04f7a0d9b188bf6657b1de053c61d99d813f11f6819550ef2a96732_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:49495dd44b7956a5e1bed226a896be649a07cd1b1f915de31d39041a77f6cdb5_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:741b836350d9ec48109468382c81066f401ebb4712ca414d44e3042894111419_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:9cf7f5bdebf6b53fce9cfed4fe530c380f36bb1d60120b53c06043371863d4e6_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:3dd54b885e3d63e5882284bf4878aa723c1fef6833601ed5d5a091b6b74c68d1_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:83f773633a864b707c7e371bd554f79622b999a1ecef4b1cd368e0dd72b7a9ad_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:4a356900b1daca75092b8eac5c1d16f38703941caebba5ddec48120e854bd7e9_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:a26699523e44b43a0f237ee664b3574cbea8d11576bd4bc884c3766c0effb8df_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:1a85e42e32534b58410c519b4d8f7d84fe6ff96567612f18f4bd558fa3c895a6_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef72689e332c4e224a80603ffbcc1603cdf8fe4230b9fd60e7713f0b5c2d5045_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:1c15c95b65bfbcc620d4d429431eabca8f4714d32a38aa68cb15c549e1a6ce4c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:659acd52802b6f2300c223bcde827f1d9b80ac9a93fdb6f574fcb5a08b92607c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:6f44d3b3973c34677d347a67841dbfabd23817de1b5c26967f1b9952c27b48c8_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:b84eb1329e837895ca50d3284553e195918fefc71bdb9dc2550a90b2d927b6eb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:84739168d6ea2813c5b9666773166649a6b328a279dac80b61c51311a6a2943a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-operator-bundle@sha256:74968eea50e067a335e830cfde6d8bf3cd130a9eba77ce918e25e252b7c1541e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:53a8389250e59e7c9f5a9a61914cac361946b256132649bd45f775c8f36b486a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:890b0e4467cdfd68985af367a6d015ff7e92a2b6a1f46e2c2bf233c3d621f1a8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:9f667eb88f5b085ec40b8b06e5f42cf6a0ced0913d7d2b0402cd0472eb4b428c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:eedab7e6fd4adb2bd697e8cbcbd6703291d9fe5d2a3a048e8c34d9529586c93a_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:12ac94419811458fb309d417091e279d485c4a665899d3a7d3157b8b32c1b03d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:4318d360c3a968ee79ef68979105ee5ffb93137757a3b4a6c42c15e6cf6b11ba_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:ba6188d3d284f030f90e117c87501a8d08c4b356383429ad39806472113aa41b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:05c7ffbd4dfa1f6ef760ed86f142d84d4c42583fa0b747eedc234763bef74ebb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:883f4ae255413c1409d3fb607f91fdf13badf534c5e8f78d9905c8da69cdeeed_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:b7f375f2f1f4eb828ee8255143143385c4662aab967c007a89954903c8a7c27f_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:d29d106e6c0f6a3ae971903a16cf4a564950bcf5336219eb6665cae98b824d33_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:5a2db37676e0f0b05fe2a8c5f82bb489ff3c8dd80f94b9fb3540488ab39ff6ca_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:bab28cfa3596192875dbf305a4ed7432db0ebebec604053d30895931818740cd_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/expr-lang/expr: Expr: Denial of Service via uncontrolled recursion in expression evaluation"
},
{
"cve": "CVE-2025-68476",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2025-12-22T22:03:38.850390+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:2c98b3b933276dbcead1fde142bfcd3f130d89e6812c6b433da7eed650ae2dbc_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:53c79641084ebe6c98274b31e34cc1a759b1443b96cf7dc45317008a30b1fc8d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4333242b1f6f25f8656bd612870d02868f3724d80cf542c8d78ada49a8ad9cb2_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4519eccf48b1f2393bab39980fadde7e398cfff1933b78e9565029f95296ff05_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:a15b54532e9e06d91abce8fd7becf2aa3bfbce56f231036e25e9ffed15760f74_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:ce1e29736422aa55f1a3837fc38a365fbc1096d58b6794cca84ff907da273917_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:42f631d436d62d7399ca3ef8fd89a334c7839823c8e6ffafe2cdd32ee36493bb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:56615395c62e26f3ef9bd267c0d5245331b8c67508df4bd8bbc83d72c4ef3b99_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:84a87320bee17439c05d2c6a1edf3b7e83b2f7ebfdd850399d12635e58da4d55_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:04a821296c01da5155ab36d9381b962866c26e9c7516f321ffe440b7fa13b4c5_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:33aaad4cc22d1e2998e4710cc644f4032bec8f140e5236fdc83d520a869626ef_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:d2cb739f949dc4ec9617bb9470a8482a8011077043e06e735ab0c9d7d1cac381_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:12d3d74ffbd7eb3a4817952835ab9bf5b89edf4fc9af661a28ec009f3251a519_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:1fb43684436f6b55152aab553177df048d5bb267c5efbc61f0f27cdbb0848957_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:c51fe06b557fa20d78af7b12cf6c6ddc3227f44f3957a52f3037c25700cfadb2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:1e1d5fad0aecf93b79b21112360aa0c308654c5b5df829cd3144488f8e217af4_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:72f613c382aac012e2e79e800df50c210f41693cc2aaa5b99cb28ab38f1966c8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7f027d05df255e62828ab28d5f188655fc125bc4ead872c7a33cedaf47b12f8c_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:cf586b7cb58dff92e7f31b8b9ebe5c971e55c67b8ba2c3320d2b71183c88fc7c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:2df297674884e6ac297bae685f80741489ddf1e1d0ae1d5ec354917dff1acdda_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:7af31fef4a2269c2cf444420048ea644c9949714e9a63417fe6d7288abee457b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:3ca10a19a0706af65bb590403adad92114810bf0ac64a89d6ac1d862e4cec671_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:56a321957afd15d357c8b53fc50299c0811981e8b925e64858dc7c4cfcea1993_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:633bfd24f1396c150b5902407879e7b26e7681074772fbbfeccc4d48cbe77b19_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:ff09ee957797fa15208f9130e246ae006c385cc799573a71d31aff9ddf0e805d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:1d258fe98c2477e4256a9b936f412f2501fb7ca9e3b810347f9712e0d5ce5c92_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:e8ccea3bfafbde4d5b91cc7b7732b2b64d6aa08499b5ca63b4d8f1e980291351_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:5bd1065dca1978c49c0143e2be4e921465c6a67fa786ab2a9254f0790259096e_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:8b34aaf5a7729ef1ccd01f2b1b1e3439b304343f3403de67f68255015206fbf4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:ade80e2ecb6fa56c20539e11677c29e57a1e20b5ce60f8414fd8ff3e83c9bc28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:3439c67a60c8323eb88f0181e8f811e5bdd7b51169f8b8cc687ab2148d1bfabe_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:820fd80dbce2d9d9cdf38989ce84ee5601e862786a732ad108fc319e28131944_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:d9a6959a71074ffc5ec0fa324af389fbd8277efbd22a827cef8a439b18cd2bcf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:8e9dbdc213745aa0990f47e50b1d899ac2121951b9346420131d76cc393a493a_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:95ca9b1ecee8f11d6edabd7af76f60d2987df91d11fd0fb4c6578df735717422_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:f01860f904557f887d8aafe42143c63352d6cb496dc727c265f14e3c2d296e06_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:1c76d957c8588ea2987d4b551bbefc2ef07c546cbaeb3148caff06f640b35ade_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:68e9797f37f8e4de817ee4e1cba7d583b541db2373c5d250ccc3344820720b85_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:7f362050312693129d3a15b6eed4fa06576d6529a99bc864f273c55145ae14ec_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:114fd9b55f5ea28a16c3fe2eef773a4cb4693c1885ef6193399cfea278191acb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:6490c1848b373efe6c327f8959e06b66b1ac3fe0f90fa697f7309d9f48c66765_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:816d8f81196bb0acfe5bbc792f9768916724bdecea3671172412eeb6948c4ff7_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:1e66abc3373c50b5ef69b0c63bf877a978e3aa0a368630973cf0a2be7374becf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:9c061b939c8094f4939cd183da381ad8e49d878cc2fdd373b8d26eecae07ab6d_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f0511f3768e51b6801b66c91b302010e6197facb71a0b7777c4d3ad3039b6c88_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:3e70ae3e8b5f776ad3e2a184a1f2f572de5c46386f34edb99e2b9d1d9249ae41_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:5924a7e64d6031aa926f9ecb9ee3be30d8251c4705813a9bef6716d18b7411b4_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:f441a07265d87fb59ee375723e98fbc9af5f3fd5a2c09761692b0e271205f0bb_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:af7bbec8e30b0e0d8393fe1e2bd656d7630b7c9828536be6664fa848fac61505_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:cf4e879101bc4e3666649dda0926de8bbd95e641dc6832c29dc457128256eb6c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:331f8435e1bd3dec98947a24346873d09056e37e2d7ed83a463098dbf9f31a47_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:5e83e352d083892699338da3fa4c9b8218561e7167b4dff102d22e401cbc7f75_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:86ca44b014be65651b83a49a38c0784dee640b491b935e3ed5f3d49d84d55362_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f9ee33c1c4d7f2a872861c9ad1dbb78ba8fed3ab562ae90f12f06a892147e367_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:25077a998c7b6ec7e8122026f2152419a0efe293a00899bb745a66a57f913848_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:5178d3800d74d84a6282a7ddc888eea9b81d62c8a385ad57bb742fa28fb0f575_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:9070f6741e667a4a145ede8dc67d4f7545944ef5fe4937fdcb1a08e9f537e068_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:a7efdef6ef06af0aa97de86ebd0c0ccfc316719195289dfa835261da53b06589_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2dd15cd61e1e5d98791a68bb513572b82ce5d799dd3fa864d43a8134536b19ff_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:37938821d832d7b957aa6f9b4a468c0eed785625c2bb8257726b4dc094bab9bd_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:e94a31493c7207846ab5d13387311e9a6d99ffa7885d1b8faa8602750059c2a3_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:eb0500f30373c5bcf3e10e27b081f97e5ce8b29a71dde9ff9b7e1066fd5dd80e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:22c745e5d04f7a0d9b188bf6657b1de053c61d99d813f11f6819550ef2a96732_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:49495dd44b7956a5e1bed226a896be649a07cd1b1f915de31d39041a77f6cdb5_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:741b836350d9ec48109468382c81066f401ebb4712ca414d44e3042894111419_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:9cf7f5bdebf6b53fce9cfed4fe530c380f36bb1d60120b53c06043371863d4e6_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:3dd54b885e3d63e5882284bf4878aa723c1fef6833601ed5d5a091b6b74c68d1_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:83f773633a864b707c7e371bd554f79622b999a1ecef4b1cd368e0dd72b7a9ad_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:4a356900b1daca75092b8eac5c1d16f38703941caebba5ddec48120e854bd7e9_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:a26699523e44b43a0f237ee664b3574cbea8d11576bd4bc884c3766c0effb8df_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:1a85e42e32534b58410c519b4d8f7d84fe6ff96567612f18f4bd558fa3c895a6_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef72689e332c4e224a80603ffbcc1603cdf8fe4230b9fd60e7713f0b5c2d5045_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:1c15c95b65bfbcc620d4d429431eabca8f4714d32a38aa68cb15c549e1a6ce4c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:659acd52802b6f2300c223bcde827f1d9b80ac9a93fdb6f574fcb5a08b92607c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:6f44d3b3973c34677d347a67841dbfabd23817de1b5c26967f1b9952c27b48c8_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:b84eb1329e837895ca50d3284553e195918fefc71bdb9dc2550a90b2d927b6eb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:84739168d6ea2813c5b9666773166649a6b328a279dac80b61c51311a6a2943a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-operator-bundle@sha256:74968eea50e067a335e830cfde6d8bf3cd130a9eba77ce918e25e252b7c1541e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:53a8389250e59e7c9f5a9a61914cac361946b256132649bd45f775c8f36b486a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:890b0e4467cdfd68985af367a6d015ff7e92a2b6a1f46e2c2bf233c3d621f1a8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:9f667eb88f5b085ec40b8b06e5f42cf6a0ced0913d7d2b0402cd0472eb4b428c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:eedab7e6fd4adb2bd697e8cbcbd6703291d9fe5d2a3a048e8c34d9529586c93a_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:12ac94419811458fb309d417091e279d485c4a665899d3a7d3157b8b32c1b03d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:4318d360c3a968ee79ef68979105ee5ffb93137757a3b4a6c42c15e6cf6b11ba_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:ba6188d3d284f030f90e117c87501a8d08c4b356383429ad39806472113aa41b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:05c7ffbd4dfa1f6ef760ed86f142d84d4c42583fa0b747eedc234763bef74ebb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:883f4ae255413c1409d3fb607f91fdf13badf534c5e8f78d9905c8da69cdeeed_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:b7f375f2f1f4eb828ee8255143143385c4662aab967c007a89954903c8a7c27f_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:d29d106e6c0f6a3ae971903a16cf4a564950bcf5336219eb6665cae98b824d33_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:5a2db37676e0f0b05fe2a8c5f82bb489ff3c8dd80f94b9fb3540488ab39ff6ca_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:bab28cfa3596192875dbf305a4ed7432db0ebebec604053d30895931818740cd_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2424509"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in KEDA, a Kubernetes-based Event Driven Autoscaling component. This arbitrary file read vulnerability allows an attacker with permissions to create or modify a TriggerAuthentication resource to read any file from the node\u0027s filesystem where the KEDA pod resides. This is due to insufficient path validation when handling Service Account Tokens during HashiCorp Vault authentication. Successful exploitation can lead to the exfiltration of sensitive system information, such as secrets or configuration files.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/kedacore/keda: KEDA: Arbitrary file read vulnerability in Vault authentication",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important because an attacker with permissions to create or modify a KEDA TriggerAuthentication resource can perform arbitrary file reads from the node\u0027s filesystem. This impacts Red Hat OpenShift products that utilize KEDA with HashiCorp Vault authentication.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:0ea603487b204f43ebddb1514500cdeaa02a0b763a627e4e10979deec60b7d28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:29ff94de29714044377d060db9ad47f151afec858c8fc127c94ff04adbb984b7_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:2b6c00ee23df974d22c185b592ef4d7babbb76bcadc129a04c869f9983630103_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:e7c4da685e08c79d5b49e9f12ff5efa7cc7d9e26a03c91ab19f86c99e9f4ac23_arm64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:2c98b3b933276dbcead1fde142bfcd3f130d89e6812c6b433da7eed650ae2dbc_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:53c79641084ebe6c98274b31e34cc1a759b1443b96cf7dc45317008a30b1fc8d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4333242b1f6f25f8656bd612870d02868f3724d80cf542c8d78ada49a8ad9cb2_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4519eccf48b1f2393bab39980fadde7e398cfff1933b78e9565029f95296ff05_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:a15b54532e9e06d91abce8fd7becf2aa3bfbce56f231036e25e9ffed15760f74_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:ce1e29736422aa55f1a3837fc38a365fbc1096d58b6794cca84ff907da273917_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:42f631d436d62d7399ca3ef8fd89a334c7839823c8e6ffafe2cdd32ee36493bb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:56615395c62e26f3ef9bd267c0d5245331b8c67508df4bd8bbc83d72c4ef3b99_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:84a87320bee17439c05d2c6a1edf3b7e83b2f7ebfdd850399d12635e58da4d55_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:04a821296c01da5155ab36d9381b962866c26e9c7516f321ffe440b7fa13b4c5_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:33aaad4cc22d1e2998e4710cc644f4032bec8f140e5236fdc83d520a869626ef_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:d2cb739f949dc4ec9617bb9470a8482a8011077043e06e735ab0c9d7d1cac381_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:12d3d74ffbd7eb3a4817952835ab9bf5b89edf4fc9af661a28ec009f3251a519_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:1fb43684436f6b55152aab553177df048d5bb267c5efbc61f0f27cdbb0848957_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:c51fe06b557fa20d78af7b12cf6c6ddc3227f44f3957a52f3037c25700cfadb2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:1e1d5fad0aecf93b79b21112360aa0c308654c5b5df829cd3144488f8e217af4_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:72f613c382aac012e2e79e800df50c210f41693cc2aaa5b99cb28ab38f1966c8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7f027d05df255e62828ab28d5f188655fc125bc4ead872c7a33cedaf47b12f8c_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:cf586b7cb58dff92e7f31b8b9ebe5c971e55c67b8ba2c3320d2b71183c88fc7c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:2df297674884e6ac297bae685f80741489ddf1e1d0ae1d5ec354917dff1acdda_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:7af31fef4a2269c2cf444420048ea644c9949714e9a63417fe6d7288abee457b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:3ca10a19a0706af65bb590403adad92114810bf0ac64a89d6ac1d862e4cec671_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:56a321957afd15d357c8b53fc50299c0811981e8b925e64858dc7c4cfcea1993_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:633bfd24f1396c150b5902407879e7b26e7681074772fbbfeccc4d48cbe77b19_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:ff09ee957797fa15208f9130e246ae006c385cc799573a71d31aff9ddf0e805d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:1d258fe98c2477e4256a9b936f412f2501fb7ca9e3b810347f9712e0d5ce5c92_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:e8ccea3bfafbde4d5b91cc7b7732b2b64d6aa08499b5ca63b4d8f1e980291351_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:5bd1065dca1978c49c0143e2be4e921465c6a67fa786ab2a9254f0790259096e_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:8b34aaf5a7729ef1ccd01f2b1b1e3439b304343f3403de67f68255015206fbf4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:ade80e2ecb6fa56c20539e11677c29e57a1e20b5ce60f8414fd8ff3e83c9bc28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:3439c67a60c8323eb88f0181e8f811e5bdd7b51169f8b8cc687ab2148d1bfabe_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:820fd80dbce2d9d9cdf38989ce84ee5601e862786a732ad108fc319e28131944_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:d9a6959a71074ffc5ec0fa324af389fbd8277efbd22a827cef8a439b18cd2bcf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:8e9dbdc213745aa0990f47e50b1d899ac2121951b9346420131d76cc393a493a_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:95ca9b1ecee8f11d6edabd7af76f60d2987df91d11fd0fb4c6578df735717422_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:f01860f904557f887d8aafe42143c63352d6cb496dc727c265f14e3c2d296e06_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:1c76d957c8588ea2987d4b551bbefc2ef07c546cbaeb3148caff06f640b35ade_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:68e9797f37f8e4de817ee4e1cba7d583b541db2373c5d250ccc3344820720b85_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:7f362050312693129d3a15b6eed4fa06576d6529a99bc864f273c55145ae14ec_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:114fd9b55f5ea28a16c3fe2eef773a4cb4693c1885ef6193399cfea278191acb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:6490c1848b373efe6c327f8959e06b66b1ac3fe0f90fa697f7309d9f48c66765_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:816d8f81196bb0acfe5bbc792f9768916724bdecea3671172412eeb6948c4ff7_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:1e66abc3373c50b5ef69b0c63bf877a978e3aa0a368630973cf0a2be7374becf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:9c061b939c8094f4939cd183da381ad8e49d878cc2fdd373b8d26eecae07ab6d_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f0511f3768e51b6801b66c91b302010e6197facb71a0b7777c4d3ad3039b6c88_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:3e70ae3e8b5f776ad3e2a184a1f2f572de5c46386f34edb99e2b9d1d9249ae41_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:5924a7e64d6031aa926f9ecb9ee3be30d8251c4705813a9bef6716d18b7411b4_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:f441a07265d87fb59ee375723e98fbc9af5f3fd5a2c09761692b0e271205f0bb_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:af7bbec8e30b0e0d8393fe1e2bd656d7630b7c9828536be6664fa848fac61505_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:cf4e879101bc4e3666649dda0926de8bbd95e641dc6832c29dc457128256eb6c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:331f8435e1bd3dec98947a24346873d09056e37e2d7ed83a463098dbf9f31a47_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:5e83e352d083892699338da3fa4c9b8218561e7167b4dff102d22e401cbc7f75_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:86ca44b014be65651b83a49a38c0784dee640b491b935e3ed5f3d49d84d55362_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f9ee33c1c4d7f2a872861c9ad1dbb78ba8fed3ab562ae90f12f06a892147e367_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:25077a998c7b6ec7e8122026f2152419a0efe293a00899bb745a66a57f913848_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:5178d3800d74d84a6282a7ddc888eea9b81d62c8a385ad57bb742fa28fb0f575_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:9070f6741e667a4a145ede8dc67d4f7545944ef5fe4937fdcb1a08e9f537e068_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:a7efdef6ef06af0aa97de86ebd0c0ccfc316719195289dfa835261da53b06589_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2dd15cd61e1e5d98791a68bb513572b82ce5d799dd3fa864d43a8134536b19ff_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:37938821d832d7b957aa6f9b4a468c0eed785625c2bb8257726b4dc094bab9bd_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:e94a31493c7207846ab5d13387311e9a6d99ffa7885d1b8faa8602750059c2a3_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:eb0500f30373c5bcf3e10e27b081f97e5ce8b29a71dde9ff9b7e1066fd5dd80e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:22c745e5d04f7a0d9b188bf6657b1de053c61d99d813f11f6819550ef2a96732_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:49495dd44b7956a5e1bed226a896be649a07cd1b1f915de31d39041a77f6cdb5_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:741b836350d9ec48109468382c81066f401ebb4712ca414d44e3042894111419_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:9cf7f5bdebf6b53fce9cfed4fe530c380f36bb1d60120b53c06043371863d4e6_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:3dd54b885e3d63e5882284bf4878aa723c1fef6833601ed5d5a091b6b74c68d1_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:83f773633a864b707c7e371bd554f79622b999a1ecef4b1cd368e0dd72b7a9ad_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:4a356900b1daca75092b8eac5c1d16f38703941caebba5ddec48120e854bd7e9_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:a26699523e44b43a0f237ee664b3574cbea8d11576bd4bc884c3766c0effb8df_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:1a85e42e32534b58410c519b4d8f7d84fe6ff96567612f18f4bd558fa3c895a6_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef72689e332c4e224a80603ffbcc1603cdf8fe4230b9fd60e7713f0b5c2d5045_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:1c15c95b65bfbcc620d4d429431eabca8f4714d32a38aa68cb15c549e1a6ce4c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:659acd52802b6f2300c223bcde827f1d9b80ac9a93fdb6f574fcb5a08b92607c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:6f44d3b3973c34677d347a67841dbfabd23817de1b5c26967f1b9952c27b48c8_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:b84eb1329e837895ca50d3284553e195918fefc71bdb9dc2550a90b2d927b6eb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:84739168d6ea2813c5b9666773166649a6b328a279dac80b61c51311a6a2943a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-operator-bundle@sha256:74968eea50e067a335e830cfde6d8bf3cd130a9eba77ce918e25e252b7c1541e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:53a8389250e59e7c9f5a9a61914cac361946b256132649bd45f775c8f36b486a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:890b0e4467cdfd68985af367a6d015ff7e92a2b6a1f46e2c2bf233c3d621f1a8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:9f667eb88f5b085ec40b8b06e5f42cf6a0ced0913d7d2b0402cd0472eb4b428c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:eedab7e6fd4adb2bd697e8cbcbd6703291d9fe5d2a3a048e8c34d9529586c93a_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:12ac94419811458fb309d417091e279d485c4a665899d3a7d3157b8b32c1b03d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:4318d360c3a968ee79ef68979105ee5ffb93137757a3b4a6c42c15e6cf6b11ba_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:ba6188d3d284f030f90e117c87501a8d08c4b356383429ad39806472113aa41b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:05c7ffbd4dfa1f6ef760ed86f142d84d4c42583fa0b747eedc234763bef74ebb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:883f4ae255413c1409d3fb607f91fdf13badf534c5e8f78d9905c8da69cdeeed_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:b7f375f2f1f4eb828ee8255143143385c4662aab967c007a89954903c8a7c27f_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:d29d106e6c0f6a3ae971903a16cf4a564950bcf5336219eb6665cae98b824d33_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:5a2db37676e0f0b05fe2a8c5f82bb489ff3c8dd80f94b9fb3540488ab39ff6ca_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:bab28cfa3596192875dbf305a4ed7432db0ebebec604053d30895931818740cd_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68476"
},
{
"category": "external",
"summary": "RHBZ#2424509",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2424509"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68476",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68476"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68476",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68476"
},
{
"category": "external",
"summary": "https://github.com/kedacore/keda/commit/15c5677f65f809b9b6b59a52f4cf793db0a510fd",
"url": "https://github.com/kedacore/keda/commit/15c5677f65f809b9b6b59a52f4cf793db0a510fd"
},
{
"category": "external",
"summary": "https://github.com/kedacore/keda/security/advisories/GHSA-c4p6-qg4m-9jmr",
"url": "https://github.com/kedacore/keda/security/advisories/GHSA-c4p6-qg4m-9jmr"
}
],
"release_date": "2025-12-22T21:35:00.480000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-12T22:43:13+00:00",
"details": "For Red Hat OpenShift AI 2.25.2 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:0ea603487b204f43ebddb1514500cdeaa02a0b763a627e4e10979deec60b7d28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:29ff94de29714044377d060db9ad47f151afec858c8fc127c94ff04adbb984b7_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:2b6c00ee23df974d22c185b592ef4d7babbb76bcadc129a04c869f9983630103_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:e7c4da685e08c79d5b49e9f12ff5efa7cc7d9e26a03c91ab19f86c99e9f4ac23_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2695"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:2c98b3b933276dbcead1fde142bfcd3f130d89e6812c6b433da7eed650ae2dbc_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:53c79641084ebe6c98274b31e34cc1a759b1443b96cf7dc45317008a30b1fc8d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4333242b1f6f25f8656bd612870d02868f3724d80cf542c8d78ada49a8ad9cb2_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4519eccf48b1f2393bab39980fadde7e398cfff1933b78e9565029f95296ff05_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:a15b54532e9e06d91abce8fd7becf2aa3bfbce56f231036e25e9ffed15760f74_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:ce1e29736422aa55f1a3837fc38a365fbc1096d58b6794cca84ff907da273917_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:42f631d436d62d7399ca3ef8fd89a334c7839823c8e6ffafe2cdd32ee36493bb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:56615395c62e26f3ef9bd267c0d5245331b8c67508df4bd8bbc83d72c4ef3b99_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:84a87320bee17439c05d2c6a1edf3b7e83b2f7ebfdd850399d12635e58da4d55_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:04a821296c01da5155ab36d9381b962866c26e9c7516f321ffe440b7fa13b4c5_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:33aaad4cc22d1e2998e4710cc644f4032bec8f140e5236fdc83d520a869626ef_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:d2cb739f949dc4ec9617bb9470a8482a8011077043e06e735ab0c9d7d1cac381_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:12d3d74ffbd7eb3a4817952835ab9bf5b89edf4fc9af661a28ec009f3251a519_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:1fb43684436f6b55152aab553177df048d5bb267c5efbc61f0f27cdbb0848957_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:c51fe06b557fa20d78af7b12cf6c6ddc3227f44f3957a52f3037c25700cfadb2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:1e1d5fad0aecf93b79b21112360aa0c308654c5b5df829cd3144488f8e217af4_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:72f613c382aac012e2e79e800df50c210f41693cc2aaa5b99cb28ab38f1966c8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7f027d05df255e62828ab28d5f188655fc125bc4ead872c7a33cedaf47b12f8c_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:cf586b7cb58dff92e7f31b8b9ebe5c971e55c67b8ba2c3320d2b71183c88fc7c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:2df297674884e6ac297bae685f80741489ddf1e1d0ae1d5ec354917dff1acdda_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:7af31fef4a2269c2cf444420048ea644c9949714e9a63417fe6d7288abee457b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:3ca10a19a0706af65bb590403adad92114810bf0ac64a89d6ac1d862e4cec671_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:56a321957afd15d357c8b53fc50299c0811981e8b925e64858dc7c4cfcea1993_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:633bfd24f1396c150b5902407879e7b26e7681074772fbbfeccc4d48cbe77b19_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:ff09ee957797fa15208f9130e246ae006c385cc799573a71d31aff9ddf0e805d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:1d258fe98c2477e4256a9b936f412f2501fb7ca9e3b810347f9712e0d5ce5c92_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:e8ccea3bfafbde4d5b91cc7b7732b2b64d6aa08499b5ca63b4d8f1e980291351_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:5bd1065dca1978c49c0143e2be4e921465c6a67fa786ab2a9254f0790259096e_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:8b34aaf5a7729ef1ccd01f2b1b1e3439b304343f3403de67f68255015206fbf4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:ade80e2ecb6fa56c20539e11677c29e57a1e20b5ce60f8414fd8ff3e83c9bc28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:3439c67a60c8323eb88f0181e8f811e5bdd7b51169f8b8cc687ab2148d1bfabe_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:820fd80dbce2d9d9cdf38989ce84ee5601e862786a732ad108fc319e28131944_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:d9a6959a71074ffc5ec0fa324af389fbd8277efbd22a827cef8a439b18cd2bcf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:8e9dbdc213745aa0990f47e50b1d899ac2121951b9346420131d76cc393a493a_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:95ca9b1ecee8f11d6edabd7af76f60d2987df91d11fd0fb4c6578df735717422_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:f01860f904557f887d8aafe42143c63352d6cb496dc727c265f14e3c2d296e06_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:1c76d957c8588ea2987d4b551bbefc2ef07c546cbaeb3148caff06f640b35ade_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:68e9797f37f8e4de817ee4e1cba7d583b541db2373c5d250ccc3344820720b85_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:7f362050312693129d3a15b6eed4fa06576d6529a99bc864f273c55145ae14ec_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:114fd9b55f5ea28a16c3fe2eef773a4cb4693c1885ef6193399cfea278191acb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:6490c1848b373efe6c327f8959e06b66b1ac3fe0f90fa697f7309d9f48c66765_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:816d8f81196bb0acfe5bbc792f9768916724bdecea3671172412eeb6948c4ff7_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:1e66abc3373c50b5ef69b0c63bf877a978e3aa0a368630973cf0a2be7374becf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:9c061b939c8094f4939cd183da381ad8e49d878cc2fdd373b8d26eecae07ab6d_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f0511f3768e51b6801b66c91b302010e6197facb71a0b7777c4d3ad3039b6c88_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:3e70ae3e8b5f776ad3e2a184a1f2f572de5c46386f34edb99e2b9d1d9249ae41_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:5924a7e64d6031aa926f9ecb9ee3be30d8251c4705813a9bef6716d18b7411b4_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:f441a07265d87fb59ee375723e98fbc9af5f3fd5a2c09761692b0e271205f0bb_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:af7bbec8e30b0e0d8393fe1e2bd656d7630b7c9828536be6664fa848fac61505_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:cf4e879101bc4e3666649dda0926de8bbd95e641dc6832c29dc457128256eb6c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:331f8435e1bd3dec98947a24346873d09056e37e2d7ed83a463098dbf9f31a47_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:5e83e352d083892699338da3fa4c9b8218561e7167b4dff102d22e401cbc7f75_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:86ca44b014be65651b83a49a38c0784dee640b491b935e3ed5f3d49d84d55362_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f9ee33c1c4d7f2a872861c9ad1dbb78ba8fed3ab562ae90f12f06a892147e367_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:0ea603487b204f43ebddb1514500cdeaa02a0b763a627e4e10979deec60b7d28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:29ff94de29714044377d060db9ad47f151afec858c8fc127c94ff04adbb984b7_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:2b6c00ee23df974d22c185b592ef4d7babbb76bcadc129a04c869f9983630103_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:e7c4da685e08c79d5b49e9f12ff5efa7cc7d9e26a03c91ab19f86c99e9f4ac23_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:25077a998c7b6ec7e8122026f2152419a0efe293a00899bb745a66a57f913848_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:5178d3800d74d84a6282a7ddc888eea9b81d62c8a385ad57bb742fa28fb0f575_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:9070f6741e667a4a145ede8dc67d4f7545944ef5fe4937fdcb1a08e9f537e068_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:a7efdef6ef06af0aa97de86ebd0c0ccfc316719195289dfa835261da53b06589_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2dd15cd61e1e5d98791a68bb513572b82ce5d799dd3fa864d43a8134536b19ff_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:37938821d832d7b957aa6f9b4a468c0eed785625c2bb8257726b4dc094bab9bd_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:e94a31493c7207846ab5d13387311e9a6d99ffa7885d1b8faa8602750059c2a3_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:eb0500f30373c5bcf3e10e27b081f97e5ce8b29a71dde9ff9b7e1066fd5dd80e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:22c745e5d04f7a0d9b188bf6657b1de053c61d99d813f11f6819550ef2a96732_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:49495dd44b7956a5e1bed226a896be649a07cd1b1f915de31d39041a77f6cdb5_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:741b836350d9ec48109468382c81066f401ebb4712ca414d44e3042894111419_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:9cf7f5bdebf6b53fce9cfed4fe530c380f36bb1d60120b53c06043371863d4e6_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:3dd54b885e3d63e5882284bf4878aa723c1fef6833601ed5d5a091b6b74c68d1_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:83f773633a864b707c7e371bd554f79622b999a1ecef4b1cd368e0dd72b7a9ad_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:4a356900b1daca75092b8eac5c1d16f38703941caebba5ddec48120e854bd7e9_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:a26699523e44b43a0f237ee664b3574cbea8d11576bd4bc884c3766c0effb8df_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:1a85e42e32534b58410c519b4d8f7d84fe6ff96567612f18f4bd558fa3c895a6_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef72689e332c4e224a80603ffbcc1603cdf8fe4230b9fd60e7713f0b5c2d5045_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:1c15c95b65bfbcc620d4d429431eabca8f4714d32a38aa68cb15c549e1a6ce4c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:659acd52802b6f2300c223bcde827f1d9b80ac9a93fdb6f574fcb5a08b92607c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:6f44d3b3973c34677d347a67841dbfabd23817de1b5c26967f1b9952c27b48c8_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:b84eb1329e837895ca50d3284553e195918fefc71bdb9dc2550a90b2d927b6eb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:84739168d6ea2813c5b9666773166649a6b328a279dac80b61c51311a6a2943a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-operator-bundle@sha256:74968eea50e067a335e830cfde6d8bf3cd130a9eba77ce918e25e252b7c1541e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:53a8389250e59e7c9f5a9a61914cac361946b256132649bd45f775c8f36b486a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:890b0e4467cdfd68985af367a6d015ff7e92a2b6a1f46e2c2bf233c3d621f1a8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:9f667eb88f5b085ec40b8b06e5f42cf6a0ced0913d7d2b0402cd0472eb4b428c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:eedab7e6fd4adb2bd697e8cbcbd6703291d9fe5d2a3a048e8c34d9529586c93a_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:12ac94419811458fb309d417091e279d485c4a665899d3a7d3157b8b32c1b03d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:4318d360c3a968ee79ef68979105ee5ffb93137757a3b4a6c42c15e6cf6b11ba_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:ba6188d3d284f030f90e117c87501a8d08c4b356383429ad39806472113aa41b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:05c7ffbd4dfa1f6ef760ed86f142d84d4c42583fa0b747eedc234763bef74ebb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:883f4ae255413c1409d3fb607f91fdf13badf534c5e8f78d9905c8da69cdeeed_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:b7f375f2f1f4eb828ee8255143143385c4662aab967c007a89954903c8a7c27f_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:d29d106e6c0f6a3ae971903a16cf4a564950bcf5336219eb6665cae98b824d33_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:5a2db37676e0f0b05fe2a8c5f82bb489ff3c8dd80f94b9fb3540488ab39ff6ca_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:bab28cfa3596192875dbf305a4ed7432db0ebebec604053d30895931818740cd_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/kedacore/keda: KEDA: Arbitrary file read vulnerability in Vault authentication"
},
{
"cve": "CVE-2025-69223",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-06T20:01:19.831548+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:2c98b3b933276dbcead1fde142bfcd3f130d89e6812c6b433da7eed650ae2dbc_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:53c79641084ebe6c98274b31e34cc1a759b1443b96cf7dc45317008a30b1fc8d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4333242b1f6f25f8656bd612870d02868f3724d80cf542c8d78ada49a8ad9cb2_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4519eccf48b1f2393bab39980fadde7e398cfff1933b78e9565029f95296ff05_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:a15b54532e9e06d91abce8fd7becf2aa3bfbce56f231036e25e9ffed15760f74_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:ce1e29736422aa55f1a3837fc38a365fbc1096d58b6794cca84ff907da273917_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:42f631d436d62d7399ca3ef8fd89a334c7839823c8e6ffafe2cdd32ee36493bb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:56615395c62e26f3ef9bd267c0d5245331b8c67508df4bd8bbc83d72c4ef3b99_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:84a87320bee17439c05d2c6a1edf3b7e83b2f7ebfdd850399d12635e58da4d55_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:04a821296c01da5155ab36d9381b962866c26e9c7516f321ffe440b7fa13b4c5_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:33aaad4cc22d1e2998e4710cc644f4032bec8f140e5236fdc83d520a869626ef_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:d2cb739f949dc4ec9617bb9470a8482a8011077043e06e735ab0c9d7d1cac381_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:12d3d74ffbd7eb3a4817952835ab9bf5b89edf4fc9af661a28ec009f3251a519_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:1fb43684436f6b55152aab553177df048d5bb267c5efbc61f0f27cdbb0848957_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:c51fe06b557fa20d78af7b12cf6c6ddc3227f44f3957a52f3037c25700cfadb2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:1e1d5fad0aecf93b79b21112360aa0c308654c5b5df829cd3144488f8e217af4_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:72f613c382aac012e2e79e800df50c210f41693cc2aaa5b99cb28ab38f1966c8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7f027d05df255e62828ab28d5f188655fc125bc4ead872c7a33cedaf47b12f8c_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:cf586b7cb58dff92e7f31b8b9ebe5c971e55c67b8ba2c3320d2b71183c88fc7c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:2df297674884e6ac297bae685f80741489ddf1e1d0ae1d5ec354917dff1acdda_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:7af31fef4a2269c2cf444420048ea644c9949714e9a63417fe6d7288abee457b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:3ca10a19a0706af65bb590403adad92114810bf0ac64a89d6ac1d862e4cec671_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:56a321957afd15d357c8b53fc50299c0811981e8b925e64858dc7c4cfcea1993_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:633bfd24f1396c150b5902407879e7b26e7681074772fbbfeccc4d48cbe77b19_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:ff09ee957797fa15208f9130e246ae006c385cc799573a71d31aff9ddf0e805d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:1d258fe98c2477e4256a9b936f412f2501fb7ca9e3b810347f9712e0d5ce5c92_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:e8ccea3bfafbde4d5b91cc7b7732b2b64d6aa08499b5ca63b4d8f1e980291351_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:5bd1065dca1978c49c0143e2be4e921465c6a67fa786ab2a9254f0790259096e_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:8b34aaf5a7729ef1ccd01f2b1b1e3439b304343f3403de67f68255015206fbf4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:ade80e2ecb6fa56c20539e11677c29e57a1e20b5ce60f8414fd8ff3e83c9bc28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:3439c67a60c8323eb88f0181e8f811e5bdd7b51169f8b8cc687ab2148d1bfabe_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:820fd80dbce2d9d9cdf38989ce84ee5601e862786a732ad108fc319e28131944_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:d9a6959a71074ffc5ec0fa324af389fbd8277efbd22a827cef8a439b18cd2bcf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:8e9dbdc213745aa0990f47e50b1d899ac2121951b9346420131d76cc393a493a_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:95ca9b1ecee8f11d6edabd7af76f60d2987df91d11fd0fb4c6578df735717422_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:f01860f904557f887d8aafe42143c63352d6cb496dc727c265f14e3c2d296e06_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:1c76d957c8588ea2987d4b551bbefc2ef07c546cbaeb3148caff06f640b35ade_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:68e9797f37f8e4de817ee4e1cba7d583b541db2373c5d250ccc3344820720b85_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:7f362050312693129d3a15b6eed4fa06576d6529a99bc864f273c55145ae14ec_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:1e66abc3373c50b5ef69b0c63bf877a978e3aa0a368630973cf0a2be7374becf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:9c061b939c8094f4939cd183da381ad8e49d878cc2fdd373b8d26eecae07ab6d_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f0511f3768e51b6801b66c91b302010e6197facb71a0b7777c4d3ad3039b6c88_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:3e70ae3e8b5f776ad3e2a184a1f2f572de5c46386f34edb99e2b9d1d9249ae41_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:5924a7e64d6031aa926f9ecb9ee3be30d8251c4705813a9bef6716d18b7411b4_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:f441a07265d87fb59ee375723e98fbc9af5f3fd5a2c09761692b0e271205f0bb_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:af7bbec8e30b0e0d8393fe1e2bd656d7630b7c9828536be6664fa848fac61505_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:cf4e879101bc4e3666649dda0926de8bbd95e641dc6832c29dc457128256eb6c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:331f8435e1bd3dec98947a24346873d09056e37e2d7ed83a463098dbf9f31a47_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:5e83e352d083892699338da3fa4c9b8218561e7167b4dff102d22e401cbc7f75_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:86ca44b014be65651b83a49a38c0784dee640b491b935e3ed5f3d49d84d55362_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f9ee33c1c4d7f2a872861c9ad1dbb78ba8fed3ab562ae90f12f06a892147e367_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:0ea603487b204f43ebddb1514500cdeaa02a0b763a627e4e10979deec60b7d28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:29ff94de29714044377d060db9ad47f151afec858c8fc127c94ff04adbb984b7_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:2b6c00ee23df974d22c185b592ef4d7babbb76bcadc129a04c869f9983630103_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:e7c4da685e08c79d5b49e9f12ff5efa7cc7d9e26a03c91ab19f86c99e9f4ac23_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:25077a998c7b6ec7e8122026f2152419a0efe293a00899bb745a66a57f913848_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:5178d3800d74d84a6282a7ddc888eea9b81d62c8a385ad57bb742fa28fb0f575_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:9070f6741e667a4a145ede8dc67d4f7545944ef5fe4937fdcb1a08e9f537e068_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:a7efdef6ef06af0aa97de86ebd0c0ccfc316719195289dfa835261da53b06589_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2dd15cd61e1e5d98791a68bb513572b82ce5d799dd3fa864d43a8134536b19ff_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:37938821d832d7b957aa6f9b4a468c0eed785625c2bb8257726b4dc094bab9bd_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:e94a31493c7207846ab5d13387311e9a6d99ffa7885d1b8faa8602750059c2a3_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:eb0500f30373c5bcf3e10e27b081f97e5ce8b29a71dde9ff9b7e1066fd5dd80e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:22c745e5d04f7a0d9b188bf6657b1de053c61d99d813f11f6819550ef2a96732_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:49495dd44b7956a5e1bed226a896be649a07cd1b1f915de31d39041a77f6cdb5_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:741b836350d9ec48109468382c81066f401ebb4712ca414d44e3042894111419_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:9cf7f5bdebf6b53fce9cfed4fe530c380f36bb1d60120b53c06043371863d4e6_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:3dd54b885e3d63e5882284bf4878aa723c1fef6833601ed5d5a091b6b74c68d1_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:83f773633a864b707c7e371bd554f79622b999a1ecef4b1cd368e0dd72b7a9ad_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:4a356900b1daca75092b8eac5c1d16f38703941caebba5ddec48120e854bd7e9_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:a26699523e44b43a0f237ee664b3574cbea8d11576bd4bc884c3766c0effb8df_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:1a85e42e32534b58410c519b4d8f7d84fe6ff96567612f18f4bd558fa3c895a6_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef72689e332c4e224a80603ffbcc1603cdf8fe4230b9fd60e7713f0b5c2d5045_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:1c15c95b65bfbcc620d4d429431eabca8f4714d32a38aa68cb15c549e1a6ce4c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:659acd52802b6f2300c223bcde827f1d9b80ac9a93fdb6f574fcb5a08b92607c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:6f44d3b3973c34677d347a67841dbfabd23817de1b5c26967f1b9952c27b48c8_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:b84eb1329e837895ca50d3284553e195918fefc71bdb9dc2550a90b2d927b6eb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-operator-bundle@sha256:74968eea50e067a335e830cfde6d8bf3cd130a9eba77ce918e25e252b7c1541e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:53a8389250e59e7c9f5a9a61914cac361946b256132649bd45f775c8f36b486a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:890b0e4467cdfd68985af367a6d015ff7e92a2b6a1f46e2c2bf233c3d621f1a8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:9f667eb88f5b085ec40b8b06e5f42cf6a0ced0913d7d2b0402cd0472eb4b428c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:eedab7e6fd4adb2bd697e8cbcbd6703291d9fe5d2a3a048e8c34d9529586c93a_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:12ac94419811458fb309d417091e279d485c4a665899d3a7d3157b8b32c1b03d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:4318d360c3a968ee79ef68979105ee5ffb93137757a3b4a6c42c15e6cf6b11ba_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:ba6188d3d284f030f90e117c87501a8d08c4b356383429ad39806472113aa41b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:05c7ffbd4dfa1f6ef760ed86f142d84d4c42583fa0b747eedc234763bef74ebb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:883f4ae255413c1409d3fb607f91fdf13badf534c5e8f78d9905c8da69cdeeed_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:b7f375f2f1f4eb828ee8255143143385c4662aab967c007a89954903c8a7c27f_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:d29d106e6c0f6a3ae971903a16cf4a564950bcf5336219eb6665cae98b824d33_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:5a2db37676e0f0b05fe2a8c5f82bb489ff3c8dd80f94b9fb3540488ab39ff6ca_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:bab28cfa3596192875dbf305a4ed7432db0ebebec604053d30895931818740cd_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2427456"
}
],
"notes": [
{
"category": "description",
"text": "A decompression based denial of service flaw has been discovered in the AIOHTTP python library. Library versions 3.13.2 and below allow a zip bomb to be used to execute a DoS against the AIOHTTP server. An attacker may be able to send a compressed request that when decompressed by AIOHTTP could exhaust the host\u0027s memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "aiohttp: AIOHTTP\u0027s HTTP Parser auto_decompress feature is vulnerable to zip bomb",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:114fd9b55f5ea28a16c3fe2eef773a4cb4693c1885ef6193399cfea278191acb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:6490c1848b373efe6c327f8959e06b66b1ac3fe0f90fa697f7309d9f48c66765_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:816d8f81196bb0acfe5bbc792f9768916724bdecea3671172412eeb6948c4ff7_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:84739168d6ea2813c5b9666773166649a6b328a279dac80b61c51311a6a2943a_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:2c98b3b933276dbcead1fde142bfcd3f130d89e6812c6b433da7eed650ae2dbc_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:53c79641084ebe6c98274b31e34cc1a759b1443b96cf7dc45317008a30b1fc8d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4333242b1f6f25f8656bd612870d02868f3724d80cf542c8d78ada49a8ad9cb2_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4519eccf48b1f2393bab39980fadde7e398cfff1933b78e9565029f95296ff05_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:a15b54532e9e06d91abce8fd7becf2aa3bfbce56f231036e25e9ffed15760f74_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:ce1e29736422aa55f1a3837fc38a365fbc1096d58b6794cca84ff907da273917_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:42f631d436d62d7399ca3ef8fd89a334c7839823c8e6ffafe2cdd32ee36493bb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:56615395c62e26f3ef9bd267c0d5245331b8c67508df4bd8bbc83d72c4ef3b99_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:84a87320bee17439c05d2c6a1edf3b7e83b2f7ebfdd850399d12635e58da4d55_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:04a821296c01da5155ab36d9381b962866c26e9c7516f321ffe440b7fa13b4c5_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:33aaad4cc22d1e2998e4710cc644f4032bec8f140e5236fdc83d520a869626ef_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:d2cb739f949dc4ec9617bb9470a8482a8011077043e06e735ab0c9d7d1cac381_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:12d3d74ffbd7eb3a4817952835ab9bf5b89edf4fc9af661a28ec009f3251a519_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:1fb43684436f6b55152aab553177df048d5bb267c5efbc61f0f27cdbb0848957_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:c51fe06b557fa20d78af7b12cf6c6ddc3227f44f3957a52f3037c25700cfadb2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:1e1d5fad0aecf93b79b21112360aa0c308654c5b5df829cd3144488f8e217af4_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:72f613c382aac012e2e79e800df50c210f41693cc2aaa5b99cb28ab38f1966c8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7f027d05df255e62828ab28d5f188655fc125bc4ead872c7a33cedaf47b12f8c_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:cf586b7cb58dff92e7f31b8b9ebe5c971e55c67b8ba2c3320d2b71183c88fc7c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:2df297674884e6ac297bae685f80741489ddf1e1d0ae1d5ec354917dff1acdda_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:7af31fef4a2269c2cf444420048ea644c9949714e9a63417fe6d7288abee457b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:3ca10a19a0706af65bb590403adad92114810bf0ac64a89d6ac1d862e4cec671_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:56a321957afd15d357c8b53fc50299c0811981e8b925e64858dc7c4cfcea1993_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:633bfd24f1396c150b5902407879e7b26e7681074772fbbfeccc4d48cbe77b19_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:ff09ee957797fa15208f9130e246ae006c385cc799573a71d31aff9ddf0e805d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:1d258fe98c2477e4256a9b936f412f2501fb7ca9e3b810347f9712e0d5ce5c92_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:e8ccea3bfafbde4d5b91cc7b7732b2b64d6aa08499b5ca63b4d8f1e980291351_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:5bd1065dca1978c49c0143e2be4e921465c6a67fa786ab2a9254f0790259096e_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:8b34aaf5a7729ef1ccd01f2b1b1e3439b304343f3403de67f68255015206fbf4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:ade80e2ecb6fa56c20539e11677c29e57a1e20b5ce60f8414fd8ff3e83c9bc28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:3439c67a60c8323eb88f0181e8f811e5bdd7b51169f8b8cc687ab2148d1bfabe_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:820fd80dbce2d9d9cdf38989ce84ee5601e862786a732ad108fc319e28131944_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:d9a6959a71074ffc5ec0fa324af389fbd8277efbd22a827cef8a439b18cd2bcf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:8e9dbdc213745aa0990f47e50b1d899ac2121951b9346420131d76cc393a493a_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:95ca9b1ecee8f11d6edabd7af76f60d2987df91d11fd0fb4c6578df735717422_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:f01860f904557f887d8aafe42143c63352d6cb496dc727c265f14e3c2d296e06_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:1c76d957c8588ea2987d4b551bbefc2ef07c546cbaeb3148caff06f640b35ade_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:68e9797f37f8e4de817ee4e1cba7d583b541db2373c5d250ccc3344820720b85_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:7f362050312693129d3a15b6eed4fa06576d6529a99bc864f273c55145ae14ec_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:1e66abc3373c50b5ef69b0c63bf877a978e3aa0a368630973cf0a2be7374becf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:9c061b939c8094f4939cd183da381ad8e49d878cc2fdd373b8d26eecae07ab6d_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f0511f3768e51b6801b66c91b302010e6197facb71a0b7777c4d3ad3039b6c88_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:3e70ae3e8b5f776ad3e2a184a1f2f572de5c46386f34edb99e2b9d1d9249ae41_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:5924a7e64d6031aa926f9ecb9ee3be30d8251c4705813a9bef6716d18b7411b4_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:f441a07265d87fb59ee375723e98fbc9af5f3fd5a2c09761692b0e271205f0bb_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:af7bbec8e30b0e0d8393fe1e2bd656d7630b7c9828536be6664fa848fac61505_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:cf4e879101bc4e3666649dda0926de8bbd95e641dc6832c29dc457128256eb6c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:331f8435e1bd3dec98947a24346873d09056e37e2d7ed83a463098dbf9f31a47_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:5e83e352d083892699338da3fa4c9b8218561e7167b4dff102d22e401cbc7f75_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:86ca44b014be65651b83a49a38c0784dee640b491b935e3ed5f3d49d84d55362_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f9ee33c1c4d7f2a872861c9ad1dbb78ba8fed3ab562ae90f12f06a892147e367_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:0ea603487b204f43ebddb1514500cdeaa02a0b763a627e4e10979deec60b7d28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:29ff94de29714044377d060db9ad47f151afec858c8fc127c94ff04adbb984b7_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:2b6c00ee23df974d22c185b592ef4d7babbb76bcadc129a04c869f9983630103_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:e7c4da685e08c79d5b49e9f12ff5efa7cc7d9e26a03c91ab19f86c99e9f4ac23_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:25077a998c7b6ec7e8122026f2152419a0efe293a00899bb745a66a57f913848_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:5178d3800d74d84a6282a7ddc888eea9b81d62c8a385ad57bb742fa28fb0f575_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:9070f6741e667a4a145ede8dc67d4f7545944ef5fe4937fdcb1a08e9f537e068_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:a7efdef6ef06af0aa97de86ebd0c0ccfc316719195289dfa835261da53b06589_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2dd15cd61e1e5d98791a68bb513572b82ce5d799dd3fa864d43a8134536b19ff_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:37938821d832d7b957aa6f9b4a468c0eed785625c2bb8257726b4dc094bab9bd_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:e94a31493c7207846ab5d13387311e9a6d99ffa7885d1b8faa8602750059c2a3_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:eb0500f30373c5bcf3e10e27b081f97e5ce8b29a71dde9ff9b7e1066fd5dd80e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:22c745e5d04f7a0d9b188bf6657b1de053c61d99d813f11f6819550ef2a96732_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:49495dd44b7956a5e1bed226a896be649a07cd1b1f915de31d39041a77f6cdb5_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:741b836350d9ec48109468382c81066f401ebb4712ca414d44e3042894111419_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:9cf7f5bdebf6b53fce9cfed4fe530c380f36bb1d60120b53c06043371863d4e6_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:3dd54b885e3d63e5882284bf4878aa723c1fef6833601ed5d5a091b6b74c68d1_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:83f773633a864b707c7e371bd554f79622b999a1ecef4b1cd368e0dd72b7a9ad_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:4a356900b1daca75092b8eac5c1d16f38703941caebba5ddec48120e854bd7e9_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:a26699523e44b43a0f237ee664b3574cbea8d11576bd4bc884c3766c0effb8df_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:1a85e42e32534b58410c519b4d8f7d84fe6ff96567612f18f4bd558fa3c895a6_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef72689e332c4e224a80603ffbcc1603cdf8fe4230b9fd60e7713f0b5c2d5045_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:1c15c95b65bfbcc620d4d429431eabca8f4714d32a38aa68cb15c549e1a6ce4c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:659acd52802b6f2300c223bcde827f1d9b80ac9a93fdb6f574fcb5a08b92607c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:6f44d3b3973c34677d347a67841dbfabd23817de1b5c26967f1b9952c27b48c8_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:b84eb1329e837895ca50d3284553e195918fefc71bdb9dc2550a90b2d927b6eb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-operator-bundle@sha256:74968eea50e067a335e830cfde6d8bf3cd130a9eba77ce918e25e252b7c1541e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:53a8389250e59e7c9f5a9a61914cac361946b256132649bd45f775c8f36b486a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:890b0e4467cdfd68985af367a6d015ff7e92a2b6a1f46e2c2bf233c3d621f1a8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:9f667eb88f5b085ec40b8b06e5f42cf6a0ced0913d7d2b0402cd0472eb4b428c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:eedab7e6fd4adb2bd697e8cbcbd6703291d9fe5d2a3a048e8c34d9529586c93a_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:12ac94419811458fb309d417091e279d485c4a665899d3a7d3157b8b32c1b03d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:4318d360c3a968ee79ef68979105ee5ffb93137757a3b4a6c42c15e6cf6b11ba_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:ba6188d3d284f030f90e117c87501a8d08c4b356383429ad39806472113aa41b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:05c7ffbd4dfa1f6ef760ed86f142d84d4c42583fa0b747eedc234763bef74ebb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:883f4ae255413c1409d3fb607f91fdf13badf534c5e8f78d9905c8da69cdeeed_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:b7f375f2f1f4eb828ee8255143143385c4662aab967c007a89954903c8a7c27f_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:d29d106e6c0f6a3ae971903a16cf4a564950bcf5336219eb6665cae98b824d33_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:5a2db37676e0f0b05fe2a8c5f82bb489ff3c8dd80f94b9fb3540488ab39ff6ca_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:bab28cfa3596192875dbf305a4ed7432db0ebebec604053d30895931818740cd_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-69223"
},
{
"category": "external",
"summary": "RHBZ#2427456",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2427456"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-69223",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69223"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-69223",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69223"
},
{
"category": "external",
"summary": "https://github.com/aio-libs/aiohttp/commit/2b920c39002cee0ec5b402581779bbaaf7c9138a",
"url": "https://github.com/aio-libs/aiohttp/commit/2b920c39002cee0ec5b402581779bbaaf7c9138a"
},
{
"category": "external",
"summary": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-6mq8-rvhq-8wgg",
"url": "https://github.com/aio-libs/aiohttp/security/advisories/GHSA-6mq8-rvhq-8wgg"
}
],
"release_date": "2026-01-05T22:00:17.715000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-12T22:43:13+00:00",
"details": "For Red Hat OpenShift AI 2.25.2 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:114fd9b55f5ea28a16c3fe2eef773a4cb4693c1885ef6193399cfea278191acb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:6490c1848b373efe6c327f8959e06b66b1ac3fe0f90fa697f7309d9f48c66765_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:816d8f81196bb0acfe5bbc792f9768916724bdecea3671172412eeb6948c4ff7_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:84739168d6ea2813c5b9666773166649a6b328a279dac80b61c51311a6a2943a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2695"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:2c98b3b933276dbcead1fde142bfcd3f130d89e6812c6b433da7eed650ae2dbc_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:53c79641084ebe6c98274b31e34cc1a759b1443b96cf7dc45317008a30b1fc8d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4333242b1f6f25f8656bd612870d02868f3724d80cf542c8d78ada49a8ad9cb2_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4519eccf48b1f2393bab39980fadde7e398cfff1933b78e9565029f95296ff05_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:a15b54532e9e06d91abce8fd7becf2aa3bfbce56f231036e25e9ffed15760f74_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:ce1e29736422aa55f1a3837fc38a365fbc1096d58b6794cca84ff907da273917_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:42f631d436d62d7399ca3ef8fd89a334c7839823c8e6ffafe2cdd32ee36493bb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:56615395c62e26f3ef9bd267c0d5245331b8c67508df4bd8bbc83d72c4ef3b99_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:84a87320bee17439c05d2c6a1edf3b7e83b2f7ebfdd850399d12635e58da4d55_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:04a821296c01da5155ab36d9381b962866c26e9c7516f321ffe440b7fa13b4c5_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:33aaad4cc22d1e2998e4710cc644f4032bec8f140e5236fdc83d520a869626ef_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:d2cb739f949dc4ec9617bb9470a8482a8011077043e06e735ab0c9d7d1cac381_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:12d3d74ffbd7eb3a4817952835ab9bf5b89edf4fc9af661a28ec009f3251a519_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:1fb43684436f6b55152aab553177df048d5bb267c5efbc61f0f27cdbb0848957_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:c51fe06b557fa20d78af7b12cf6c6ddc3227f44f3957a52f3037c25700cfadb2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:1e1d5fad0aecf93b79b21112360aa0c308654c5b5df829cd3144488f8e217af4_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:72f613c382aac012e2e79e800df50c210f41693cc2aaa5b99cb28ab38f1966c8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7f027d05df255e62828ab28d5f188655fc125bc4ead872c7a33cedaf47b12f8c_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:cf586b7cb58dff92e7f31b8b9ebe5c971e55c67b8ba2c3320d2b71183c88fc7c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:2df297674884e6ac297bae685f80741489ddf1e1d0ae1d5ec354917dff1acdda_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:7af31fef4a2269c2cf444420048ea644c9949714e9a63417fe6d7288abee457b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:3ca10a19a0706af65bb590403adad92114810bf0ac64a89d6ac1d862e4cec671_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:56a321957afd15d357c8b53fc50299c0811981e8b925e64858dc7c4cfcea1993_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:633bfd24f1396c150b5902407879e7b26e7681074772fbbfeccc4d48cbe77b19_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:ff09ee957797fa15208f9130e246ae006c385cc799573a71d31aff9ddf0e805d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:1d258fe98c2477e4256a9b936f412f2501fb7ca9e3b810347f9712e0d5ce5c92_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:e8ccea3bfafbde4d5b91cc7b7732b2b64d6aa08499b5ca63b4d8f1e980291351_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:5bd1065dca1978c49c0143e2be4e921465c6a67fa786ab2a9254f0790259096e_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:8b34aaf5a7729ef1ccd01f2b1b1e3439b304343f3403de67f68255015206fbf4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:ade80e2ecb6fa56c20539e11677c29e57a1e20b5ce60f8414fd8ff3e83c9bc28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:3439c67a60c8323eb88f0181e8f811e5bdd7b51169f8b8cc687ab2148d1bfabe_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:820fd80dbce2d9d9cdf38989ce84ee5601e862786a732ad108fc319e28131944_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:d9a6959a71074ffc5ec0fa324af389fbd8277efbd22a827cef8a439b18cd2bcf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:8e9dbdc213745aa0990f47e50b1d899ac2121951b9346420131d76cc393a493a_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:95ca9b1ecee8f11d6edabd7af76f60d2987df91d11fd0fb4c6578df735717422_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:f01860f904557f887d8aafe42143c63352d6cb496dc727c265f14e3c2d296e06_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:1c76d957c8588ea2987d4b551bbefc2ef07c546cbaeb3148caff06f640b35ade_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:68e9797f37f8e4de817ee4e1cba7d583b541db2373c5d250ccc3344820720b85_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:7f362050312693129d3a15b6eed4fa06576d6529a99bc864f273c55145ae14ec_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:114fd9b55f5ea28a16c3fe2eef773a4cb4693c1885ef6193399cfea278191acb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:6490c1848b373efe6c327f8959e06b66b1ac3fe0f90fa697f7309d9f48c66765_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:816d8f81196bb0acfe5bbc792f9768916724bdecea3671172412eeb6948c4ff7_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:1e66abc3373c50b5ef69b0c63bf877a978e3aa0a368630973cf0a2be7374becf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:9c061b939c8094f4939cd183da381ad8e49d878cc2fdd373b8d26eecae07ab6d_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f0511f3768e51b6801b66c91b302010e6197facb71a0b7777c4d3ad3039b6c88_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:3e70ae3e8b5f776ad3e2a184a1f2f572de5c46386f34edb99e2b9d1d9249ae41_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:5924a7e64d6031aa926f9ecb9ee3be30d8251c4705813a9bef6716d18b7411b4_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:f441a07265d87fb59ee375723e98fbc9af5f3fd5a2c09761692b0e271205f0bb_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:af7bbec8e30b0e0d8393fe1e2bd656d7630b7c9828536be6664fa848fac61505_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:cf4e879101bc4e3666649dda0926de8bbd95e641dc6832c29dc457128256eb6c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:331f8435e1bd3dec98947a24346873d09056e37e2d7ed83a463098dbf9f31a47_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:5e83e352d083892699338da3fa4c9b8218561e7167b4dff102d22e401cbc7f75_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:86ca44b014be65651b83a49a38c0784dee640b491b935e3ed5f3d49d84d55362_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f9ee33c1c4d7f2a872861c9ad1dbb78ba8fed3ab562ae90f12f06a892147e367_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:0ea603487b204f43ebddb1514500cdeaa02a0b763a627e4e10979deec60b7d28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:29ff94de29714044377d060db9ad47f151afec858c8fc127c94ff04adbb984b7_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:2b6c00ee23df974d22c185b592ef4d7babbb76bcadc129a04c869f9983630103_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:e7c4da685e08c79d5b49e9f12ff5efa7cc7d9e26a03c91ab19f86c99e9f4ac23_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:25077a998c7b6ec7e8122026f2152419a0efe293a00899bb745a66a57f913848_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:5178d3800d74d84a6282a7ddc888eea9b81d62c8a385ad57bb742fa28fb0f575_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:9070f6741e667a4a145ede8dc67d4f7545944ef5fe4937fdcb1a08e9f537e068_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:a7efdef6ef06af0aa97de86ebd0c0ccfc316719195289dfa835261da53b06589_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2dd15cd61e1e5d98791a68bb513572b82ce5d799dd3fa864d43a8134536b19ff_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:37938821d832d7b957aa6f9b4a468c0eed785625c2bb8257726b4dc094bab9bd_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:e94a31493c7207846ab5d13387311e9a6d99ffa7885d1b8faa8602750059c2a3_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:eb0500f30373c5bcf3e10e27b081f97e5ce8b29a71dde9ff9b7e1066fd5dd80e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:22c745e5d04f7a0d9b188bf6657b1de053c61d99d813f11f6819550ef2a96732_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:49495dd44b7956a5e1bed226a896be649a07cd1b1f915de31d39041a77f6cdb5_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:741b836350d9ec48109468382c81066f401ebb4712ca414d44e3042894111419_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:9cf7f5bdebf6b53fce9cfed4fe530c380f36bb1d60120b53c06043371863d4e6_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:3dd54b885e3d63e5882284bf4878aa723c1fef6833601ed5d5a091b6b74c68d1_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:83f773633a864b707c7e371bd554f79622b999a1ecef4b1cd368e0dd72b7a9ad_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:4a356900b1daca75092b8eac5c1d16f38703941caebba5ddec48120e854bd7e9_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:a26699523e44b43a0f237ee664b3574cbea8d11576bd4bc884c3766c0effb8df_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:1a85e42e32534b58410c519b4d8f7d84fe6ff96567612f18f4bd558fa3c895a6_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef72689e332c4e224a80603ffbcc1603cdf8fe4230b9fd60e7713f0b5c2d5045_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:1c15c95b65bfbcc620d4d429431eabca8f4714d32a38aa68cb15c549e1a6ce4c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:659acd52802b6f2300c223bcde827f1d9b80ac9a93fdb6f574fcb5a08b92607c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:6f44d3b3973c34677d347a67841dbfabd23817de1b5c26967f1b9952c27b48c8_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:b84eb1329e837895ca50d3284553e195918fefc71bdb9dc2550a90b2d927b6eb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:84739168d6ea2813c5b9666773166649a6b328a279dac80b61c51311a6a2943a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-operator-bundle@sha256:74968eea50e067a335e830cfde6d8bf3cd130a9eba77ce918e25e252b7c1541e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:53a8389250e59e7c9f5a9a61914cac361946b256132649bd45f775c8f36b486a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:890b0e4467cdfd68985af367a6d015ff7e92a2b6a1f46e2c2bf233c3d621f1a8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:9f667eb88f5b085ec40b8b06e5f42cf6a0ced0913d7d2b0402cd0472eb4b428c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:eedab7e6fd4adb2bd697e8cbcbd6703291d9fe5d2a3a048e8c34d9529586c93a_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:12ac94419811458fb309d417091e279d485c4a665899d3a7d3157b8b32c1b03d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:4318d360c3a968ee79ef68979105ee5ffb93137757a3b4a6c42c15e6cf6b11ba_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:ba6188d3d284f030f90e117c87501a8d08c4b356383429ad39806472113aa41b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:05c7ffbd4dfa1f6ef760ed86f142d84d4c42583fa0b747eedc234763bef74ebb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:883f4ae255413c1409d3fb607f91fdf13badf534c5e8f78d9905c8da69cdeeed_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:b7f375f2f1f4eb828ee8255143143385c4662aab967c007a89954903c8a7c27f_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:d29d106e6c0f6a3ae971903a16cf4a564950bcf5336219eb6665cae98b824d33_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:5a2db37676e0f0b05fe2a8c5f82bb489ff3c8dd80f94b9fb3540488ab39ff6ca_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:bab28cfa3596192875dbf305a4ed7432db0ebebec604053d30895931818740cd_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:2c98b3b933276dbcead1fde142bfcd3f130d89e6812c6b433da7eed650ae2dbc_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:53c79641084ebe6c98274b31e34cc1a759b1443b96cf7dc45317008a30b1fc8d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4333242b1f6f25f8656bd612870d02868f3724d80cf542c8d78ada49a8ad9cb2_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4519eccf48b1f2393bab39980fadde7e398cfff1933b78e9565029f95296ff05_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:a15b54532e9e06d91abce8fd7becf2aa3bfbce56f231036e25e9ffed15760f74_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:ce1e29736422aa55f1a3837fc38a365fbc1096d58b6794cca84ff907da273917_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:42f631d436d62d7399ca3ef8fd89a334c7839823c8e6ffafe2cdd32ee36493bb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:56615395c62e26f3ef9bd267c0d5245331b8c67508df4bd8bbc83d72c4ef3b99_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:84a87320bee17439c05d2c6a1edf3b7e83b2f7ebfdd850399d12635e58da4d55_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:04a821296c01da5155ab36d9381b962866c26e9c7516f321ffe440b7fa13b4c5_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:33aaad4cc22d1e2998e4710cc644f4032bec8f140e5236fdc83d520a869626ef_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:d2cb739f949dc4ec9617bb9470a8482a8011077043e06e735ab0c9d7d1cac381_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:12d3d74ffbd7eb3a4817952835ab9bf5b89edf4fc9af661a28ec009f3251a519_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:1fb43684436f6b55152aab553177df048d5bb267c5efbc61f0f27cdbb0848957_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:c51fe06b557fa20d78af7b12cf6c6ddc3227f44f3957a52f3037c25700cfadb2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:1e1d5fad0aecf93b79b21112360aa0c308654c5b5df829cd3144488f8e217af4_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:72f613c382aac012e2e79e800df50c210f41693cc2aaa5b99cb28ab38f1966c8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7f027d05df255e62828ab28d5f188655fc125bc4ead872c7a33cedaf47b12f8c_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:cf586b7cb58dff92e7f31b8b9ebe5c971e55c67b8ba2c3320d2b71183c88fc7c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:2df297674884e6ac297bae685f80741489ddf1e1d0ae1d5ec354917dff1acdda_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:7af31fef4a2269c2cf444420048ea644c9949714e9a63417fe6d7288abee457b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:3ca10a19a0706af65bb590403adad92114810bf0ac64a89d6ac1d862e4cec671_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:56a321957afd15d357c8b53fc50299c0811981e8b925e64858dc7c4cfcea1993_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:633bfd24f1396c150b5902407879e7b26e7681074772fbbfeccc4d48cbe77b19_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:ff09ee957797fa15208f9130e246ae006c385cc799573a71d31aff9ddf0e805d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:1d258fe98c2477e4256a9b936f412f2501fb7ca9e3b810347f9712e0d5ce5c92_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:e8ccea3bfafbde4d5b91cc7b7732b2b64d6aa08499b5ca63b4d8f1e980291351_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:5bd1065dca1978c49c0143e2be4e921465c6a67fa786ab2a9254f0790259096e_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:8b34aaf5a7729ef1ccd01f2b1b1e3439b304343f3403de67f68255015206fbf4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:ade80e2ecb6fa56c20539e11677c29e57a1e20b5ce60f8414fd8ff3e83c9bc28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:3439c67a60c8323eb88f0181e8f811e5bdd7b51169f8b8cc687ab2148d1bfabe_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:820fd80dbce2d9d9cdf38989ce84ee5601e862786a732ad108fc319e28131944_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:d9a6959a71074ffc5ec0fa324af389fbd8277efbd22a827cef8a439b18cd2bcf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:8e9dbdc213745aa0990f47e50b1d899ac2121951b9346420131d76cc393a493a_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:95ca9b1ecee8f11d6edabd7af76f60d2987df91d11fd0fb4c6578df735717422_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:f01860f904557f887d8aafe42143c63352d6cb496dc727c265f14e3c2d296e06_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:1c76d957c8588ea2987d4b551bbefc2ef07c546cbaeb3148caff06f640b35ade_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:68e9797f37f8e4de817ee4e1cba7d583b541db2373c5d250ccc3344820720b85_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:7f362050312693129d3a15b6eed4fa06576d6529a99bc864f273c55145ae14ec_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:114fd9b55f5ea28a16c3fe2eef773a4cb4693c1885ef6193399cfea278191acb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:6490c1848b373efe6c327f8959e06b66b1ac3fe0f90fa697f7309d9f48c66765_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:816d8f81196bb0acfe5bbc792f9768916724bdecea3671172412eeb6948c4ff7_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:1e66abc3373c50b5ef69b0c63bf877a978e3aa0a368630973cf0a2be7374becf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:9c061b939c8094f4939cd183da381ad8e49d878cc2fdd373b8d26eecae07ab6d_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f0511f3768e51b6801b66c91b302010e6197facb71a0b7777c4d3ad3039b6c88_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:3e70ae3e8b5f776ad3e2a184a1f2f572de5c46386f34edb99e2b9d1d9249ae41_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:5924a7e64d6031aa926f9ecb9ee3be30d8251c4705813a9bef6716d18b7411b4_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:f441a07265d87fb59ee375723e98fbc9af5f3fd5a2c09761692b0e271205f0bb_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:af7bbec8e30b0e0d8393fe1e2bd656d7630b7c9828536be6664fa848fac61505_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:cf4e879101bc4e3666649dda0926de8bbd95e641dc6832c29dc457128256eb6c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:331f8435e1bd3dec98947a24346873d09056e37e2d7ed83a463098dbf9f31a47_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:5e83e352d083892699338da3fa4c9b8218561e7167b4dff102d22e401cbc7f75_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:86ca44b014be65651b83a49a38c0784dee640b491b935e3ed5f3d49d84d55362_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f9ee33c1c4d7f2a872861c9ad1dbb78ba8fed3ab562ae90f12f06a892147e367_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:0ea603487b204f43ebddb1514500cdeaa02a0b763a627e4e10979deec60b7d28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:29ff94de29714044377d060db9ad47f151afec858c8fc127c94ff04adbb984b7_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:2b6c00ee23df974d22c185b592ef4d7babbb76bcadc129a04c869f9983630103_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:e7c4da685e08c79d5b49e9f12ff5efa7cc7d9e26a03c91ab19f86c99e9f4ac23_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:25077a998c7b6ec7e8122026f2152419a0efe293a00899bb745a66a57f913848_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:5178d3800d74d84a6282a7ddc888eea9b81d62c8a385ad57bb742fa28fb0f575_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:9070f6741e667a4a145ede8dc67d4f7545944ef5fe4937fdcb1a08e9f537e068_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:a7efdef6ef06af0aa97de86ebd0c0ccfc316719195289dfa835261da53b06589_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2dd15cd61e1e5d98791a68bb513572b82ce5d799dd3fa864d43a8134536b19ff_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:37938821d832d7b957aa6f9b4a468c0eed785625c2bb8257726b4dc094bab9bd_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:e94a31493c7207846ab5d13387311e9a6d99ffa7885d1b8faa8602750059c2a3_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:eb0500f30373c5bcf3e10e27b081f97e5ce8b29a71dde9ff9b7e1066fd5dd80e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:22c745e5d04f7a0d9b188bf6657b1de053c61d99d813f11f6819550ef2a96732_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:49495dd44b7956a5e1bed226a896be649a07cd1b1f915de31d39041a77f6cdb5_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:741b836350d9ec48109468382c81066f401ebb4712ca414d44e3042894111419_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:9cf7f5bdebf6b53fce9cfed4fe530c380f36bb1d60120b53c06043371863d4e6_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:3dd54b885e3d63e5882284bf4878aa723c1fef6833601ed5d5a091b6b74c68d1_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:83f773633a864b707c7e371bd554f79622b999a1ecef4b1cd368e0dd72b7a9ad_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:4a356900b1daca75092b8eac5c1d16f38703941caebba5ddec48120e854bd7e9_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:a26699523e44b43a0f237ee664b3574cbea8d11576bd4bc884c3766c0effb8df_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:1a85e42e32534b58410c519b4d8f7d84fe6ff96567612f18f4bd558fa3c895a6_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef72689e332c4e224a80603ffbcc1603cdf8fe4230b9fd60e7713f0b5c2d5045_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:1c15c95b65bfbcc620d4d429431eabca8f4714d32a38aa68cb15c549e1a6ce4c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:659acd52802b6f2300c223bcde827f1d9b80ac9a93fdb6f574fcb5a08b92607c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:6f44d3b3973c34677d347a67841dbfabd23817de1b5c26967f1b9952c27b48c8_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:b84eb1329e837895ca50d3284553e195918fefc71bdb9dc2550a90b2d927b6eb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:84739168d6ea2813c5b9666773166649a6b328a279dac80b61c51311a6a2943a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-operator-bundle@sha256:74968eea50e067a335e830cfde6d8bf3cd130a9eba77ce918e25e252b7c1541e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:53a8389250e59e7c9f5a9a61914cac361946b256132649bd45f775c8f36b486a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:890b0e4467cdfd68985af367a6d015ff7e92a2b6a1f46e2c2bf233c3d621f1a8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:9f667eb88f5b085ec40b8b06e5f42cf6a0ced0913d7d2b0402cd0472eb4b428c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:eedab7e6fd4adb2bd697e8cbcbd6703291d9fe5d2a3a048e8c34d9529586c93a_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:12ac94419811458fb309d417091e279d485c4a665899d3a7d3157b8b32c1b03d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:4318d360c3a968ee79ef68979105ee5ffb93137757a3b4a6c42c15e6cf6b11ba_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:ba6188d3d284f030f90e117c87501a8d08c4b356383429ad39806472113aa41b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:05c7ffbd4dfa1f6ef760ed86f142d84d4c42583fa0b747eedc234763bef74ebb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:883f4ae255413c1409d3fb607f91fdf13badf534c5e8f78d9905c8da69cdeeed_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:b7f375f2f1f4eb828ee8255143143385c4662aab967c007a89954903c8a7c27f_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:d29d106e6c0f6a3ae971903a16cf4a564950bcf5336219eb6665cae98b824d33_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:5a2db37676e0f0b05fe2a8c5f82bb489ff3c8dd80f94b9fb3540488ab39ff6ca_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:bab28cfa3596192875dbf305a4ed7432db0ebebec604053d30895931818740cd_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "aiohttp: AIOHTTP\u0027s HTTP Parser auto_decompress feature is vulnerable to zip bomb"
},
{
"cve": "CVE-2026-21441",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2026-01-07T23:01:59.422078+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:2c98b3b933276dbcead1fde142bfcd3f130d89e6812c6b433da7eed650ae2dbc_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:53c79641084ebe6c98274b31e34cc1a759b1443b96cf7dc45317008a30b1fc8d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4333242b1f6f25f8656bd612870d02868f3724d80cf542c8d78ada49a8ad9cb2_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4519eccf48b1f2393bab39980fadde7e398cfff1933b78e9565029f95296ff05_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:a15b54532e9e06d91abce8fd7becf2aa3bfbce56f231036e25e9ffed15760f74_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:ce1e29736422aa55f1a3837fc38a365fbc1096d58b6794cca84ff907da273917_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:42f631d436d62d7399ca3ef8fd89a334c7839823c8e6ffafe2cdd32ee36493bb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:56615395c62e26f3ef9bd267c0d5245331b8c67508df4bd8bbc83d72c4ef3b99_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:84a87320bee17439c05d2c6a1edf3b7e83b2f7ebfdd850399d12635e58da4d55_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:04a821296c01da5155ab36d9381b962866c26e9c7516f321ffe440b7fa13b4c5_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:33aaad4cc22d1e2998e4710cc644f4032bec8f140e5236fdc83d520a869626ef_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:d2cb739f949dc4ec9617bb9470a8482a8011077043e06e735ab0c9d7d1cac381_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:12d3d74ffbd7eb3a4817952835ab9bf5b89edf4fc9af661a28ec009f3251a519_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:1fb43684436f6b55152aab553177df048d5bb267c5efbc61f0f27cdbb0848957_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:c51fe06b557fa20d78af7b12cf6c6ddc3227f44f3957a52f3037c25700cfadb2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:1e1d5fad0aecf93b79b21112360aa0c308654c5b5df829cd3144488f8e217af4_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:72f613c382aac012e2e79e800df50c210f41693cc2aaa5b99cb28ab38f1966c8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7f027d05df255e62828ab28d5f188655fc125bc4ead872c7a33cedaf47b12f8c_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:cf586b7cb58dff92e7f31b8b9ebe5c971e55c67b8ba2c3320d2b71183c88fc7c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:2df297674884e6ac297bae685f80741489ddf1e1d0ae1d5ec354917dff1acdda_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:7af31fef4a2269c2cf444420048ea644c9949714e9a63417fe6d7288abee457b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:3ca10a19a0706af65bb590403adad92114810bf0ac64a89d6ac1d862e4cec671_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:56a321957afd15d357c8b53fc50299c0811981e8b925e64858dc7c4cfcea1993_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:633bfd24f1396c150b5902407879e7b26e7681074772fbbfeccc4d48cbe77b19_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:ff09ee957797fa15208f9130e246ae006c385cc799573a71d31aff9ddf0e805d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:1d258fe98c2477e4256a9b936f412f2501fb7ca9e3b810347f9712e0d5ce5c92_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:e8ccea3bfafbde4d5b91cc7b7732b2b64d6aa08499b5ca63b4d8f1e980291351_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:5bd1065dca1978c49c0143e2be4e921465c6a67fa786ab2a9254f0790259096e_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:8b34aaf5a7729ef1ccd01f2b1b1e3439b304343f3403de67f68255015206fbf4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:ade80e2ecb6fa56c20539e11677c29e57a1e20b5ce60f8414fd8ff3e83c9bc28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:3439c67a60c8323eb88f0181e8f811e5bdd7b51169f8b8cc687ab2148d1bfabe_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:820fd80dbce2d9d9cdf38989ce84ee5601e862786a732ad108fc319e28131944_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:d9a6959a71074ffc5ec0fa324af389fbd8277efbd22a827cef8a439b18cd2bcf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:8e9dbdc213745aa0990f47e50b1d899ac2121951b9346420131d76cc393a493a_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:95ca9b1ecee8f11d6edabd7af76f60d2987df91d11fd0fb4c6578df735717422_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:f01860f904557f887d8aafe42143c63352d6cb496dc727c265f14e3c2d296e06_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:1c76d957c8588ea2987d4b551bbefc2ef07c546cbaeb3148caff06f640b35ade_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:68e9797f37f8e4de817ee4e1cba7d583b541db2373c5d250ccc3344820720b85_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:7f362050312693129d3a15b6eed4fa06576d6529a99bc864f273c55145ae14ec_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:1e66abc3373c50b5ef69b0c63bf877a978e3aa0a368630973cf0a2be7374becf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:9c061b939c8094f4939cd183da381ad8e49d878cc2fdd373b8d26eecae07ab6d_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f0511f3768e51b6801b66c91b302010e6197facb71a0b7777c4d3ad3039b6c88_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:3e70ae3e8b5f776ad3e2a184a1f2f572de5c46386f34edb99e2b9d1d9249ae41_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:5924a7e64d6031aa926f9ecb9ee3be30d8251c4705813a9bef6716d18b7411b4_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:f441a07265d87fb59ee375723e98fbc9af5f3fd5a2c09761692b0e271205f0bb_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:af7bbec8e30b0e0d8393fe1e2bd656d7630b7c9828536be6664fa848fac61505_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:cf4e879101bc4e3666649dda0926de8bbd95e641dc6832c29dc457128256eb6c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:331f8435e1bd3dec98947a24346873d09056e37e2d7ed83a463098dbf9f31a47_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:5e83e352d083892699338da3fa4c9b8218561e7167b4dff102d22e401cbc7f75_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:86ca44b014be65651b83a49a38c0784dee640b491b935e3ed5f3d49d84d55362_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f9ee33c1c4d7f2a872861c9ad1dbb78ba8fed3ab562ae90f12f06a892147e367_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:0ea603487b204f43ebddb1514500cdeaa02a0b763a627e4e10979deec60b7d28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:29ff94de29714044377d060db9ad47f151afec858c8fc127c94ff04adbb984b7_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:2b6c00ee23df974d22c185b592ef4d7babbb76bcadc129a04c869f9983630103_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:e7c4da685e08c79d5b49e9f12ff5efa7cc7d9e26a03c91ab19f86c99e9f4ac23_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:25077a998c7b6ec7e8122026f2152419a0efe293a00899bb745a66a57f913848_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:5178d3800d74d84a6282a7ddc888eea9b81d62c8a385ad57bb742fa28fb0f575_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:9070f6741e667a4a145ede8dc67d4f7545944ef5fe4937fdcb1a08e9f537e068_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:a7efdef6ef06af0aa97de86ebd0c0ccfc316719195289dfa835261da53b06589_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2dd15cd61e1e5d98791a68bb513572b82ce5d799dd3fa864d43a8134536b19ff_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:37938821d832d7b957aa6f9b4a468c0eed785625c2bb8257726b4dc094bab9bd_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:e94a31493c7207846ab5d13387311e9a6d99ffa7885d1b8faa8602750059c2a3_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:eb0500f30373c5bcf3e10e27b081f97e5ce8b29a71dde9ff9b7e1066fd5dd80e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:22c745e5d04f7a0d9b188bf6657b1de053c61d99d813f11f6819550ef2a96732_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:49495dd44b7956a5e1bed226a896be649a07cd1b1f915de31d39041a77f6cdb5_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:741b836350d9ec48109468382c81066f401ebb4712ca414d44e3042894111419_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:9cf7f5bdebf6b53fce9cfed4fe530c380f36bb1d60120b53c06043371863d4e6_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:3dd54b885e3d63e5882284bf4878aa723c1fef6833601ed5d5a091b6b74c68d1_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:83f773633a864b707c7e371bd554f79622b999a1ecef4b1cd368e0dd72b7a9ad_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:1a85e42e32534b58410c519b4d8f7d84fe6ff96567612f18f4bd558fa3c895a6_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef72689e332c4e224a80603ffbcc1603cdf8fe4230b9fd60e7713f0b5c2d5045_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:1c15c95b65bfbcc620d4d429431eabca8f4714d32a38aa68cb15c549e1a6ce4c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:659acd52802b6f2300c223bcde827f1d9b80ac9a93fdb6f574fcb5a08b92607c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:6f44d3b3973c34677d347a67841dbfabd23817de1b5c26967f1b9952c27b48c8_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:b84eb1329e837895ca50d3284553e195918fefc71bdb9dc2550a90b2d927b6eb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:84739168d6ea2813c5b9666773166649a6b328a279dac80b61c51311a6a2943a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-operator-bundle@sha256:74968eea50e067a335e830cfde6d8bf3cd130a9eba77ce918e25e252b7c1541e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:53a8389250e59e7c9f5a9a61914cac361946b256132649bd45f775c8f36b486a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:890b0e4467cdfd68985af367a6d015ff7e92a2b6a1f46e2c2bf233c3d621f1a8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:9f667eb88f5b085ec40b8b06e5f42cf6a0ced0913d7d2b0402cd0472eb4b428c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:eedab7e6fd4adb2bd697e8cbcbd6703291d9fe5d2a3a048e8c34d9529586c93a_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:12ac94419811458fb309d417091e279d485c4a665899d3a7d3157b8b32c1b03d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:4318d360c3a968ee79ef68979105ee5ffb93137757a3b4a6c42c15e6cf6b11ba_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:ba6188d3d284f030f90e117c87501a8d08c4b356383429ad39806472113aa41b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:05c7ffbd4dfa1f6ef760ed86f142d84d4c42583fa0b747eedc234763bef74ebb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:883f4ae255413c1409d3fb607f91fdf13badf534c5e8f78d9905c8da69cdeeed_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:b7f375f2f1f4eb828ee8255143143385c4662aab967c007a89954903c8a7c27f_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:d29d106e6c0f6a3ae971903a16cf4a564950bcf5336219eb6665cae98b824d33_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:5a2db37676e0f0b05fe2a8c5f82bb489ff3c8dd80f94b9fb3540488ab39ff6ca_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:bab28cfa3596192875dbf305a4ed7432db0ebebec604053d30895931818740cd_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2427726"
}
],
"notes": [
{
"category": "description",
"text": "urllib3 is an HTTP client library for Python. urllib3\u0027s streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP `Content-Encoding` header (e.g., `gzip`, `deflate`, `br`, or `zstd`). When using the streaming API, the library decompresses only the necessary bytes, enabling partial content consumption. Starting in version 1.22 and prior to version 2.6.3, for HTTP redirect responses, the library would read the entire response body to drain the connection and decompress the content unnecessarily. This decompression occurred even before any read methods were called, and configured read limits did not restrict the amount of decompressed data. As a result, there was no safeguard against decompression bombs. A malicious server could exploit this to trigger excessive resource consumption on the client. Applications and libraries are affected when they stream content from untrusted sources by setting `preload_content=False` when they do not disable redirects. Users should upgrade to at least urllib3 v2.6.3, in which the library does not decode content of redirect responses when `preload_content=False`. If upgrading is not immediately possible, disable redirects by setting `redirect=False` for requests to untrusted source.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:114fd9b55f5ea28a16c3fe2eef773a4cb4693c1885ef6193399cfea278191acb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:6490c1848b373efe6c327f8959e06b66b1ac3fe0f90fa697f7309d9f48c66765_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:816d8f81196bb0acfe5bbc792f9768916724bdecea3671172412eeb6948c4ff7_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:4a356900b1daca75092b8eac5c1d16f38703941caebba5ddec48120e854bd7e9_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:a26699523e44b43a0f237ee664b3574cbea8d11576bd4bc884c3766c0effb8df_arm64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:2c98b3b933276dbcead1fde142bfcd3f130d89e6812c6b433da7eed650ae2dbc_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:53c79641084ebe6c98274b31e34cc1a759b1443b96cf7dc45317008a30b1fc8d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4333242b1f6f25f8656bd612870d02868f3724d80cf542c8d78ada49a8ad9cb2_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4519eccf48b1f2393bab39980fadde7e398cfff1933b78e9565029f95296ff05_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:a15b54532e9e06d91abce8fd7becf2aa3bfbce56f231036e25e9ffed15760f74_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:ce1e29736422aa55f1a3837fc38a365fbc1096d58b6794cca84ff907da273917_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:42f631d436d62d7399ca3ef8fd89a334c7839823c8e6ffafe2cdd32ee36493bb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:56615395c62e26f3ef9bd267c0d5245331b8c67508df4bd8bbc83d72c4ef3b99_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:84a87320bee17439c05d2c6a1edf3b7e83b2f7ebfdd850399d12635e58da4d55_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:04a821296c01da5155ab36d9381b962866c26e9c7516f321ffe440b7fa13b4c5_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:33aaad4cc22d1e2998e4710cc644f4032bec8f140e5236fdc83d520a869626ef_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:d2cb739f949dc4ec9617bb9470a8482a8011077043e06e735ab0c9d7d1cac381_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:12d3d74ffbd7eb3a4817952835ab9bf5b89edf4fc9af661a28ec009f3251a519_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:1fb43684436f6b55152aab553177df048d5bb267c5efbc61f0f27cdbb0848957_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:c51fe06b557fa20d78af7b12cf6c6ddc3227f44f3957a52f3037c25700cfadb2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:1e1d5fad0aecf93b79b21112360aa0c308654c5b5df829cd3144488f8e217af4_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:72f613c382aac012e2e79e800df50c210f41693cc2aaa5b99cb28ab38f1966c8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7f027d05df255e62828ab28d5f188655fc125bc4ead872c7a33cedaf47b12f8c_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:cf586b7cb58dff92e7f31b8b9ebe5c971e55c67b8ba2c3320d2b71183c88fc7c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:2df297674884e6ac297bae685f80741489ddf1e1d0ae1d5ec354917dff1acdda_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:7af31fef4a2269c2cf444420048ea644c9949714e9a63417fe6d7288abee457b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:3ca10a19a0706af65bb590403adad92114810bf0ac64a89d6ac1d862e4cec671_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:56a321957afd15d357c8b53fc50299c0811981e8b925e64858dc7c4cfcea1993_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:633bfd24f1396c150b5902407879e7b26e7681074772fbbfeccc4d48cbe77b19_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:ff09ee957797fa15208f9130e246ae006c385cc799573a71d31aff9ddf0e805d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:1d258fe98c2477e4256a9b936f412f2501fb7ca9e3b810347f9712e0d5ce5c92_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:e8ccea3bfafbde4d5b91cc7b7732b2b64d6aa08499b5ca63b4d8f1e980291351_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:5bd1065dca1978c49c0143e2be4e921465c6a67fa786ab2a9254f0790259096e_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:8b34aaf5a7729ef1ccd01f2b1b1e3439b304343f3403de67f68255015206fbf4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:ade80e2ecb6fa56c20539e11677c29e57a1e20b5ce60f8414fd8ff3e83c9bc28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:3439c67a60c8323eb88f0181e8f811e5bdd7b51169f8b8cc687ab2148d1bfabe_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:820fd80dbce2d9d9cdf38989ce84ee5601e862786a732ad108fc319e28131944_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:d9a6959a71074ffc5ec0fa324af389fbd8277efbd22a827cef8a439b18cd2bcf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:8e9dbdc213745aa0990f47e50b1d899ac2121951b9346420131d76cc393a493a_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:95ca9b1ecee8f11d6edabd7af76f60d2987df91d11fd0fb4c6578df735717422_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:f01860f904557f887d8aafe42143c63352d6cb496dc727c265f14e3c2d296e06_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:1c76d957c8588ea2987d4b551bbefc2ef07c546cbaeb3148caff06f640b35ade_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:68e9797f37f8e4de817ee4e1cba7d583b541db2373c5d250ccc3344820720b85_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:7f362050312693129d3a15b6eed4fa06576d6529a99bc864f273c55145ae14ec_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:1e66abc3373c50b5ef69b0c63bf877a978e3aa0a368630973cf0a2be7374becf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:9c061b939c8094f4939cd183da381ad8e49d878cc2fdd373b8d26eecae07ab6d_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f0511f3768e51b6801b66c91b302010e6197facb71a0b7777c4d3ad3039b6c88_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:3e70ae3e8b5f776ad3e2a184a1f2f572de5c46386f34edb99e2b9d1d9249ae41_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:5924a7e64d6031aa926f9ecb9ee3be30d8251c4705813a9bef6716d18b7411b4_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:f441a07265d87fb59ee375723e98fbc9af5f3fd5a2c09761692b0e271205f0bb_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:af7bbec8e30b0e0d8393fe1e2bd656d7630b7c9828536be6664fa848fac61505_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:cf4e879101bc4e3666649dda0926de8bbd95e641dc6832c29dc457128256eb6c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:331f8435e1bd3dec98947a24346873d09056e37e2d7ed83a463098dbf9f31a47_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:5e83e352d083892699338da3fa4c9b8218561e7167b4dff102d22e401cbc7f75_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:86ca44b014be65651b83a49a38c0784dee640b491b935e3ed5f3d49d84d55362_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f9ee33c1c4d7f2a872861c9ad1dbb78ba8fed3ab562ae90f12f06a892147e367_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:0ea603487b204f43ebddb1514500cdeaa02a0b763a627e4e10979deec60b7d28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:29ff94de29714044377d060db9ad47f151afec858c8fc127c94ff04adbb984b7_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:2b6c00ee23df974d22c185b592ef4d7babbb76bcadc129a04c869f9983630103_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:e7c4da685e08c79d5b49e9f12ff5efa7cc7d9e26a03c91ab19f86c99e9f4ac23_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:25077a998c7b6ec7e8122026f2152419a0efe293a00899bb745a66a57f913848_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:5178d3800d74d84a6282a7ddc888eea9b81d62c8a385ad57bb742fa28fb0f575_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:9070f6741e667a4a145ede8dc67d4f7545944ef5fe4937fdcb1a08e9f537e068_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:a7efdef6ef06af0aa97de86ebd0c0ccfc316719195289dfa835261da53b06589_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2dd15cd61e1e5d98791a68bb513572b82ce5d799dd3fa864d43a8134536b19ff_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:37938821d832d7b957aa6f9b4a468c0eed785625c2bb8257726b4dc094bab9bd_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:e94a31493c7207846ab5d13387311e9a6d99ffa7885d1b8faa8602750059c2a3_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:eb0500f30373c5bcf3e10e27b081f97e5ce8b29a71dde9ff9b7e1066fd5dd80e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:22c745e5d04f7a0d9b188bf6657b1de053c61d99d813f11f6819550ef2a96732_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:49495dd44b7956a5e1bed226a896be649a07cd1b1f915de31d39041a77f6cdb5_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:741b836350d9ec48109468382c81066f401ebb4712ca414d44e3042894111419_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:9cf7f5bdebf6b53fce9cfed4fe530c380f36bb1d60120b53c06043371863d4e6_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:3dd54b885e3d63e5882284bf4878aa723c1fef6833601ed5d5a091b6b74c68d1_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:83f773633a864b707c7e371bd554f79622b999a1ecef4b1cd368e0dd72b7a9ad_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:1a85e42e32534b58410c519b4d8f7d84fe6ff96567612f18f4bd558fa3c895a6_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef72689e332c4e224a80603ffbcc1603cdf8fe4230b9fd60e7713f0b5c2d5045_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:1c15c95b65bfbcc620d4d429431eabca8f4714d32a38aa68cb15c549e1a6ce4c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:659acd52802b6f2300c223bcde827f1d9b80ac9a93fdb6f574fcb5a08b92607c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:6f44d3b3973c34677d347a67841dbfabd23817de1b5c26967f1b9952c27b48c8_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:b84eb1329e837895ca50d3284553e195918fefc71bdb9dc2550a90b2d927b6eb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:84739168d6ea2813c5b9666773166649a6b328a279dac80b61c51311a6a2943a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-operator-bundle@sha256:74968eea50e067a335e830cfde6d8bf3cd130a9eba77ce918e25e252b7c1541e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:53a8389250e59e7c9f5a9a61914cac361946b256132649bd45f775c8f36b486a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:890b0e4467cdfd68985af367a6d015ff7e92a2b6a1f46e2c2bf233c3d621f1a8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:9f667eb88f5b085ec40b8b06e5f42cf6a0ced0913d7d2b0402cd0472eb4b428c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:eedab7e6fd4adb2bd697e8cbcbd6703291d9fe5d2a3a048e8c34d9529586c93a_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:12ac94419811458fb309d417091e279d485c4a665899d3a7d3157b8b32c1b03d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:4318d360c3a968ee79ef68979105ee5ffb93137757a3b4a6c42c15e6cf6b11ba_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:ba6188d3d284f030f90e117c87501a8d08c4b356383429ad39806472113aa41b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:05c7ffbd4dfa1f6ef760ed86f142d84d4c42583fa0b747eedc234763bef74ebb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:883f4ae255413c1409d3fb607f91fdf13badf534c5e8f78d9905c8da69cdeeed_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:b7f375f2f1f4eb828ee8255143143385c4662aab967c007a89954903c8a7c27f_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:d29d106e6c0f6a3ae971903a16cf4a564950bcf5336219eb6665cae98b824d33_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:5a2db37676e0f0b05fe2a8c5f82bb489ff3c8dd80f94b9fb3540488ab39ff6ca_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:bab28cfa3596192875dbf305a4ed7432db0ebebec604053d30895931818740cd_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-21441"
},
{
"category": "external",
"summary": "RHBZ#2427726",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2427726"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-21441",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21441"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-21441",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21441"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b",
"url": "https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99"
}
],
"release_date": "2026-01-07T22:09:01.936000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-12T22:43:13+00:00",
"details": "For Red Hat OpenShift AI 2.25.2 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:114fd9b55f5ea28a16c3fe2eef773a4cb4693c1885ef6193399cfea278191acb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:6490c1848b373efe6c327f8959e06b66b1ac3fe0f90fa697f7309d9f48c66765_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:816d8f81196bb0acfe5bbc792f9768916724bdecea3671172412eeb6948c4ff7_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:4a356900b1daca75092b8eac5c1d16f38703941caebba5ddec48120e854bd7e9_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:a26699523e44b43a0f237ee664b3574cbea8d11576bd4bc884c3766c0effb8df_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2695"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:2c98b3b933276dbcead1fde142bfcd3f130d89e6812c6b433da7eed650ae2dbc_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:53c79641084ebe6c98274b31e34cc1a759b1443b96cf7dc45317008a30b1fc8d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4333242b1f6f25f8656bd612870d02868f3724d80cf542c8d78ada49a8ad9cb2_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4519eccf48b1f2393bab39980fadde7e398cfff1933b78e9565029f95296ff05_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:a15b54532e9e06d91abce8fd7becf2aa3bfbce56f231036e25e9ffed15760f74_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:ce1e29736422aa55f1a3837fc38a365fbc1096d58b6794cca84ff907da273917_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:42f631d436d62d7399ca3ef8fd89a334c7839823c8e6ffafe2cdd32ee36493bb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:56615395c62e26f3ef9bd267c0d5245331b8c67508df4bd8bbc83d72c4ef3b99_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:84a87320bee17439c05d2c6a1edf3b7e83b2f7ebfdd850399d12635e58da4d55_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:04a821296c01da5155ab36d9381b962866c26e9c7516f321ffe440b7fa13b4c5_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:33aaad4cc22d1e2998e4710cc644f4032bec8f140e5236fdc83d520a869626ef_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:d2cb739f949dc4ec9617bb9470a8482a8011077043e06e735ab0c9d7d1cac381_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:12d3d74ffbd7eb3a4817952835ab9bf5b89edf4fc9af661a28ec009f3251a519_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:1fb43684436f6b55152aab553177df048d5bb267c5efbc61f0f27cdbb0848957_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:c51fe06b557fa20d78af7b12cf6c6ddc3227f44f3957a52f3037c25700cfadb2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:1e1d5fad0aecf93b79b21112360aa0c308654c5b5df829cd3144488f8e217af4_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:72f613c382aac012e2e79e800df50c210f41693cc2aaa5b99cb28ab38f1966c8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7f027d05df255e62828ab28d5f188655fc125bc4ead872c7a33cedaf47b12f8c_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:cf586b7cb58dff92e7f31b8b9ebe5c971e55c67b8ba2c3320d2b71183c88fc7c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:2df297674884e6ac297bae685f80741489ddf1e1d0ae1d5ec354917dff1acdda_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:7af31fef4a2269c2cf444420048ea644c9949714e9a63417fe6d7288abee457b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:3ca10a19a0706af65bb590403adad92114810bf0ac64a89d6ac1d862e4cec671_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:56a321957afd15d357c8b53fc50299c0811981e8b925e64858dc7c4cfcea1993_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:633bfd24f1396c150b5902407879e7b26e7681074772fbbfeccc4d48cbe77b19_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:ff09ee957797fa15208f9130e246ae006c385cc799573a71d31aff9ddf0e805d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:1d258fe98c2477e4256a9b936f412f2501fb7ca9e3b810347f9712e0d5ce5c92_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:e8ccea3bfafbde4d5b91cc7b7732b2b64d6aa08499b5ca63b4d8f1e980291351_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:5bd1065dca1978c49c0143e2be4e921465c6a67fa786ab2a9254f0790259096e_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:8b34aaf5a7729ef1ccd01f2b1b1e3439b304343f3403de67f68255015206fbf4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:ade80e2ecb6fa56c20539e11677c29e57a1e20b5ce60f8414fd8ff3e83c9bc28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:3439c67a60c8323eb88f0181e8f811e5bdd7b51169f8b8cc687ab2148d1bfabe_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:820fd80dbce2d9d9cdf38989ce84ee5601e862786a732ad108fc319e28131944_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:d9a6959a71074ffc5ec0fa324af389fbd8277efbd22a827cef8a439b18cd2bcf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:8e9dbdc213745aa0990f47e50b1d899ac2121951b9346420131d76cc393a493a_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:95ca9b1ecee8f11d6edabd7af76f60d2987df91d11fd0fb4c6578df735717422_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:f01860f904557f887d8aafe42143c63352d6cb496dc727c265f14e3c2d296e06_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:1c76d957c8588ea2987d4b551bbefc2ef07c546cbaeb3148caff06f640b35ade_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:68e9797f37f8e4de817ee4e1cba7d583b541db2373c5d250ccc3344820720b85_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:7f362050312693129d3a15b6eed4fa06576d6529a99bc864f273c55145ae14ec_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:114fd9b55f5ea28a16c3fe2eef773a4cb4693c1885ef6193399cfea278191acb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:6490c1848b373efe6c327f8959e06b66b1ac3fe0f90fa697f7309d9f48c66765_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:816d8f81196bb0acfe5bbc792f9768916724bdecea3671172412eeb6948c4ff7_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:1e66abc3373c50b5ef69b0c63bf877a978e3aa0a368630973cf0a2be7374becf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:9c061b939c8094f4939cd183da381ad8e49d878cc2fdd373b8d26eecae07ab6d_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f0511f3768e51b6801b66c91b302010e6197facb71a0b7777c4d3ad3039b6c88_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:3e70ae3e8b5f776ad3e2a184a1f2f572de5c46386f34edb99e2b9d1d9249ae41_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:5924a7e64d6031aa926f9ecb9ee3be30d8251c4705813a9bef6716d18b7411b4_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:f441a07265d87fb59ee375723e98fbc9af5f3fd5a2c09761692b0e271205f0bb_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:af7bbec8e30b0e0d8393fe1e2bd656d7630b7c9828536be6664fa848fac61505_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:cf4e879101bc4e3666649dda0926de8bbd95e641dc6832c29dc457128256eb6c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:331f8435e1bd3dec98947a24346873d09056e37e2d7ed83a463098dbf9f31a47_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:5e83e352d083892699338da3fa4c9b8218561e7167b4dff102d22e401cbc7f75_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:86ca44b014be65651b83a49a38c0784dee640b491b935e3ed5f3d49d84d55362_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f9ee33c1c4d7f2a872861c9ad1dbb78ba8fed3ab562ae90f12f06a892147e367_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:0ea603487b204f43ebddb1514500cdeaa02a0b763a627e4e10979deec60b7d28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:29ff94de29714044377d060db9ad47f151afec858c8fc127c94ff04adbb984b7_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:2b6c00ee23df974d22c185b592ef4d7babbb76bcadc129a04c869f9983630103_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:e7c4da685e08c79d5b49e9f12ff5efa7cc7d9e26a03c91ab19f86c99e9f4ac23_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:25077a998c7b6ec7e8122026f2152419a0efe293a00899bb745a66a57f913848_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:5178d3800d74d84a6282a7ddc888eea9b81d62c8a385ad57bb742fa28fb0f575_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:9070f6741e667a4a145ede8dc67d4f7545944ef5fe4937fdcb1a08e9f537e068_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:a7efdef6ef06af0aa97de86ebd0c0ccfc316719195289dfa835261da53b06589_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2dd15cd61e1e5d98791a68bb513572b82ce5d799dd3fa864d43a8134536b19ff_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:37938821d832d7b957aa6f9b4a468c0eed785625c2bb8257726b4dc094bab9bd_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:e94a31493c7207846ab5d13387311e9a6d99ffa7885d1b8faa8602750059c2a3_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:eb0500f30373c5bcf3e10e27b081f97e5ce8b29a71dde9ff9b7e1066fd5dd80e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:22c745e5d04f7a0d9b188bf6657b1de053c61d99d813f11f6819550ef2a96732_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:49495dd44b7956a5e1bed226a896be649a07cd1b1f915de31d39041a77f6cdb5_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:741b836350d9ec48109468382c81066f401ebb4712ca414d44e3042894111419_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:9cf7f5bdebf6b53fce9cfed4fe530c380f36bb1d60120b53c06043371863d4e6_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:3dd54b885e3d63e5882284bf4878aa723c1fef6833601ed5d5a091b6b74c68d1_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:83f773633a864b707c7e371bd554f79622b999a1ecef4b1cd368e0dd72b7a9ad_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:4a356900b1daca75092b8eac5c1d16f38703941caebba5ddec48120e854bd7e9_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:a26699523e44b43a0f237ee664b3574cbea8d11576bd4bc884c3766c0effb8df_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:1a85e42e32534b58410c519b4d8f7d84fe6ff96567612f18f4bd558fa3c895a6_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef72689e332c4e224a80603ffbcc1603cdf8fe4230b9fd60e7713f0b5c2d5045_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:1c15c95b65bfbcc620d4d429431eabca8f4714d32a38aa68cb15c549e1a6ce4c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:659acd52802b6f2300c223bcde827f1d9b80ac9a93fdb6f574fcb5a08b92607c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:6f44d3b3973c34677d347a67841dbfabd23817de1b5c26967f1b9952c27b48c8_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:b84eb1329e837895ca50d3284553e195918fefc71bdb9dc2550a90b2d927b6eb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:84739168d6ea2813c5b9666773166649a6b328a279dac80b61c51311a6a2943a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-operator-bundle@sha256:74968eea50e067a335e830cfde6d8bf3cd130a9eba77ce918e25e252b7c1541e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:53a8389250e59e7c9f5a9a61914cac361946b256132649bd45f775c8f36b486a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:890b0e4467cdfd68985af367a6d015ff7e92a2b6a1f46e2c2bf233c3d621f1a8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:9f667eb88f5b085ec40b8b06e5f42cf6a0ced0913d7d2b0402cd0472eb4b428c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:eedab7e6fd4adb2bd697e8cbcbd6703291d9fe5d2a3a048e8c34d9529586c93a_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:12ac94419811458fb309d417091e279d485c4a665899d3a7d3157b8b32c1b03d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:4318d360c3a968ee79ef68979105ee5ffb93137757a3b4a6c42c15e6cf6b11ba_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:ba6188d3d284f030f90e117c87501a8d08c4b356383429ad39806472113aa41b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:05c7ffbd4dfa1f6ef760ed86f142d84d4c42583fa0b747eedc234763bef74ebb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:883f4ae255413c1409d3fb607f91fdf13badf534c5e8f78d9905c8da69cdeeed_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:b7f375f2f1f4eb828ee8255143143385c4662aab967c007a89954903c8a7c27f_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:d29d106e6c0f6a3ae971903a16cf4a564950bcf5336219eb6665cae98b824d33_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:5a2db37676e0f0b05fe2a8c5f82bb489ff3c8dd80f94b9fb3540488ab39ff6ca_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:bab28cfa3596192875dbf305a4ed7432db0ebebec604053d30895931818740cd_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)"
},
{
"cve": "CVE-2026-24049",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2026-01-22T05:00:54.709179+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:2c98b3b933276dbcead1fde142bfcd3f130d89e6812c6b433da7eed650ae2dbc_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:53c79641084ebe6c98274b31e34cc1a759b1443b96cf7dc45317008a30b1fc8d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4333242b1f6f25f8656bd612870d02868f3724d80cf542c8d78ada49a8ad9cb2_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4519eccf48b1f2393bab39980fadde7e398cfff1933b78e9565029f95296ff05_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:a15b54532e9e06d91abce8fd7becf2aa3bfbce56f231036e25e9ffed15760f74_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:ce1e29736422aa55f1a3837fc38a365fbc1096d58b6794cca84ff907da273917_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:42f631d436d62d7399ca3ef8fd89a334c7839823c8e6ffafe2cdd32ee36493bb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:56615395c62e26f3ef9bd267c0d5245331b8c67508df4bd8bbc83d72c4ef3b99_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:84a87320bee17439c05d2c6a1edf3b7e83b2f7ebfdd850399d12635e58da4d55_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:04a821296c01da5155ab36d9381b962866c26e9c7516f321ffe440b7fa13b4c5_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:33aaad4cc22d1e2998e4710cc644f4032bec8f140e5236fdc83d520a869626ef_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:d2cb739f949dc4ec9617bb9470a8482a8011077043e06e735ab0c9d7d1cac381_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:12d3d74ffbd7eb3a4817952835ab9bf5b89edf4fc9af661a28ec009f3251a519_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:1fb43684436f6b55152aab553177df048d5bb267c5efbc61f0f27cdbb0848957_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:c51fe06b557fa20d78af7b12cf6c6ddc3227f44f3957a52f3037c25700cfadb2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:1e1d5fad0aecf93b79b21112360aa0c308654c5b5df829cd3144488f8e217af4_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:72f613c382aac012e2e79e800df50c210f41693cc2aaa5b99cb28ab38f1966c8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7f027d05df255e62828ab28d5f188655fc125bc4ead872c7a33cedaf47b12f8c_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:cf586b7cb58dff92e7f31b8b9ebe5c971e55c67b8ba2c3320d2b71183c88fc7c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:2df297674884e6ac297bae685f80741489ddf1e1d0ae1d5ec354917dff1acdda_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:7af31fef4a2269c2cf444420048ea644c9949714e9a63417fe6d7288abee457b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:3ca10a19a0706af65bb590403adad92114810bf0ac64a89d6ac1d862e4cec671_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:56a321957afd15d357c8b53fc50299c0811981e8b925e64858dc7c4cfcea1993_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:633bfd24f1396c150b5902407879e7b26e7681074772fbbfeccc4d48cbe77b19_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:ff09ee957797fa15208f9130e246ae006c385cc799573a71d31aff9ddf0e805d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:1d258fe98c2477e4256a9b936f412f2501fb7ca9e3b810347f9712e0d5ce5c92_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:e8ccea3bfafbde4d5b91cc7b7732b2b64d6aa08499b5ca63b4d8f1e980291351_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:5bd1065dca1978c49c0143e2be4e921465c6a67fa786ab2a9254f0790259096e_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:8b34aaf5a7729ef1ccd01f2b1b1e3439b304343f3403de67f68255015206fbf4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:ade80e2ecb6fa56c20539e11677c29e57a1e20b5ce60f8414fd8ff3e83c9bc28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:3439c67a60c8323eb88f0181e8f811e5bdd7b51169f8b8cc687ab2148d1bfabe_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:820fd80dbce2d9d9cdf38989ce84ee5601e862786a732ad108fc319e28131944_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:d9a6959a71074ffc5ec0fa324af389fbd8277efbd22a827cef8a439b18cd2bcf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:8e9dbdc213745aa0990f47e50b1d899ac2121951b9346420131d76cc393a493a_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:95ca9b1ecee8f11d6edabd7af76f60d2987df91d11fd0fb4c6578df735717422_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:f01860f904557f887d8aafe42143c63352d6cb496dc727c265f14e3c2d296e06_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:1c76d957c8588ea2987d4b551bbefc2ef07c546cbaeb3148caff06f640b35ade_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:68e9797f37f8e4de817ee4e1cba7d583b541db2373c5d250ccc3344820720b85_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:7f362050312693129d3a15b6eed4fa06576d6529a99bc864f273c55145ae14ec_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:1e66abc3373c50b5ef69b0c63bf877a978e3aa0a368630973cf0a2be7374becf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:9c061b939c8094f4939cd183da381ad8e49d878cc2fdd373b8d26eecae07ab6d_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f0511f3768e51b6801b66c91b302010e6197facb71a0b7777c4d3ad3039b6c88_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:3e70ae3e8b5f776ad3e2a184a1f2f572de5c46386f34edb99e2b9d1d9249ae41_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:5924a7e64d6031aa926f9ecb9ee3be30d8251c4705813a9bef6716d18b7411b4_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:f441a07265d87fb59ee375723e98fbc9af5f3fd5a2c09761692b0e271205f0bb_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:af7bbec8e30b0e0d8393fe1e2bd656d7630b7c9828536be6664fa848fac61505_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:cf4e879101bc4e3666649dda0926de8bbd95e641dc6832c29dc457128256eb6c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:331f8435e1bd3dec98947a24346873d09056e37e2d7ed83a463098dbf9f31a47_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:5e83e352d083892699338da3fa4c9b8218561e7167b4dff102d22e401cbc7f75_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:86ca44b014be65651b83a49a38c0784dee640b491b935e3ed5f3d49d84d55362_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f9ee33c1c4d7f2a872861c9ad1dbb78ba8fed3ab562ae90f12f06a892147e367_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:0ea603487b204f43ebddb1514500cdeaa02a0b763a627e4e10979deec60b7d28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:29ff94de29714044377d060db9ad47f151afec858c8fc127c94ff04adbb984b7_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:2b6c00ee23df974d22c185b592ef4d7babbb76bcadc129a04c869f9983630103_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:e7c4da685e08c79d5b49e9f12ff5efa7cc7d9e26a03c91ab19f86c99e9f4ac23_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:25077a998c7b6ec7e8122026f2152419a0efe293a00899bb745a66a57f913848_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:5178d3800d74d84a6282a7ddc888eea9b81d62c8a385ad57bb742fa28fb0f575_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:9070f6741e667a4a145ede8dc67d4f7545944ef5fe4937fdcb1a08e9f537e068_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:a7efdef6ef06af0aa97de86ebd0c0ccfc316719195289dfa835261da53b06589_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2dd15cd61e1e5d98791a68bb513572b82ce5d799dd3fa864d43a8134536b19ff_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:37938821d832d7b957aa6f9b4a468c0eed785625c2bb8257726b4dc094bab9bd_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:e94a31493c7207846ab5d13387311e9a6d99ffa7885d1b8faa8602750059c2a3_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:eb0500f30373c5bcf3e10e27b081f97e5ce8b29a71dde9ff9b7e1066fd5dd80e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:22c745e5d04f7a0d9b188bf6657b1de053c61d99d813f11f6819550ef2a96732_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:49495dd44b7956a5e1bed226a896be649a07cd1b1f915de31d39041a77f6cdb5_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:741b836350d9ec48109468382c81066f401ebb4712ca414d44e3042894111419_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:9cf7f5bdebf6b53fce9cfed4fe530c380f36bb1d60120b53c06043371863d4e6_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:3dd54b885e3d63e5882284bf4878aa723c1fef6833601ed5d5a091b6b74c68d1_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:83f773633a864b707c7e371bd554f79622b999a1ecef4b1cd368e0dd72b7a9ad_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:4a356900b1daca75092b8eac5c1d16f38703941caebba5ddec48120e854bd7e9_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:a26699523e44b43a0f237ee664b3574cbea8d11576bd4bc884c3766c0effb8df_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:1a85e42e32534b58410c519b4d8f7d84fe6ff96567612f18f4bd558fa3c895a6_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef72689e332c4e224a80603ffbcc1603cdf8fe4230b9fd60e7713f0b5c2d5045_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:1c15c95b65bfbcc620d4d429431eabca8f4714d32a38aa68cb15c549e1a6ce4c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:659acd52802b6f2300c223bcde827f1d9b80ac9a93fdb6f574fcb5a08b92607c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:6f44d3b3973c34677d347a67841dbfabd23817de1b5c26967f1b9952c27b48c8_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:b84eb1329e837895ca50d3284553e195918fefc71bdb9dc2550a90b2d927b6eb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:84739168d6ea2813c5b9666773166649a6b328a279dac80b61c51311a6a2943a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-operator-bundle@sha256:74968eea50e067a335e830cfde6d8bf3cd130a9eba77ce918e25e252b7c1541e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:53a8389250e59e7c9f5a9a61914cac361946b256132649bd45f775c8f36b486a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:890b0e4467cdfd68985af367a6d015ff7e92a2b6a1f46e2c2bf233c3d621f1a8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:9f667eb88f5b085ec40b8b06e5f42cf6a0ced0913d7d2b0402cd0472eb4b428c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:eedab7e6fd4adb2bd697e8cbcbd6703291d9fe5d2a3a048e8c34d9529586c93a_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:12ac94419811458fb309d417091e279d485c4a665899d3a7d3157b8b32c1b03d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:4318d360c3a968ee79ef68979105ee5ffb93137757a3b4a6c42c15e6cf6b11ba_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:ba6188d3d284f030f90e117c87501a8d08c4b356383429ad39806472113aa41b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:05c7ffbd4dfa1f6ef760ed86f142d84d4c42583fa0b747eedc234763bef74ebb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:883f4ae255413c1409d3fb607f91fdf13badf534c5e8f78d9905c8da69cdeeed_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:b7f375f2f1f4eb828ee8255143143385c4662aab967c007a89954903c8a7c27f_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:d29d106e6c0f6a3ae971903a16cf4a564950bcf5336219eb6665cae98b824d33_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:5a2db37676e0f0b05fe2a8c5f82bb489ff3c8dd80f94b9fb3540488ab39ff6ca_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:bab28cfa3596192875dbf305a4ed7432db0ebebec604053d30895931818740cd_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2431959"
}
],
"notes": [
{
"category": "description",
"text": "A path traversal flaw has been discovered in the python wheel too. The unpack function is vulnerable to file permission modification through mishandling of file permissions after extraction. The logic blindly trusts the filename from the archive header for the chmod operation, even though the extraction process itself might have sanitized the path. Attackers can craft a malicious wheel file that, when unpacked, changes the permissions of critical system files (e.g., /etc/passwd, SSH keys, config files), allowing for Privilege Escalation or arbitrary code execution by modifying now-writable scripts.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wheel: wheel: Privilege Escalation or Arbitrary Code Execution via malicious wheel file unpacking",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:114fd9b55f5ea28a16c3fe2eef773a4cb4693c1885ef6193399cfea278191acb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:6490c1848b373efe6c327f8959e06b66b1ac3fe0f90fa697f7309d9f48c66765_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:816d8f81196bb0acfe5bbc792f9768916724bdecea3671172412eeb6948c4ff7_arm64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:2c98b3b933276dbcead1fde142bfcd3f130d89e6812c6b433da7eed650ae2dbc_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:53c79641084ebe6c98274b31e34cc1a759b1443b96cf7dc45317008a30b1fc8d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4333242b1f6f25f8656bd612870d02868f3724d80cf542c8d78ada49a8ad9cb2_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4519eccf48b1f2393bab39980fadde7e398cfff1933b78e9565029f95296ff05_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:a15b54532e9e06d91abce8fd7becf2aa3bfbce56f231036e25e9ffed15760f74_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:ce1e29736422aa55f1a3837fc38a365fbc1096d58b6794cca84ff907da273917_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:42f631d436d62d7399ca3ef8fd89a334c7839823c8e6ffafe2cdd32ee36493bb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:56615395c62e26f3ef9bd267c0d5245331b8c67508df4bd8bbc83d72c4ef3b99_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:84a87320bee17439c05d2c6a1edf3b7e83b2f7ebfdd850399d12635e58da4d55_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:04a821296c01da5155ab36d9381b962866c26e9c7516f321ffe440b7fa13b4c5_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:33aaad4cc22d1e2998e4710cc644f4032bec8f140e5236fdc83d520a869626ef_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:d2cb739f949dc4ec9617bb9470a8482a8011077043e06e735ab0c9d7d1cac381_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:12d3d74ffbd7eb3a4817952835ab9bf5b89edf4fc9af661a28ec009f3251a519_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:1fb43684436f6b55152aab553177df048d5bb267c5efbc61f0f27cdbb0848957_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:c51fe06b557fa20d78af7b12cf6c6ddc3227f44f3957a52f3037c25700cfadb2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:1e1d5fad0aecf93b79b21112360aa0c308654c5b5df829cd3144488f8e217af4_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:72f613c382aac012e2e79e800df50c210f41693cc2aaa5b99cb28ab38f1966c8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7f027d05df255e62828ab28d5f188655fc125bc4ead872c7a33cedaf47b12f8c_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:cf586b7cb58dff92e7f31b8b9ebe5c971e55c67b8ba2c3320d2b71183c88fc7c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:2df297674884e6ac297bae685f80741489ddf1e1d0ae1d5ec354917dff1acdda_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:7af31fef4a2269c2cf444420048ea644c9949714e9a63417fe6d7288abee457b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:3ca10a19a0706af65bb590403adad92114810bf0ac64a89d6ac1d862e4cec671_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:56a321957afd15d357c8b53fc50299c0811981e8b925e64858dc7c4cfcea1993_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:633bfd24f1396c150b5902407879e7b26e7681074772fbbfeccc4d48cbe77b19_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:ff09ee957797fa15208f9130e246ae006c385cc799573a71d31aff9ddf0e805d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:1d258fe98c2477e4256a9b936f412f2501fb7ca9e3b810347f9712e0d5ce5c92_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:e8ccea3bfafbde4d5b91cc7b7732b2b64d6aa08499b5ca63b4d8f1e980291351_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:5bd1065dca1978c49c0143e2be4e921465c6a67fa786ab2a9254f0790259096e_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:8b34aaf5a7729ef1ccd01f2b1b1e3439b304343f3403de67f68255015206fbf4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:ade80e2ecb6fa56c20539e11677c29e57a1e20b5ce60f8414fd8ff3e83c9bc28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:3439c67a60c8323eb88f0181e8f811e5bdd7b51169f8b8cc687ab2148d1bfabe_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:820fd80dbce2d9d9cdf38989ce84ee5601e862786a732ad108fc319e28131944_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:d9a6959a71074ffc5ec0fa324af389fbd8277efbd22a827cef8a439b18cd2bcf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:8e9dbdc213745aa0990f47e50b1d899ac2121951b9346420131d76cc393a493a_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:95ca9b1ecee8f11d6edabd7af76f60d2987df91d11fd0fb4c6578df735717422_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:f01860f904557f887d8aafe42143c63352d6cb496dc727c265f14e3c2d296e06_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:1c76d957c8588ea2987d4b551bbefc2ef07c546cbaeb3148caff06f640b35ade_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:68e9797f37f8e4de817ee4e1cba7d583b541db2373c5d250ccc3344820720b85_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:7f362050312693129d3a15b6eed4fa06576d6529a99bc864f273c55145ae14ec_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:1e66abc3373c50b5ef69b0c63bf877a978e3aa0a368630973cf0a2be7374becf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:9c061b939c8094f4939cd183da381ad8e49d878cc2fdd373b8d26eecae07ab6d_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f0511f3768e51b6801b66c91b302010e6197facb71a0b7777c4d3ad3039b6c88_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:3e70ae3e8b5f776ad3e2a184a1f2f572de5c46386f34edb99e2b9d1d9249ae41_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:5924a7e64d6031aa926f9ecb9ee3be30d8251c4705813a9bef6716d18b7411b4_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:f441a07265d87fb59ee375723e98fbc9af5f3fd5a2c09761692b0e271205f0bb_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:af7bbec8e30b0e0d8393fe1e2bd656d7630b7c9828536be6664fa848fac61505_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:cf4e879101bc4e3666649dda0926de8bbd95e641dc6832c29dc457128256eb6c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:331f8435e1bd3dec98947a24346873d09056e37e2d7ed83a463098dbf9f31a47_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:5e83e352d083892699338da3fa4c9b8218561e7167b4dff102d22e401cbc7f75_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:86ca44b014be65651b83a49a38c0784dee640b491b935e3ed5f3d49d84d55362_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f9ee33c1c4d7f2a872861c9ad1dbb78ba8fed3ab562ae90f12f06a892147e367_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:0ea603487b204f43ebddb1514500cdeaa02a0b763a627e4e10979deec60b7d28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:29ff94de29714044377d060db9ad47f151afec858c8fc127c94ff04adbb984b7_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:2b6c00ee23df974d22c185b592ef4d7babbb76bcadc129a04c869f9983630103_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:e7c4da685e08c79d5b49e9f12ff5efa7cc7d9e26a03c91ab19f86c99e9f4ac23_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:25077a998c7b6ec7e8122026f2152419a0efe293a00899bb745a66a57f913848_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:5178d3800d74d84a6282a7ddc888eea9b81d62c8a385ad57bb742fa28fb0f575_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:9070f6741e667a4a145ede8dc67d4f7545944ef5fe4937fdcb1a08e9f537e068_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:a7efdef6ef06af0aa97de86ebd0c0ccfc316719195289dfa835261da53b06589_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2dd15cd61e1e5d98791a68bb513572b82ce5d799dd3fa864d43a8134536b19ff_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:37938821d832d7b957aa6f9b4a468c0eed785625c2bb8257726b4dc094bab9bd_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:e94a31493c7207846ab5d13387311e9a6d99ffa7885d1b8faa8602750059c2a3_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:eb0500f30373c5bcf3e10e27b081f97e5ce8b29a71dde9ff9b7e1066fd5dd80e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:22c745e5d04f7a0d9b188bf6657b1de053c61d99d813f11f6819550ef2a96732_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:49495dd44b7956a5e1bed226a896be649a07cd1b1f915de31d39041a77f6cdb5_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:741b836350d9ec48109468382c81066f401ebb4712ca414d44e3042894111419_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:9cf7f5bdebf6b53fce9cfed4fe530c380f36bb1d60120b53c06043371863d4e6_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:3dd54b885e3d63e5882284bf4878aa723c1fef6833601ed5d5a091b6b74c68d1_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:83f773633a864b707c7e371bd554f79622b999a1ecef4b1cd368e0dd72b7a9ad_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:4a356900b1daca75092b8eac5c1d16f38703941caebba5ddec48120e854bd7e9_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:a26699523e44b43a0f237ee664b3574cbea8d11576bd4bc884c3766c0effb8df_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:1a85e42e32534b58410c519b4d8f7d84fe6ff96567612f18f4bd558fa3c895a6_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef72689e332c4e224a80603ffbcc1603cdf8fe4230b9fd60e7713f0b5c2d5045_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:1c15c95b65bfbcc620d4d429431eabca8f4714d32a38aa68cb15c549e1a6ce4c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:659acd52802b6f2300c223bcde827f1d9b80ac9a93fdb6f574fcb5a08b92607c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:6f44d3b3973c34677d347a67841dbfabd23817de1b5c26967f1b9952c27b48c8_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:b84eb1329e837895ca50d3284553e195918fefc71bdb9dc2550a90b2d927b6eb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:84739168d6ea2813c5b9666773166649a6b328a279dac80b61c51311a6a2943a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-operator-bundle@sha256:74968eea50e067a335e830cfde6d8bf3cd130a9eba77ce918e25e252b7c1541e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:53a8389250e59e7c9f5a9a61914cac361946b256132649bd45f775c8f36b486a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:890b0e4467cdfd68985af367a6d015ff7e92a2b6a1f46e2c2bf233c3d621f1a8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:9f667eb88f5b085ec40b8b06e5f42cf6a0ced0913d7d2b0402cd0472eb4b428c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:eedab7e6fd4adb2bd697e8cbcbd6703291d9fe5d2a3a048e8c34d9529586c93a_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:12ac94419811458fb309d417091e279d485c4a665899d3a7d3157b8b32c1b03d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:4318d360c3a968ee79ef68979105ee5ffb93137757a3b4a6c42c15e6cf6b11ba_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:ba6188d3d284f030f90e117c87501a8d08c4b356383429ad39806472113aa41b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:05c7ffbd4dfa1f6ef760ed86f142d84d4c42583fa0b747eedc234763bef74ebb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:883f4ae255413c1409d3fb607f91fdf13badf534c5e8f78d9905c8da69cdeeed_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:b7f375f2f1f4eb828ee8255143143385c4662aab967c007a89954903c8a7c27f_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:d29d106e6c0f6a3ae971903a16cf4a564950bcf5336219eb6665cae98b824d33_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:5a2db37676e0f0b05fe2a8c5f82bb489ff3c8dd80f94b9fb3540488ab39ff6ca_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:bab28cfa3596192875dbf305a4ed7432db0ebebec604053d30895931818740cd_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24049"
},
{
"category": "external",
"summary": "RHBZ#2431959",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431959"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24049",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24049"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24049",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24049"
},
{
"category": "external",
"summary": "https://github.com/pypa/wheel/commit/7a7d2de96b22a9adf9208afcc9547e1001569fef",
"url": "https://github.com/pypa/wheel/commit/7a7d2de96b22a9adf9208afcc9547e1001569fef"
},
{
"category": "external",
"summary": "https://github.com/pypa/wheel/releases/tag/0.46.2",
"url": "https://github.com/pypa/wheel/releases/tag/0.46.2"
},
{
"category": "external",
"summary": "https://github.com/pypa/wheel/security/advisories/GHSA-8rrh-rw8j-w5fx",
"url": "https://github.com/pypa/wheel/security/advisories/GHSA-8rrh-rw8j-w5fx"
}
],
"release_date": "2026-01-22T04:02:08.706000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-12T22:43:13+00:00",
"details": "For Red Hat OpenShift AI 2.25.2 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:114fd9b55f5ea28a16c3fe2eef773a4cb4693c1885ef6193399cfea278191acb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:6490c1848b373efe6c327f8959e06b66b1ac3fe0f90fa697f7309d9f48c66765_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:816d8f81196bb0acfe5bbc792f9768916724bdecea3671172412eeb6948c4ff7_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2695"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:2c98b3b933276dbcead1fde142bfcd3f130d89e6812c6b433da7eed650ae2dbc_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:53c79641084ebe6c98274b31e34cc1a759b1443b96cf7dc45317008a30b1fc8d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4333242b1f6f25f8656bd612870d02868f3724d80cf542c8d78ada49a8ad9cb2_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4519eccf48b1f2393bab39980fadde7e398cfff1933b78e9565029f95296ff05_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:a15b54532e9e06d91abce8fd7becf2aa3bfbce56f231036e25e9ffed15760f74_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:ce1e29736422aa55f1a3837fc38a365fbc1096d58b6794cca84ff907da273917_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:42f631d436d62d7399ca3ef8fd89a334c7839823c8e6ffafe2cdd32ee36493bb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:56615395c62e26f3ef9bd267c0d5245331b8c67508df4bd8bbc83d72c4ef3b99_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:84a87320bee17439c05d2c6a1edf3b7e83b2f7ebfdd850399d12635e58da4d55_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:04a821296c01da5155ab36d9381b962866c26e9c7516f321ffe440b7fa13b4c5_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:33aaad4cc22d1e2998e4710cc644f4032bec8f140e5236fdc83d520a869626ef_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:d2cb739f949dc4ec9617bb9470a8482a8011077043e06e735ab0c9d7d1cac381_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:12d3d74ffbd7eb3a4817952835ab9bf5b89edf4fc9af661a28ec009f3251a519_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:1fb43684436f6b55152aab553177df048d5bb267c5efbc61f0f27cdbb0848957_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:c51fe06b557fa20d78af7b12cf6c6ddc3227f44f3957a52f3037c25700cfadb2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:1e1d5fad0aecf93b79b21112360aa0c308654c5b5df829cd3144488f8e217af4_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:72f613c382aac012e2e79e800df50c210f41693cc2aaa5b99cb28ab38f1966c8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7f027d05df255e62828ab28d5f188655fc125bc4ead872c7a33cedaf47b12f8c_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:cf586b7cb58dff92e7f31b8b9ebe5c971e55c67b8ba2c3320d2b71183c88fc7c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:2df297674884e6ac297bae685f80741489ddf1e1d0ae1d5ec354917dff1acdda_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:7af31fef4a2269c2cf444420048ea644c9949714e9a63417fe6d7288abee457b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:3ca10a19a0706af65bb590403adad92114810bf0ac64a89d6ac1d862e4cec671_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:56a321957afd15d357c8b53fc50299c0811981e8b925e64858dc7c4cfcea1993_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:633bfd24f1396c150b5902407879e7b26e7681074772fbbfeccc4d48cbe77b19_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:ff09ee957797fa15208f9130e246ae006c385cc799573a71d31aff9ddf0e805d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:1d258fe98c2477e4256a9b936f412f2501fb7ca9e3b810347f9712e0d5ce5c92_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:e8ccea3bfafbde4d5b91cc7b7732b2b64d6aa08499b5ca63b4d8f1e980291351_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:5bd1065dca1978c49c0143e2be4e921465c6a67fa786ab2a9254f0790259096e_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:8b34aaf5a7729ef1ccd01f2b1b1e3439b304343f3403de67f68255015206fbf4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:ade80e2ecb6fa56c20539e11677c29e57a1e20b5ce60f8414fd8ff3e83c9bc28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:3439c67a60c8323eb88f0181e8f811e5bdd7b51169f8b8cc687ab2148d1bfabe_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:820fd80dbce2d9d9cdf38989ce84ee5601e862786a732ad108fc319e28131944_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:d9a6959a71074ffc5ec0fa324af389fbd8277efbd22a827cef8a439b18cd2bcf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:8e9dbdc213745aa0990f47e50b1d899ac2121951b9346420131d76cc393a493a_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:95ca9b1ecee8f11d6edabd7af76f60d2987df91d11fd0fb4c6578df735717422_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:f01860f904557f887d8aafe42143c63352d6cb496dc727c265f14e3c2d296e06_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:1c76d957c8588ea2987d4b551bbefc2ef07c546cbaeb3148caff06f640b35ade_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:68e9797f37f8e4de817ee4e1cba7d583b541db2373c5d250ccc3344820720b85_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:7f362050312693129d3a15b6eed4fa06576d6529a99bc864f273c55145ae14ec_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:114fd9b55f5ea28a16c3fe2eef773a4cb4693c1885ef6193399cfea278191acb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:6490c1848b373efe6c327f8959e06b66b1ac3fe0f90fa697f7309d9f48c66765_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:816d8f81196bb0acfe5bbc792f9768916724bdecea3671172412eeb6948c4ff7_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:1e66abc3373c50b5ef69b0c63bf877a978e3aa0a368630973cf0a2be7374becf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:9c061b939c8094f4939cd183da381ad8e49d878cc2fdd373b8d26eecae07ab6d_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f0511f3768e51b6801b66c91b302010e6197facb71a0b7777c4d3ad3039b6c88_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:3e70ae3e8b5f776ad3e2a184a1f2f572de5c46386f34edb99e2b9d1d9249ae41_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:5924a7e64d6031aa926f9ecb9ee3be30d8251c4705813a9bef6716d18b7411b4_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:f441a07265d87fb59ee375723e98fbc9af5f3fd5a2c09761692b0e271205f0bb_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:af7bbec8e30b0e0d8393fe1e2bd656d7630b7c9828536be6664fa848fac61505_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:cf4e879101bc4e3666649dda0926de8bbd95e641dc6832c29dc457128256eb6c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:331f8435e1bd3dec98947a24346873d09056e37e2d7ed83a463098dbf9f31a47_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:5e83e352d083892699338da3fa4c9b8218561e7167b4dff102d22e401cbc7f75_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:86ca44b014be65651b83a49a38c0784dee640b491b935e3ed5f3d49d84d55362_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f9ee33c1c4d7f2a872861c9ad1dbb78ba8fed3ab562ae90f12f06a892147e367_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:0ea603487b204f43ebddb1514500cdeaa02a0b763a627e4e10979deec60b7d28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:29ff94de29714044377d060db9ad47f151afec858c8fc127c94ff04adbb984b7_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:2b6c00ee23df974d22c185b592ef4d7babbb76bcadc129a04c869f9983630103_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:e7c4da685e08c79d5b49e9f12ff5efa7cc7d9e26a03c91ab19f86c99e9f4ac23_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:25077a998c7b6ec7e8122026f2152419a0efe293a00899bb745a66a57f913848_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:5178d3800d74d84a6282a7ddc888eea9b81d62c8a385ad57bb742fa28fb0f575_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:9070f6741e667a4a145ede8dc67d4f7545944ef5fe4937fdcb1a08e9f537e068_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:a7efdef6ef06af0aa97de86ebd0c0ccfc316719195289dfa835261da53b06589_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2dd15cd61e1e5d98791a68bb513572b82ce5d799dd3fa864d43a8134536b19ff_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:37938821d832d7b957aa6f9b4a468c0eed785625c2bb8257726b4dc094bab9bd_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:e94a31493c7207846ab5d13387311e9a6d99ffa7885d1b8faa8602750059c2a3_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:eb0500f30373c5bcf3e10e27b081f97e5ce8b29a71dde9ff9b7e1066fd5dd80e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:22c745e5d04f7a0d9b188bf6657b1de053c61d99d813f11f6819550ef2a96732_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:49495dd44b7956a5e1bed226a896be649a07cd1b1f915de31d39041a77f6cdb5_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:741b836350d9ec48109468382c81066f401ebb4712ca414d44e3042894111419_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:9cf7f5bdebf6b53fce9cfed4fe530c380f36bb1d60120b53c06043371863d4e6_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:3dd54b885e3d63e5882284bf4878aa723c1fef6833601ed5d5a091b6b74c68d1_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:83f773633a864b707c7e371bd554f79622b999a1ecef4b1cd368e0dd72b7a9ad_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:4a356900b1daca75092b8eac5c1d16f38703941caebba5ddec48120e854bd7e9_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:a26699523e44b43a0f237ee664b3574cbea8d11576bd4bc884c3766c0effb8df_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:1a85e42e32534b58410c519b4d8f7d84fe6ff96567612f18f4bd558fa3c895a6_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef72689e332c4e224a80603ffbcc1603cdf8fe4230b9fd60e7713f0b5c2d5045_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:1c15c95b65bfbcc620d4d429431eabca8f4714d32a38aa68cb15c549e1a6ce4c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:659acd52802b6f2300c223bcde827f1d9b80ac9a93fdb6f574fcb5a08b92607c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:6f44d3b3973c34677d347a67841dbfabd23817de1b5c26967f1b9952c27b48c8_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:b84eb1329e837895ca50d3284553e195918fefc71bdb9dc2550a90b2d927b6eb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:84739168d6ea2813c5b9666773166649a6b328a279dac80b61c51311a6a2943a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-operator-bundle@sha256:74968eea50e067a335e830cfde6d8bf3cd130a9eba77ce918e25e252b7c1541e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:53a8389250e59e7c9f5a9a61914cac361946b256132649bd45f775c8f36b486a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:890b0e4467cdfd68985af367a6d015ff7e92a2b6a1f46e2c2bf233c3d621f1a8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:9f667eb88f5b085ec40b8b06e5f42cf6a0ced0913d7d2b0402cd0472eb4b428c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:eedab7e6fd4adb2bd697e8cbcbd6703291d9fe5d2a3a048e8c34d9529586c93a_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:12ac94419811458fb309d417091e279d485c4a665899d3a7d3157b8b32c1b03d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:4318d360c3a968ee79ef68979105ee5ffb93137757a3b4a6c42c15e6cf6b11ba_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:ba6188d3d284f030f90e117c87501a8d08c4b356383429ad39806472113aa41b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:05c7ffbd4dfa1f6ef760ed86f142d84d4c42583fa0b747eedc234763bef74ebb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:883f4ae255413c1409d3fb607f91fdf13badf534c5e8f78d9905c8da69cdeeed_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:b7f375f2f1f4eb828ee8255143143385c4662aab967c007a89954903c8a7c27f_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:d29d106e6c0f6a3ae971903a16cf4a564950bcf5336219eb6665cae98b824d33_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:5a2db37676e0f0b05fe2a8c5f82bb489ff3c8dd80f94b9fb3540488ab39ff6ca_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:bab28cfa3596192875dbf305a4ed7432db0ebebec604053d30895931818740cd_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:2c98b3b933276dbcead1fde142bfcd3f130d89e6812c6b433da7eed650ae2dbc_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:53c79641084ebe6c98274b31e34cc1a759b1443b96cf7dc45317008a30b1fc8d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4333242b1f6f25f8656bd612870d02868f3724d80cf542c8d78ada49a8ad9cb2_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:4519eccf48b1f2393bab39980fadde7e398cfff1933b78e9565029f95296ff05_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:a15b54532e9e06d91abce8fd7becf2aa3bfbce56f231036e25e9ffed15760f74_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:ce1e29736422aa55f1a3837fc38a365fbc1096d58b6794cca84ff907da273917_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:42f631d436d62d7399ca3ef8fd89a334c7839823c8e6ffafe2cdd32ee36493bb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:56615395c62e26f3ef9bd267c0d5245331b8c67508df4bd8bbc83d72c4ef3b99_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:84a87320bee17439c05d2c6a1edf3b7e83b2f7ebfdd850399d12635e58da4d55_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:04a821296c01da5155ab36d9381b962866c26e9c7516f321ffe440b7fa13b4c5_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:33aaad4cc22d1e2998e4710cc644f4032bec8f140e5236fdc83d520a869626ef_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:d2cb739f949dc4ec9617bb9470a8482a8011077043e06e735ab0c9d7d1cac381_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:12d3d74ffbd7eb3a4817952835ab9bf5b89edf4fc9af661a28ec009f3251a519_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:1fb43684436f6b55152aab553177df048d5bb267c5efbc61f0f27cdbb0848957_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:c51fe06b557fa20d78af7b12cf6c6ddc3227f44f3957a52f3037c25700cfadb2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:1e1d5fad0aecf93b79b21112360aa0c308654c5b5df829cd3144488f8e217af4_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:72f613c382aac012e2e79e800df50c210f41693cc2aaa5b99cb28ab38f1966c8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7f027d05df255e62828ab28d5f188655fc125bc4ead872c7a33cedaf47b12f8c_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:cf586b7cb58dff92e7f31b8b9ebe5c971e55c67b8ba2c3320d2b71183c88fc7c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:2df297674884e6ac297bae685f80741489ddf1e1d0ae1d5ec354917dff1acdda_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:7af31fef4a2269c2cf444420048ea644c9949714e9a63417fe6d7288abee457b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:3ca10a19a0706af65bb590403adad92114810bf0ac64a89d6ac1d862e4cec671_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:56a321957afd15d357c8b53fc50299c0811981e8b925e64858dc7c4cfcea1993_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:633bfd24f1396c150b5902407879e7b26e7681074772fbbfeccc4d48cbe77b19_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:ff09ee957797fa15208f9130e246ae006c385cc799573a71d31aff9ddf0e805d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:1d258fe98c2477e4256a9b936f412f2501fb7ca9e3b810347f9712e0d5ce5c92_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:e8ccea3bfafbde4d5b91cc7b7732b2b64d6aa08499b5ca63b4d8f1e980291351_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:5bd1065dca1978c49c0143e2be4e921465c6a67fa786ab2a9254f0790259096e_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:8b34aaf5a7729ef1ccd01f2b1b1e3439b304343f3403de67f68255015206fbf4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:ade80e2ecb6fa56c20539e11677c29e57a1e20b5ce60f8414fd8ff3e83c9bc28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:3439c67a60c8323eb88f0181e8f811e5bdd7b51169f8b8cc687ab2148d1bfabe_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:820fd80dbce2d9d9cdf38989ce84ee5601e862786a732ad108fc319e28131944_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:d9a6959a71074ffc5ec0fa324af389fbd8277efbd22a827cef8a439b18cd2bcf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:8e9dbdc213745aa0990f47e50b1d899ac2121951b9346420131d76cc393a493a_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:95ca9b1ecee8f11d6edabd7af76f60d2987df91d11fd0fb4c6578df735717422_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:f01860f904557f887d8aafe42143c63352d6cb496dc727c265f14e3c2d296e06_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:1c76d957c8588ea2987d4b551bbefc2ef07c546cbaeb3148caff06f640b35ade_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:68e9797f37f8e4de817ee4e1cba7d583b541db2373c5d250ccc3344820720b85_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:7f362050312693129d3a15b6eed4fa06576d6529a99bc864f273c55145ae14ec_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:114fd9b55f5ea28a16c3fe2eef773a4cb4693c1885ef6193399cfea278191acb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:6490c1848b373efe6c327f8959e06b66b1ac3fe0f90fa697f7309d9f48c66765_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:816d8f81196bb0acfe5bbc792f9768916724bdecea3671172412eeb6948c4ff7_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:1e66abc3373c50b5ef69b0c63bf877a978e3aa0a368630973cf0a2be7374becf_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:9c061b939c8094f4939cd183da381ad8e49d878cc2fdd373b8d26eecae07ab6d_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f0511f3768e51b6801b66c91b302010e6197facb71a0b7777c4d3ad3039b6c88_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:3e70ae3e8b5f776ad3e2a184a1f2f572de5c46386f34edb99e2b9d1d9249ae41_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:5924a7e64d6031aa926f9ecb9ee3be30d8251c4705813a9bef6716d18b7411b4_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:f441a07265d87fb59ee375723e98fbc9af5f3fd5a2c09761692b0e271205f0bb_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:af7bbec8e30b0e0d8393fe1e2bd656d7630b7c9828536be6664fa848fac61505_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:cf4e879101bc4e3666649dda0926de8bbd95e641dc6832c29dc457128256eb6c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:331f8435e1bd3dec98947a24346873d09056e37e2d7ed83a463098dbf9f31a47_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:5e83e352d083892699338da3fa4c9b8218561e7167b4dff102d22e401cbc7f75_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:86ca44b014be65651b83a49a38c0784dee640b491b935e3ed5f3d49d84d55362_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f9ee33c1c4d7f2a872861c9ad1dbb78ba8fed3ab562ae90f12f06a892147e367_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:0ea603487b204f43ebddb1514500cdeaa02a0b763a627e4e10979deec60b7d28_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:29ff94de29714044377d060db9ad47f151afec858c8fc127c94ff04adbb984b7_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:2b6c00ee23df974d22c185b592ef4d7babbb76bcadc129a04c869f9983630103_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:e7c4da685e08c79d5b49e9f12ff5efa7cc7d9e26a03c91ab19f86c99e9f4ac23_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:25077a998c7b6ec7e8122026f2152419a0efe293a00899bb745a66a57f913848_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:5178d3800d74d84a6282a7ddc888eea9b81d62c8a385ad57bb742fa28fb0f575_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:9070f6741e667a4a145ede8dc67d4f7545944ef5fe4937fdcb1a08e9f537e068_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:a7efdef6ef06af0aa97de86ebd0c0ccfc316719195289dfa835261da53b06589_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2dd15cd61e1e5d98791a68bb513572b82ce5d799dd3fa864d43a8134536b19ff_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:37938821d832d7b957aa6f9b4a468c0eed785625c2bb8257726b4dc094bab9bd_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:e94a31493c7207846ab5d13387311e9a6d99ffa7885d1b8faa8602750059c2a3_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:eb0500f30373c5bcf3e10e27b081f97e5ce8b29a71dde9ff9b7e1066fd5dd80e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:22c745e5d04f7a0d9b188bf6657b1de053c61d99d813f11f6819550ef2a96732_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:49495dd44b7956a5e1bed226a896be649a07cd1b1f915de31d39041a77f6cdb5_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:741b836350d9ec48109468382c81066f401ebb4712ca414d44e3042894111419_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:9cf7f5bdebf6b53fce9cfed4fe530c380f36bb1d60120b53c06043371863d4e6_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:3dd54b885e3d63e5882284bf4878aa723c1fef6833601ed5d5a091b6b74c68d1_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:83f773633a864b707c7e371bd554f79622b999a1ecef4b1cd368e0dd72b7a9ad_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:4a356900b1daca75092b8eac5c1d16f38703941caebba5ddec48120e854bd7e9_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:a26699523e44b43a0f237ee664b3574cbea8d11576bd4bc884c3766c0effb8df_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:1a85e42e32534b58410c519b4d8f7d84fe6ff96567612f18f4bd558fa3c895a6_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef72689e332c4e224a80603ffbcc1603cdf8fe4230b9fd60e7713f0b5c2d5045_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:1c15c95b65bfbcc620d4d429431eabca8f4714d32a38aa68cb15c549e1a6ce4c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:659acd52802b6f2300c223bcde827f1d9b80ac9a93fdb6f574fcb5a08b92607c_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:6f44d3b3973c34677d347a67841dbfabd23817de1b5c26967f1b9952c27b48c8_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:b84eb1329e837895ca50d3284553e195918fefc71bdb9dc2550a90b2d927b6eb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:84739168d6ea2813c5b9666773166649a6b328a279dac80b61c51311a6a2943a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-operator-bundle@sha256:74968eea50e067a335e830cfde6d8bf3cd130a9eba77ce918e25e252b7c1541e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:53a8389250e59e7c9f5a9a61914cac361946b256132649bd45f775c8f36b486a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:890b0e4467cdfd68985af367a6d015ff7e92a2b6a1f46e2c2bf233c3d621f1a8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:9f667eb88f5b085ec40b8b06e5f42cf6a0ced0913d7d2b0402cd0472eb4b428c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:eedab7e6fd4adb2bd697e8cbcbd6703291d9fe5d2a3a048e8c34d9529586c93a_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:12ac94419811458fb309d417091e279d485c4a665899d3a7d3157b8b32c1b03d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:4318d360c3a968ee79ef68979105ee5ffb93137757a3b4a6c42c15e6cf6b11ba_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:ba6188d3d284f030f90e117c87501a8d08c4b356383429ad39806472113aa41b_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:05c7ffbd4dfa1f6ef760ed86f142d84d4c42583fa0b747eedc234763bef74ebb_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:883f4ae255413c1409d3fb607f91fdf13badf534c5e8f78d9905c8da69cdeeed_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:b7f375f2f1f4eb828ee8255143143385c4662aab967c007a89954903c8a7c27f_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:d29d106e6c0f6a3ae971903a16cf4a564950bcf5336219eb6665cae98b824d33_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:5a2db37676e0f0b05fe2a8c5f82bb489ff3c8dd80f94b9fb3540488ab39ff6ca_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:bab28cfa3596192875dbf305a4ed7432db0ebebec604053d30895931818740cd_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "wheel: wheel: Privilege Escalation or Arbitrary Code Execution via malicious wheel file unpacking"
}
]
}
RHSA-2026:5807
Vulnerability from csaf_redhat - Published: 2026-03-25 12:32 - Updated: 2026-05-07 07:50Summary
Red Hat Security Advisory: RHOAI 2.16.4 - Red Hat OpenShift AI
Severity
Important
Notes
Topic: Updated images are now available for Red Hat OpenShift AI.
Details: Release of RHOAI 2.16.4 provides these changes:
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A local privilege escalation vulnerability has been discovered in containerd. This vulnerability is the result of an overly broad default permission which allows local users on the host to potentially access the metadata store, the content store and the contents of Kubernetes local volumes. The contents of volumes might include setuid binaries, which could allow a local user on the host to elevate privileges on the host.
7.7 (High)
Vendor Fix
For Red Hat OpenShift AI 2.16.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:
https://docs.redhat.com/en/documentation/red_hat_openshift_ai/
https://access.redhat.com/errata/RHSA-2026:5807
Workaround
The system administrator on the host can manually chmod the directories to not
have group or world accessible permissions:
```
chmod 700 /var/lib/containerd
chmod 700 /run/containerd/io.containerd.grpc.v1.cri
chmod 700 /run/containerd/io.containerd.sandbox.controller.v1.shim
```
An alternative mitigation would be to run containerd in rootless mode.
A command injection vulnerability was discovered in the TrustyAI Explainability toolkit. Arbitrary commands placed in certain fields of a LMEValJob custom resource (CR) may be executed in the LMEvalJob pod's terminal. This issue can be exploited via a maliciously crafted LMEvalJob by a user with permissions to deploy a CR.
5.9 (Medium)
Vendor Fix
For Red Hat OpenShift AI 2.16.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:
https://docs.redhat.com/en/documentation/red_hat_openshift_ai/
https://access.redhat.com/errata/RHSA-2026:5807
A path traversal flaw has been discovered in the keras Python library. when used with the extract=True option for tar archives, is vulnerable to a path traversal attack. The utility uses Python's tarfile.extractall function without the filter="data" feature. A remote attacker can craft a malicious tar archive containing special symlinks, which, when extracted, allows them to write arbitrary files to any location on the filesystem outside of the intended destination folder.
8.3 (High)
Vendor Fix
For Red Hat OpenShift AI 2.16.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:
https://docs.redhat.com/en/documentation/red_hat_openshift_ai/
https://access.redhat.com/errata/RHSA-2026:5807
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A path traversal flaw has been discovered in Keras. The vulnerability arises because the function uses Python's tarfile.extractall() method without the security-critical filter='data' parameter. Although Keras attempts to filter unsafe paths using filter_safe_paths(), this filtering occurs before extraction, and a PATH_MAX symlink resolution bug triggers during extraction. This bug causes symlink resolution to fail due to path length limits, resulting in a security bypass that allows files to be written outside the intended extraction directory.
7.6 (High)
Vendor Fix
For Red Hat OpenShift AI 2.16.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:
https://docs.redhat.com/en/documentation/red_hat_openshift_ai/
https://access.redhat.com/errata/RHSA-2026:5807
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in node-forge. This vulnerability allows unauthenticated attackers to bypass downstream cryptographic verifications and security decisions via crafting ASN.1 (Abstract Syntax Notation One) structures to desynchronize schema validations, yielding a semantic divergence.
8.7 (High)
Vendor Fix
For Red Hat OpenShift AI 2.16.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:
https://docs.redhat.com/en/documentation/red_hat_openshift_ai/
https://access.redhat.com/errata/RHSA-2026:5807
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.
7.5 (High)
Vendor Fix
For Red Hat OpenShift AI 2.16.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:
https://docs.redhat.com/en/documentation/red_hat_openshift_ai/
https://access.redhat.com/errata/RHSA-2026:5807
Workaround
Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.
A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.
7.5 (High)
Vendor Fix
For Red Hat OpenShift AI 2.16.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:
https://docs.redhat.com/en/documentation/red_hat_openshift_ai/
https://access.redhat.com/errata/RHSA-2026:5807
An ASN.1 Denial of Service (Dos) vulnerability exists in the node-forge asn1.fromDer function within forge/lib/asn1.js. The ASN.1 DER parser implementation (_fromDer) recurses for every constructed ASN.1 value (SEQUENCE, SET, etc.) and lacks a guard limiting recursion depth. An attacker can craft a small DER blob containing a very large nesting depth of constructed TLVs which causes the Node.js V8 engine to exhaust its call stack and throw RangeError: Maximum call stack size exceeded, crashing or incapacitating the process handling the parse. This is a remote, low-cost Denial-of-Service against applications that parse untrusted ASN.1 objects.
5.3 (Medium)
Vendor Fix
For Red Hat OpenShift AI 2.16.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:
https://docs.redhat.com/en/documentation/red_hat_openshift_ai/
https://access.redhat.com/errata/RHSA-2026:5807
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in urllib3 Python library that could lead to a Denial of Service condition. A remote, malicious server can exploit this flaw by responding to a client request with an HTTP message that uses an excessive number of chained compression algorithms. This unlimited decompression chain causes the client system to consume a virtually unbounded amount of CPU resources and memory. The high resource usage leads to service disruption, making the application unresponsive.
7.5 (High)
Vendor Fix
For Red Hat OpenShift AI 2.16.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:
https://docs.redhat.com/en/documentation/red_hat_openshift_ai/
https://access.redhat.com/errata/RHSA-2026:5807
A path traversal and arbitrary file overwrite vulnerability has been identified in Argo Workflows during the extraction of archived artifacts, where symbolic links inside a crafted archive are not safely validated before file extraction. An attacker could exploit this flaw by submitting a malicious archive containing symbolic links that point outside the intended extraction directory, causing files to be written or overwritten in unintended locations within the workflow pod. Successful exploitation may allow an attacker to overwrite execution control files and achieve arbitrary command execution during pod startup.
8.3 (High)
Vendor Fix
For Red Hat OpenShift AI 2.16.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:
https://docs.redhat.com/en/documentation/red_hat_openshift_ai/
https://access.redhat.com/errata/RHSA-2026:5807
Workaround
No mitigation is currently available that meets Red Hat Product Security’s standards for usability, deployment, applicability, or stability.
A flaw was found in Expr, an expression language and expression evaluation for Go. This vulnerability allows a denial of service (DoS) via recursive traversal over user-provided deeply nested or cyclic data structures without enforcing a maximum recursion depth, leading to a stack overflow panic and application crash.
7.5 (High)
Vendor Fix
For Red Hat OpenShift AI 2.16.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:
https://docs.redhat.com/en/documentation/red_hat_openshift_ai/
https://access.redhat.com/errata/RHSA-2026:5807
Workaround
To mitigate this issue, applications using the `Expr` library should ensure that evaluation environments do not contain cyclic references. Additionally, externally supplied data structures must be validated or sanitized before being passed to `Expr` for evaluation. As a last-resort defensive measure, expression evaluation can be wrapped with panic recovery to prevent a full process crash.
A flaw was found in ajv. When the $data option is enabled, the value of the pattern keyword is passed directly to the JavaScript RegExp() constructor without sufficient validation. An attacker able to supply a malicious regular expression pattern can trigger a ReDoS (Regular Expression Denial of Service), causing the application to become unresponsive and resulting in a denial of service.
7.5 (High)
Vendor Fix
For Red Hat OpenShift AI 2.16.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:
https://docs.redhat.com/en/documentation/red_hat_openshift_ai/
https://access.redhat.com/errata/RHSA-2026:5807
Workaround
To mitigate this issue, disable the $data feature if your application does not require it. If $data must be used, implement strict validation of the input fields that are referenced by the pattern keyword to ensure they contain only expected and safe characters.
A flaw was found in undici. A remote attacker can exploit this vulnerability by sending a specially crafted compressed frame, known as a "decompression bomb," during permessage-deflate decompression. The undici WebSocket client does not properly limit the size of decompressed data, leading to unbounded memory consumption. This can cause the Node.js process to exhaust available memory, resulting in a denial of service (DoS) where the process crashes or becomes unresponsive.
7.5 (High)
Vendor Fix
For Red Hat OpenShift AI 2.16.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:
https://docs.redhat.com/en/documentation/red_hat_openshift_ai/
https://access.redhat.com/errata/RHSA-2026:5807
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in undici. A remote attacker could exploit this vulnerability by sending a specially crafted WebSocket frame with an extremely large 64-bit length. This causes undici's ByteParser to overflow its internal calculations, leading to an invalid state and a fatal TypeError. The primary consequence is a Denial of Service (DoS), which terminates the process.
7.5 (High)
Vendor Fix
For Red Hat OpenShift AI 2.16.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:
https://docs.redhat.com/en/documentation/red_hat_openshift_ai/
https://access.redhat.com/errata/RHSA-2026:5807
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in the undici WebSocket client. A remote malicious server can exploit this vulnerability by sending a WebSocket frame with an invalid `server_max_window_bits` parameter within the permessage-deflate extension. This improper validation causes the client's Node.js process to terminate, leading to a denial-of-service (DoS) condition for the client.
7.5 (High)
Vendor Fix
For Red Hat OpenShift AI 2.16.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:
https://docs.redhat.com/en/documentation/red_hat_openshift_ai/
https://access.redhat.com/errata/RHSA-2026:5807
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in Fastify, a web framework for Node.js. A remote attacker can exploit a validation bypass vulnerability by appending a tab character followed by arbitrary content to the Content-Type header. This circumvents the request body validation schemas, allowing the server to process the body as the original content type without proper validation. This could lead to unexpected data processing and potential integrity impact.
7.5 (High)
Vendor Fix
For Red Hat OpenShift AI 2.16.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:
https://docs.redhat.com/en/documentation/red_hat_openshift_ai/
https://access.redhat.com/errata/RHSA-2026:5807
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
A denial of service flaw has been discovered in the Axios npm package. the mergeConfig function in axios crashes with a TypeError when processing configuration objects containing __proto__ as an own property. An attacker can trigger this by providing a malicious configuration object created via JSON.parse(), causing complete denial of service.
7.5 (High)
Vendor Fix
For Red Hat OpenShift AI 2.16.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:
https://docs.redhat.com/en/documentation/red_hat_openshift_ai/
https://access.redhat.com/errata/RHSA-2026:5807
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in SVGO, an SVG (Scalable Vector Graphics) Optimizer. This vulnerability allows a remote attacker to cause a Denial of Service (DoS) by submitting a specially crafted XML file. The application's failure to properly guard against XML entity expansion or recursion can lead to the Node.js process consuming excessive memory and crashing.
7.5 (High)
Vendor Fix
For Red Hat OpenShift AI 2.16.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:
https://docs.redhat.com/en/documentation/red_hat_openshift_ai/
https://access.redhat.com/errata/RHSA-2026:5807
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A denial of service flaw has been discovered in the flatted npm library. flatted's parse() function uses a recursive revive() phase to resolve circular references in deserialized JSON. When given a crafted payload with deeply nested or self-referential $ indices, the recursion depth is unbounded, causing a stack overflow that crashes the Node.js process.
7.5 (High)
Vendor Fix
For Red Hat OpenShift AI 2.16.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:
https://docs.redhat.com/en/documentation/red_hat_openshift_ai/
https://access.redhat.com/errata/RHSA-2026:5807
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
References
| URL | Category | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated images are now available for Red Hat OpenShift AI.",
"title": "Topic"
},
{
"category": "general",
"text": "Release of RHOAI 2.16.4 provides these changes:",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:5807",
"url": "https://access.redhat.com/errata/RHSA-2026:5807"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-25621",
"url": "https://access.redhat.com/security/cve/CVE-2024-25621"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-12060",
"url": "https://access.redhat.com/security/cve/CVE-2025-12060"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-12638",
"url": "https://access.redhat.com/security/cve/CVE-2025-12638"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-12816",
"url": "https://access.redhat.com/security/cve/CVE-2025-12816"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61726",
"url": "https://access.redhat.com/security/cve/CVE-2025-61726"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61729",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-6193",
"url": "https://access.redhat.com/security/cve/CVE-2025-6193"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66031",
"url": "https://access.redhat.com/security/cve/CVE-2025-66031"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66418",
"url": "https://access.redhat.com/security/cve/CVE-2025-66418"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66626",
"url": "https://access.redhat.com/security/cve/CVE-2025-66626"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-68156",
"url": "https://access.redhat.com/security/cve/CVE-2025-68156"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-69873",
"url": "https://access.redhat.com/security/cve/CVE-2025-69873"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-1526",
"url": "https://access.redhat.com/security/cve/CVE-2026-1526"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-1528",
"url": "https://access.redhat.com/security/cve/CVE-2026-1528"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-2229",
"url": "https://access.redhat.com/security/cve/CVE-2026-2229"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-25223",
"url": "https://access.redhat.com/security/cve/CVE-2026-25223"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-25639",
"url": "https://access.redhat.com/security/cve/CVE-2026-25639"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-29074",
"url": "https://access.redhat.com/security/cve/CVE-2026-29074"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32141",
"url": "https://access.redhat.com/security/cve/CVE-2026-32141"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"url": "https://docs.redhat.com/en/documentation/red_hat_openshift_ai/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_5807.json"
}
],
"title": "Red Hat Security Advisory: RHOAI 2.16.4 - Red Hat OpenShift AI",
"tracking": {
"current_release_date": "2026-05-07T07:50:17+00:00",
"generator": {
"date": "2026-05-07T07:50:17+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.9"
}
},
"id": "RHSA-2026:5807",
"initial_release_date": "2026-03-25T12:32:51+00:00",
"revision_history": [
{
"date": "2026-03-25T12:32:51+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-03-25T12:33:18+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-07T07:50:17+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift AI 2.16",
"product": {
"name": "Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_ai:2.16::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift AI"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"product_id": "registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-codeflare-operator-rhel8@sha256%3Ab68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774282100"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"product_id": "registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-dashboard-rhel8@sha256%3A022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774282136"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"product_id": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-data-science-pipelines-argo-argoexec-rhel8@sha256%3Afd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774282136"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"product_id": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256%3A4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774288148"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"product_id": "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-data-science-pipelines-operator-controller-rhel8@sha256%3A64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774282078"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"product_id": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-kf-notebook-controller-rhel8@sha256%3Ab26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774282201"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"product_id": "registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-kuberay-operator-controller-rhel8@sha256%3A9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774282134"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"product_id": "registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-kueue-controller-rhel8@sha256%3Af38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774282087"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-api-server-v2-rhel8@sha256%3Ac46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774282268"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-driver-rhel8@sha256%3A0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774282328"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-launcher-rhel8@sha256%3Ab82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774282116"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256%3A9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774282159"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256%3A87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774282202"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"product_id": "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-mlmd-grpc-server-rhel8@sha256%3A07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774283932"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"product_id": "registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-mm-rest-proxy-rhel8@sha256%3Aace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774282095"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"product_id": "registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-model-controller-rhel8@sha256%3Aa880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774286327"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"product_id": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-model-registry-operator-rhel8@sha256%3A8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774282093"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"product_id": "registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-model-registry-rhel8@sha256%3A14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774282092"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"product_id": "registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-modelmesh-runtime-adapter-rhel8@sha256%3Aa291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774283191"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"product_id": "registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-modelmesh-serving-controller-rhel8@sha256%3Aae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774282244"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"product_id": "registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-modelmesh-rhel8@sha256%3Aabdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774282058"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"product_id": "registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-notebook-controller-rhel8@sha256%3Aaa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774282170"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"product_id": "registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-operator-bundle@sha256%3A9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774296584"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"product_id": "registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-rhel8-operator@sha256%3A2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774293140"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"product_id": "registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-training-operator-rhel8@sha256%3A6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774282093"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"product_id": "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-trustyai-service-operator-rhel8@sha256%3A297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774285579"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64",
"product_id": "registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-trustyai-service-rhel8@sha256%3A92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1774282073"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64 as a component of Red Hat OpenShift AI 2.16",
"product_id": "Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.16"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-25621",
"cwe": {
"id": "CWE-279",
"name": "Incorrect Execution-Assigned Permissions"
},
"discovery_date": "2025-11-06T19:01:04.402278+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2413190"
}
],
"notes": [
{
"category": "description",
"text": "A local privilege escalation vulnerability has been discovered in containerd. This vulnerability is the result of an overly broad default permission which allows local users on the host to potentially access the metadata store, the content store and the contents of Kubernetes local volumes. The contents of volumes might include setuid binaries, which could allow a local user on the host to elevate privileges on the host.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/containerd/containerd: containerd local privilege escalation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-25621"
},
{
"category": "external",
"summary": "RHBZ#2413190",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413190"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-25621",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25621"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-25621",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-25621"
},
{
"category": "external",
"summary": "https://github.com/containerd/containerd/blob/main/docs/rootless.md",
"url": "https://github.com/containerd/containerd/blob/main/docs/rootless.md"
},
{
"category": "external",
"summary": "https://github.com/containerd/containerd/commit/7c59e8e9e970d38061a77b586b23655c352bfec5",
"url": "https://github.com/containerd/containerd/commit/7c59e8e9e970d38061a77b586b23655c352bfec5"
},
{
"category": "external",
"summary": "https://github.com/containerd/containerd/security/advisories/GHSA-pwhc-rpq9-4c8w",
"url": "https://github.com/containerd/containerd/security/advisories/GHSA-pwhc-rpq9-4c8w"
}
],
"release_date": "2025-11-06T18:36:21.566000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-25T12:32:51+00:00",
"details": "For Red Hat OpenShift AI 2.16.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5807"
},
{
"category": "workaround",
"details": "The system administrator on the host can manually chmod the directories to not\nhave group or world accessible permissions:\n```\nchmod 700 /var/lib/containerd\nchmod 700 /run/containerd/io.containerd.grpc.v1.cri\nchmod 700 /run/containerd/io.containerd.sandbox.controller.v1.shim\n```\nAn alternative mitigation would be to run containerd in rootless mode.",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/containerd/containerd: containerd local privilege escalation"
},
{
"cve": "CVE-2025-6193",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"discovery_date": "2025-06-20T14:05:07.010000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2374032"
}
],
"notes": [
{
"category": "description",
"text": "A command injection vulnerability was discovered in the TrustyAI Explainability toolkit. Arbitrary commands placed in certain fields of a LMEValJob custom resource (CR) may be executed in the LMEvalJob pod\u0027s terminal. This issue can be exploited via a maliciously crafted LMEvalJob by a user with permissions to deploy a CR.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "trustyai-explainability: command injection via LMEvalJob CR",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6193"
},
{
"category": "external",
"summary": "RHBZ#2374032",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2374032"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6193",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6193"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6193",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6193"
},
{
"category": "external",
"summary": "https://github.com/trustyai-explainability/trustyai-service-operator/pull/504",
"url": "https://github.com/trustyai-explainability/trustyai-service-operator/pull/504"
}
],
"release_date": "2025-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-25T12:32:51+00:00",
"details": "For Red Hat OpenShift AI 2.16.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5807"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "trustyai-explainability: command injection via LMEvalJob CR"
},
{
"cve": "CVE-2025-12060",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2025-10-30T18:01:32.193676+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2407443"
}
],
"notes": [
{
"category": "description",
"text": "A path traversal flaw has been discovered in the keras Python library. when used with the extract=True option for tar archives, is vulnerable to a path traversal attack. The utility uses Python\u0027s tarfile.extractall function without the filter=\"data\" feature. A remote attacker can craft a malicious tar archive containing special symlinks, which, when extracted, allows them to write arbitrary files to any location on the filesystem outside of the intended destination folder.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keras: Keras Path Traversal Vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-12060"
},
{
"category": "external",
"summary": "RHBZ#2407443",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2407443"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-12060",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12060"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-12060",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12060"
},
{
"category": "external",
"summary": "https://github.com/keras-team/keras/pull/21760",
"url": "https://github.com/keras-team/keras/pull/21760"
},
{
"category": "external",
"summary": "https://github.com/keras-team/keras/security/advisories/GHSA-hjqc-jx6g-rwp9",
"url": "https://github.com/keras-team/keras/security/advisories/GHSA-hjqc-jx6g-rwp9"
}
],
"release_date": "2025-10-30T17:10:43.868000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-25T12:32:51+00:00",
"details": "For Red Hat OpenShift AI 2.16.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5807"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "keras: Keras Path Traversal Vulnerability"
},
{
"cve": "CVE-2025-12638",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2025-11-28T15:01:10.693633+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2417711"
}
],
"notes": [
{
"category": "description",
"text": "A path traversal flaw has been discovered in Keras. The vulnerability arises because the function uses Python\u0027s tarfile.extractall() method without the security-critical filter=\u0027data\u0027 parameter. Although Keras attempts to filter unsafe paths using filter_safe_paths(), this filtering occurs before extraction, and a PATH_MAX symlink resolution bug triggers during extraction. This bug causes symlink resolution to fail due to path length limits, resulting in a security bypass that allows files to be written outside the intended extraction directory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keras: Path Traversal Vulnerability in keras",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-12638"
},
{
"category": "external",
"summary": "RHBZ#2417711",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417711"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-12638",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12638"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-12638",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12638"
},
{
"category": "external",
"summary": "https://github.com/keras-team/keras/commit/47fcb397ee4caffd5a75efd1fa3067559594e951",
"url": "https://github.com/keras-team/keras/commit/47fcb397ee4caffd5a75efd1fa3067559594e951"
},
{
"category": "external",
"summary": "https://huntr.com/bounties/f94f5beb-54d8-4e6a-8bac-86d9aee103f4",
"url": "https://huntr.com/bounties/f94f5beb-54d8-4e6a-8bac-86d9aee103f4"
}
],
"release_date": "2025-11-28T14:06:02.069000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-25T12:32:51+00:00",
"details": "For Red Hat OpenShift AI 2.16.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5807"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L",
"version": "3.0"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "keras: Path Traversal Vulnerability in keras"
},
{
"cve": "CVE-2025-12816",
"cwe": {
"id": "CWE-179",
"name": "Incorrect Behavior Order: Early Validation"
},
"discovery_date": "2025-11-25T20:01:05.875196+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2417097"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in node-forge. This vulnerability allows unauthenticated attackers to bypass downstream cryptographic verifications and security decisions via crafting ASN.1 (Abstract Syntax Notation One) structures to desynchronize schema validations, yielding a semantic divergence.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: node-forge: Interpretation conflict vulnerability allows bypassing cryptographic verifications",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products due to an interpretation conflict in the node-forge library. An unauthenticated attacker could exploit this flaw by crafting malicious ASN.1 structures, leading to a bypass of cryptographic verifications and security decisions in affected applications. This impacts various Red Hat products that utilize node-forge for cryptographic operations.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-12816"
},
{
"category": "external",
"summary": "RHBZ#2417097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-12816",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12816"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-12816",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12816"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge",
"url": "https://github.com/digitalbazaar/forge"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/pull/1124",
"url": "https://github.com/digitalbazaar/forge/pull/1124"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5gfm-wpxj-wjgq",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5gfm-wpxj-wjgq"
},
{
"category": "external",
"summary": "https://kb.cert.org/vuls/id/521113",
"url": "https://kb.cert.org/vuls/id/521113"
},
{
"category": "external",
"summary": "https://www.npmjs.com/package/node-forge",
"url": "https://www.npmjs.com/package/node-forge"
}
],
"release_date": "2025-11-25T19:15:50.243000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-25T12:32:51+00:00",
"details": "For Red Hat OpenShift AI 2.16.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5807"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "node-forge: node-forge: Interpretation conflict vulnerability allows bypassing cryptographic verifications"
},
{
"cve": "CVE-2025-61726",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-28T20:01:42.791305+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2434432"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/url: Memory exhaustion in query parameter parsing in net/url",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker must be able to send a specially crafted HTTP request to an application parsing URL-encoded forms with net/url, specifically a request containing a large number of unique query parameters. The request will cause the application to consume an excessive amount of memory and eventually result in a denial of service, with no impact to confidentiality or integrity. Due to this reason, this vulnerability has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61726"
},
{
"category": "external",
"summary": "RHBZ#2434432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434432"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61726"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"category": "external",
"summary": "https://go.dev/cl/736712",
"url": "https://go.dev/cl/736712"
},
{
"category": "external",
"summary": "https://go.dev/issue/77101",
"url": "https://go.dev/issue/77101"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
"url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4341",
"url": "https://pkg.go.dev/vuln/GO-2026-4341"
}
],
"release_date": "2026-01-28T19:30:31.215000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-25T12:32:51+00:00",
"details": "For Red Hat OpenShift AI 2.16.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5807"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/url: Memory exhaustion in query parameter parsing in net/url"
},
{
"cve": "CVE-2025-61729",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2025-12-02T20:01:45.330964+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418462"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "RHBZ#2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://go.dev/cl/725920",
"url": "https://go.dev/cl/725920"
},
{
"category": "external",
"summary": "https://go.dev/issue/76445",
"url": "https://go.dev/issue/76445"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4",
"url": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4155",
"url": "https://pkg.go.dev/vuln/GO-2025-4155"
}
],
"release_date": "2025-12-02T18:54:10.166000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-25T12:32:51+00:00",
"details": "For Red Hat OpenShift AI 2.16.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5807"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate"
},
{
"cve": "CVE-2025-66031",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2025-11-26T23:01:36.363253+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2417397"
}
],
"notes": [
{
"category": "description",
"text": "An ASN.1 Denial of Service (Dos) vulnerability exists in the node-forge asn1.fromDer function within forge/lib/asn1.js. The ASN.1 DER parser implementation (_fromDer) recurses for every constructed ASN.1 value (SEQUENCE, SET, etc.) and lacks a guard limiting recursion depth. An attacker can craft a small DER blob containing a very large nesting depth of constructed TLVs which causes the Node.js V8 engine to exhaust its call stack and throw RangeError: Maximum call stack size exceeded, crashing or incapacitating the process handling the parse. This is a remote, low-cost Denial-of-Service against applications that parse untrusted ASN.1 objects.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: node-forge ASN.1 Unbounded Recursion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66031"
},
{
"category": "external",
"summary": "RHBZ#2417397",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417397"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66031",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66031"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66031",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66031"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/commit/260425c6167a38aae038697132483b5517b26451",
"url": "https://github.com/digitalbazaar/forge/commit/260425c6167a38aae038697132483b5517b26451"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-554w-wpv2-vw27",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-554w-wpv2-vw27"
}
],
"release_date": "2025-11-26T22:23:26.013000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-25T12:32:51+00:00",
"details": "For Red Hat OpenShift AI 2.16.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5807"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "node-forge: node-forge ASN.1 Unbounded Recursion"
},
{
"cve": "CVE-2025-66418",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-12-05T17:01:20.277857+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419455"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in urllib3 Python library that could lead to a Denial of Service condition. A remote, malicious server can exploit this flaw by responding to a client request with an HTTP message that uses an excessive number of chained compression algorithms. This unlimited decompression chain causes the client system to consume a virtually unbounded amount of CPU resources and memory. The high resource usage leads to service disruption, making the application unresponsive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66418"
},
{
"category": "external",
"summary": "RHBZ#2419455",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419455"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66418"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66418",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66418"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/24d7b67eac89f94e11003424bcf0d8f7b72222a8",
"url": "https://github.com/urllib3/urllib3/commit/24d7b67eac89f94e11003424bcf0d8f7b72222a8"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53"
}
],
"release_date": "2025-12-05T16:02:15.271000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-25T12:32:51+00:00",
"details": "For Red Hat OpenShift AI 2.16.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5807"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion"
},
{
"cve": "CVE-2025-66626",
"cwe": {
"id": "CWE-73",
"name": "External Control of File Name or Path"
},
"discovery_date": "2025-12-09T21:01:10.560389+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2420818"
}
],
"notes": [
{
"category": "description",
"text": "A path traversal and arbitrary file overwrite vulnerability has been identified in Argo Workflows during the extraction of archived artifacts, where symbolic links inside a crafted archive are not safely validated before file extraction. An attacker could exploit this flaw by submitting a malicious archive containing symbolic links that point outside the intended extraction directory, causing files to be written or overwritten in unintended locations within the workflow pod. Successful exploitation may allow an attacker to overwrite execution control files and achieve arbitrary command execution during pod startup.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/argoproj/argo-workflows: argoproj/argo-workflows is vulnerable to RCE via ZipSlip and symbolic links",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Product Security has rated this issue as High severity (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H, 8.3) because an attacker with basic workflow submission privileges can supply a specially crafted archive that is automatically extracted without proper validation. The attack complexity is low and does not require user interaction once the malicious workflow is submitted. Successful exploitation allows arbitrary file overwrite within the affected pod, including critical execution files, which can result in code execution at pod startup. While the impact is generally limited to the compromised pod and does not directly lead to host-level compromise, the integrity and availability impacts within the container are significant, justifying a High severity rating.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66626"
},
{
"category": "external",
"summary": "RHBZ#2420818",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2420818"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66626",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66626"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66626",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66626"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-p84v-gxvw-73pf",
"url": "https://github.com/advisories/GHSA-p84v-gxvw-73pf"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-workflows/blob/5291e0b01f94ba864f96f795bb500f2cfc5ad799/workflow/executor/executor.go#L1034-L1037",
"url": "https://github.com/argoproj/argo-workflows/blob/5291e0b01f94ba864f96f795bb500f2cfc5ad799/workflow/executor/executor.go#L1034-L1037"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-workflows/commit/6b92af23f35aed4d4de8b04adcaf19d68f006de1",
"url": "https://github.com/argoproj/argo-workflows/commit/6b92af23f35aed4d4de8b04adcaf19d68f006de1"
},
{
"category": "external",
"summary": "https://github.com/argoproj/argo-workflows/security/advisories/GHSA-xrqc-7xgx-c9vh",
"url": "https://github.com/argoproj/argo-workflows/security/advisories/GHSA-xrqc-7xgx-c9vh"
}
],
"release_date": "2025-12-09T20:19:14.680000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-25T12:32:51+00:00",
"details": "For Red Hat OpenShift AI 2.16.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5807"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/argoproj/argo-workflows: argoproj/argo-workflows is vulnerable to RCE via ZipSlip and symbolic links"
},
{
"cve": "CVE-2025-68156",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-12-16T19:01:42.049157+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2422891"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Expr, an expression language and expression evaluation for Go. This vulnerability allows a denial of service (DoS) via recursive traversal over user-provided deeply nested or cyclic data structures without enforcing a maximum recursion depth, leading to a stack overflow panic and application crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/expr-lang/expr: Expr: Denial of Service via uncontrolled recursion in expression evaluation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products utilizing the `Expr` Go library because it can lead to a denial-of-service. Exploitation requires an application to evaluate expressions against untrusted or insufficiently validated data structures containing deeply nested or cyclic references, which can cause a stack overflow and application crash. Products that do not process untrusted input with `Expr` are not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68156"
},
{
"category": "external",
"summary": "RHBZ#2422891",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2422891"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68156",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68156"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68156",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68156"
},
{
"category": "external",
"summary": "https://github.com/expr-lang/expr/pull/870",
"url": "https://github.com/expr-lang/expr/pull/870"
},
{
"category": "external",
"summary": "https://github.com/expr-lang/expr/security/advisories/GHSA-cfpf-hrx2-8rv6",
"url": "https://github.com/expr-lang/expr/security/advisories/GHSA-cfpf-hrx2-8rv6"
}
],
"release_date": "2025-12-16T18:24:11.648000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-25T12:32:51+00:00",
"details": "For Red Hat OpenShift AI 2.16.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5807"
},
{
"category": "workaround",
"details": "To mitigate this issue, applications using the `Expr` library should ensure that evaluation environments do not contain cyclic references. Additionally, externally supplied data structures must be validated or sanitized before being passed to `Expr` for evaluation. As a last-resort defensive measure, expression evaluation can be wrapped with panic recovery to prevent a full process crash.",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/expr-lang/expr: Expr: Denial of Service via uncontrolled recursion in expression evaluation"
},
{
"cve": "CVE-2025-69873",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2026-02-11T19:01:32.953264+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2439070"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in ajv. When the $data option is enabled, the value of the pattern keyword is passed directly to the JavaScript RegExp() constructor without sufficient validation. An attacker able to supply a malicious regular expression pattern can trigger a ReDoS (Regular Expression Denial of Service), causing the application to become unresponsive and resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ajv: ReDoS via $data reference",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, the $data option must be enabled and the attacker needs to be able to send a payload with a specially crafted regular expression to the application processing the input. A 31-character payload causes approximately 44 seconds of execution, with each additional character doubling the execution time. Therefore, even a small payload can cause an application to become unresponsive and eventually result in a denial of service. Due to this reason, this flaw has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-69873"
},
{
"category": "external",
"summary": "RHBZ#2439070",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439070"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-69873",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69873"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-69873",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69873"
},
{
"category": "external",
"summary": "https://github.com/EthanKim88/ethan-cve-disclosures/blob/main/CVE-2025-69873-ajv-ReDoS.md",
"url": "https://github.com/EthanKim88/ethan-cve-disclosures/blob/main/CVE-2025-69873-ajv-ReDoS.md"
}
],
"release_date": "2026-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-25T12:32:51+00:00",
"details": "For Red Hat OpenShift AI 2.16.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5807"
},
{
"category": "workaround",
"details": "To mitigate this issue, disable the $data feature if your application does not require it. If $data must be used, implement strict validation of the input fields that are referenced by the pattern keyword to ensure they contain only expected and safe characters.",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "ajv: ReDoS via $data reference"
},
{
"cve": "CVE-2026-1526",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-03-12T21:01:25.538271+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447142"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in undici. A remote attacker can exploit this vulnerability by sending a specially crafted compressed frame, known as a \"decompression bomb,\" during permessage-deflate decompression. The undici WebSocket client does not properly limit the size of decompressed data, leading to unbounded memory consumption. This can cause the Node.js process to exhaust available memory, resulting in a denial of service (DoS) where the process crashes or becomes unresponsive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: undici: Denial of Service via unbounded memory consumption during WebSocket permessage-deflate decompression",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-1526"
},
{
"category": "external",
"summary": "RHBZ#2447142",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447142"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-1526",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1526"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-1526",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1526"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://datatracker.ietf.org/doc/html/rfc7692",
"url": "https://datatracker.ietf.org/doc/html/rfc7692"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-vrm6-8vpv-qv8q",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-vrm6-8vpv-qv8q"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3481206",
"url": "https://hackerone.com/reports/3481206"
}
],
"release_date": "2026-03-12T20:08:05.950000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-25T12:32:51+00:00",
"details": "For Red Hat OpenShift AI 2.16.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5807"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undici: undici: Denial of Service via unbounded memory consumption during WebSocket permessage-deflate decompression"
},
{
"cve": "CVE-2026-1528",
"cwe": {
"id": "CWE-248",
"name": "Uncaught Exception"
},
"discovery_date": "2026-03-12T21:01:36.954017+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447145"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in undici. A remote attacker could exploit this vulnerability by sending a specially crafted WebSocket frame with an extremely large 64-bit length. This causes undici\u0027s ByteParser to overflow its internal calculations, leading to an invalid state and a fatal TypeError. The primary consequence is a Denial of Service (DoS), which terminates the process.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: undici: Denial of Service via crafted WebSocket frame with large length",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-1528"
},
{
"category": "external",
"summary": "RHBZ#2447145",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447145"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-1528",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1528"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-1528",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1528"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-f269-vfmq-vjvj",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-f269-vfmq-vjvj"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3537648",
"url": "https://hackerone.com/reports/3537648"
}
],
"release_date": "2026-03-12T20:21:57.775000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-25T12:32:51+00:00",
"details": "For Red Hat OpenShift AI 2.16.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5807"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undici: undici: Denial of Service via crafted WebSocket frame with large length"
},
{
"cve": "CVE-2026-2229",
"cwe": {
"id": "CWE-248",
"name": "Uncaught Exception"
},
"discovery_date": "2026-03-12T21:01:29.187989+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447143"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the undici WebSocket client. A remote malicious server can exploit this vulnerability by sending a WebSocket frame with an invalid `server_max_window_bits` parameter within the permessage-deflate extension. This improper validation causes the client\u0027s Node.js process to terminate, leading to a denial-of-service (DoS) condition for the client.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: Undici: Denial of Service via invalid WebSocket permessage-deflate extension parameter",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-2229"
},
{
"category": "external",
"summary": "RHBZ#2447143",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447143"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-2229",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2229"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-2229",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-2229"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://datatracker.ietf.org/doc/html/rfc7692",
"url": "https://datatracker.ietf.org/doc/html/rfc7692"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-v9p9-hfj2-hcw8",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-v9p9-hfj2-hcw8"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3487486",
"url": "https://hackerone.com/reports/3487486"
},
{
"category": "external",
"summary": "https://nodejs.org/api/zlib.html#class-zlibinflateraw",
"url": "https://nodejs.org/api/zlib.html#class-zlibinflateraw"
}
],
"release_date": "2026-03-12T20:27:05.600000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-25T12:32:51+00:00",
"details": "For Red Hat OpenShift AI 2.16.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5807"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undici: Undici: Denial of Service via invalid WebSocket permessage-deflate extension parameter"
},
{
"cve": "CVE-2026-25223",
"cwe": {
"id": "CWE-179",
"name": "Incorrect Behavior Order: Early Validation"
},
"discovery_date": "2026-02-03T22:01:19.884891+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2436560"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Fastify, a web framework for Node.js. A remote attacker can exploit a validation bypass vulnerability by appending a tab character followed by arbitrary content to the Content-Type header. This circumvents the request body validation schemas, allowing the server to process the body as the original content type without proper validation. This could lead to unexpected data processing and potential integrity impact.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Fastify: Fastify: Validation bypass due to malformed Content-Type header leading to integrity impact",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This IMPORTANT vulnerability in Fastify, a Node.js web framework, allows remote attackers to bypass request body validation by manipulating the Content-Type header. This can lead to unexpected data processing and integrity issues in applications. Red Hat products such as Red Hat Enterprise Linux AI, Red Hat OpenShift AI, and Red Hat OpenShift Dev Spaces are affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25223"
},
{
"category": "external",
"summary": "RHBZ#2436560",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2436560"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25223",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25223"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25223",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25223"
},
{
"category": "external",
"summary": "https://fastify.dev/docs/latest/Reference/Validation-and-Serialization",
"url": "https://fastify.dev/docs/latest/Reference/Validation-and-Serialization"
},
{
"category": "external",
"summary": "https://github.com/fastify/fastify/blob/759e9787b5669abf953068e42a17bffba7521348/lib/content-type-parser.js#L125",
"url": "https://github.com/fastify/fastify/blob/759e9787b5669abf953068e42a17bffba7521348/lib/content-type-parser.js#L125"
},
{
"category": "external",
"summary": "https://github.com/fastify/fastify/blob/759e9787b5669abf953068e42a17bffba7521348/lib/validation.js#L272",
"url": "https://github.com/fastify/fastify/blob/759e9787b5669abf953068e42a17bffba7521348/lib/validation.js#L272"
},
{
"category": "external",
"summary": "https://github.com/fastify/fastify/commit/32d7b6add39ddf082d92579a58bea7018c5ac821",
"url": "https://github.com/fastify/fastify/commit/32d7b6add39ddf082d92579a58bea7018c5ac821"
},
{
"category": "external",
"summary": "https://github.com/fastify/fastify/security/advisories/GHSA-jx2c-rxcm-jvmq",
"url": "https://github.com/fastify/fastify/security/advisories/GHSA-jx2c-rxcm-jvmq"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3464114",
"url": "https://hackerone.com/reports/3464114"
}
],
"release_date": "2026-02-03T21:21:40.268000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-25T12:32:51+00:00",
"details": "For Red Hat OpenShift AI 2.16.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5807"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Fastify: Fastify: Validation bypass due to malformed Content-Type header leading to integrity impact"
},
{
"cve": "CVE-2026-25639",
"cwe": {
"id": "CWE-1287",
"name": "Improper Validation of Specified Type of Input"
},
"discovery_date": "2026-02-09T21:00:49.280114+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2438237"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service flaw has been discovered in the Axios npm package. the mergeConfig function in axios crashes with a TypeError when processing configuration objects containing __proto__ as an own property. An attacker can trigger this by providing a malicious configuration object created via JSON.parse(), causing complete denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios affected by Denial of Service via __proto__ Key in mergeConfig",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25639"
},
{
"category": "external",
"summary": "RHBZ#2438237",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2438237"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25639",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25639"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25639",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25639"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/commit/28c721588c7a77e7503d0a434e016f852c597b57",
"url": "https://github.com/axios/axios/commit/28c721588c7a77e7503d0a434e016f852c597b57"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/releases/tag/v1.13.5",
"url": "https://github.com/axios/axios/releases/tag/v1.13.5"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-43fc-jf86-j433",
"url": "https://github.com/axios/axios/security/advisories/GHSA-43fc-jf86-j433"
}
],
"release_date": "2026-02-09T20:11:22.374000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-25T12:32:51+00:00",
"details": "For Red Hat OpenShift AI 2.16.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5807"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios affected by Denial of Service via __proto__ Key in mergeConfig"
},
{
"cve": "CVE-2026-29074",
"cwe": {
"id": "CWE-776",
"name": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)"
},
"discovery_date": "2026-03-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445132"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in SVGO, an SVG (Scalable Vector Graphics) Optimizer. This vulnerability allows a remote attacker to cause a Denial of Service (DoS) by submitting a specially crafted XML file. The application\u0027s failure to properly guard against XML entity expansion or recursion can lead to the Node.js process consuming excessive memory and crashing.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "svgo: SVGO: Denial of Service via XML entity expansion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-29074"
},
{
"category": "external",
"summary": "RHBZ#2445132",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445132"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-29074",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-29074"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-29074",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-29074"
},
{
"category": "external",
"summary": "https://github.com/svg/svgo/security/advisories/GHSA-xpqw-6gx7-v673",
"url": "https://github.com/svg/svgo/security/advisories/GHSA-xpqw-6gx7-v673"
}
],
"release_date": "2026-03-06T07:23:05.716000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-25T12:32:51+00:00",
"details": "For Red Hat OpenShift AI 2.16.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5807"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "svgo: SVGO: Denial of Service via XML entity expansion"
},
{
"cve": "CVE-2026-32141",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-03-12T19:01:30.987208+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447083"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service flaw has been discovered in the flatted npm library. flatted\u0027s parse() function uses a recursive revive() phase to resolve circular references in deserialized JSON. When given a crafted payload with deeply nested or self-referential $ indices, the recursion depth is unbounded, causing a stack overflow that crashes the Node.js process.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flatted: flatted: Unbounded recursion DoS in parse() revive phase",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32141"
},
{
"category": "external",
"summary": "RHBZ#2447083",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447083"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32141",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32141"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32141",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32141"
},
{
"category": "external",
"summary": "https://github.com/WebReflection/flatted/commit/7eb65d857e1a40de11c47461cdbc8541449f0606",
"url": "https://github.com/WebReflection/flatted/commit/7eb65d857e1a40de11c47461cdbc8541449f0606"
},
{
"category": "external",
"summary": "https://github.com/WebReflection/flatted/pull/88",
"url": "https://github.com/WebReflection/flatted/pull/88"
},
{
"category": "external",
"summary": "https://github.com/WebReflection/flatted/security/advisories/GHSA-25h7-pfq9-p65f",
"url": "https://github.com/WebReflection/flatted/security/advisories/GHSA-25h7-pfq9-p65f"
}
],
"release_date": "2026-03-12T18:08:09.634000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-25T12:32:51+00:00",
"details": "For Red Hat OpenShift AI 2.16.4 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:5807"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-codeflare-operator-rhel8@sha256:b68b73951beeabe942be43f65e778ff98e1cdfc6fdb4b052794f0cd4b191b819_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-dashboard-rhel8@sha256:022c21f044dead0ff28bfc5fb5fb2fd51f3ed8e1a6cfc90bd18222abf0388018_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel8@sha256:fd02f0f70e38c947cdc307be3d9660f87262d92c5a361fa1bf68f24a72c91476_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8@sha256:4e77720ec7972239d2b5198afc01ebd5dd777a1f75c2d19dbfeeb44f7adf729c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel8@sha256:64b60a2fcfb9806422127db0a7c42f665fa41f47cbe8fe2b98c6bc20b6a1bf28_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel8@sha256:b26f5118ae8e7e25783233698fe0d5df1e56cde8d75f745204d9f78c4d838412_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel8@sha256:9855fe0311c11b91fa38d205a65c0ad41b9447267408b3e7eb8f9b4c1d727acf_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-kueue-controller-rhel8@sha256:f38932929d45522b0cfd9e2dd87682a3495688aad859b3a8dac51398860e0e95_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel8@sha256:c46e2392d44830fc612d1dc41ed953352dadcef696bc50a848d2cc5de694e1ca_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel8@sha256:0a30729330611926e635ec292bac2f5b7ce9f677aaff7f84b23549b2bbbd506d_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel8@sha256:b82bbdac9d911544af8bc55ce7e688610be23cf6c31676af30fea76e3613d125_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel8@sha256:9cfe909d46447d1dad8fd6a2319873d43b680b260d31f009eb086e22ad706f16_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel8@sha256:87129d071d526f8e4fe597f23ea169bf3920e0d52b7a7698e8c5685ef84b8f4a_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel8@sha256:07d85d51bfd8caddf447d7ea8c9b0c30879c03d8c3b9110cb86fc54e63ff0b48_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel8@sha256:ace145ce198785d2b587c4206d915f3c0e0ebe0b051cdd16ccc82cbc74e11352_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-controller-rhel8@sha256:a880b9fd06cd7206e3397025371ba3a3655798be5d64bed620f3847ff6a0b5ac_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-operator-rhel8@sha256:8b7e95c316a28938a37b885d3e5c0503728add4b75066f3953430e5385dcacf5_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-model-registry-rhel8@sha256:14245353d924e3416f1b637ba1fec18a3218d9402965ff0acdfd2497e294f9ae_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-rhel8@sha256:abdb41f0a3c3f60094b48b2b69545968292446e3a609c42fdb51f27b4ef7ae81_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel8@sha256:a291cd5f04c559fd16477ae2ad364a350c4bf0c5a3f5aa2e614260fd4a5bece2_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel8@sha256:ae2514c29fedec9401a594ca3fe5e7ca132d23f2f2a1966b5f6cc7bb8b99d75b_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-notebook-controller-rhel8@sha256:aa551353c01d864361785cded067ec32e5bb3e478964aa540749b6a23f93b4db_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-operator-bundle@sha256:9407349c0fbf8d8be227d61d21e4ca9cc2d640c18ca040dfd94c33f0b1250f29_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-rhel8-operator@sha256:2e62a8a86b30347004012213f9af230d957cbb3f96771aa68490be6a3e22d949_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-training-operator-rhel8@sha256:6617c8beeb481dd39ae877b08361a377bc946fdf97787445bbec5bb3a0a0be1c_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel8@sha256:297d22ca72b764328f7d0b85f7f7c013c91ca85d70f08be45a6689c85da6b311_amd64",
"Red Hat OpenShift AI 2.16:registry.redhat.io/rhoai/odh-trustyai-service-rhel8@sha256:92571ea118c1b28b480cd40c1006e8d057e959cd2fd8e01f300926ccadd46fc7_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "flatted: flatted: Unbounded recursion DoS in parse() revive phase"
}
]
}
RHSA-2025:22936
Vulnerability from csaf_redhat - Published: 2025-12-09 14:58 - Updated: 2026-05-06 20:54Summary
Red Hat Security Advisory: Kiali 1.73.25 for Red Hat OpenShift Service Mesh 2.6
Severity
Important
Notes
Topic: Kiali 1.73.25 for Red Hat OpenShift Service Mesh 2.6
Details: Kiali 1.73.25, for Red Hat OpenShift Service Mesh 2.6, provides observability for the service mesh by offering a visual representation of the mesh topology and metrics, helping users monitor, trace, and manage efficiently
Security Fix(es):
* kiali-ossmc-rhel9: node-forge ASN.1 Unbounded Recursion (CVE-2025-66031)
* kiali-rhel9: node-forge ASN.1 Unbounded Recursion (CVE-2025-66031)
* kiali-ossmc-rhel9: glob CLI: Command injection via -c/--cmd executes matches with shell:true (CVE-2025-64756)
* kiali-rhel9: glob CLI: Command injection via -c/--cmd executes matches with shell:true (CVE-2025-64756)
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in node-forge. This vulnerability allows unauthenticated attackers to bypass downstream cryptographic verifications and security decisions via crafting ASN.1 (Abstract Syntax Notation One) structures to desynchronize schema validations, yielding a semantic divergence.
8.7 (High)
Vendor Fix
See Kiali 1.73.25 documentation at https://docs.redhat.com/en/documentation/openshift_container_platform/4.18/html/service_mesh/service-mesh-2-x
https://access.redhat.com/errata/RHSA-2025:22936
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
A flaw was found in glob. This vulnerability allows arbitrary command execution via processing files with malicious names when the glob command-line interface (CLI) is used with the -c/--cmd option, enabling shell metacharacters to trigger command injection.
7.5 (High)
Vendor Fix
See Kiali 1.73.25 documentation at https://docs.redhat.com/en/documentation/openshift_container_platform/4.18/html/service_mesh/service-mesh-2-x
https://access.redhat.com/errata/RHSA-2025:22936
Workaround
To mitigate this issue, avoid using the `glob` command-line interface with the `-c` or `--cmd` option when processing filenames from untrusted sources. If programmatic use of `glob` is necessary, ensure that filenames are thoroughly sanitized before being passed to commands executed with shell interpretation enabled.
An ASN.1 Denial of Service (Dos) vulnerability exists in the node-forge asn1.fromDer function within forge/lib/asn1.js. The ASN.1 DER parser implementation (_fromDer) recurses for every constructed ASN.1 value (SEQUENCE, SET, etc.) and lacks a guard limiting recursion depth. An attacker can craft a small DER blob containing a very large nesting depth of constructed TLVs which causes the Node.js V8 engine to exhaust its call stack and throw RangeError: Maximum call stack size exceeded, crashing or incapacitating the process handling the parse. This is a remote, low-cost Denial-of-Service against applications that parse untrusted ASN.1 objects.
5.3 (Medium)
Vendor Fix
See Kiali 1.73.25 documentation at https://docs.redhat.com/en/documentation/openshift_container_platform/4.18/html/service_mesh/service-mesh-2-x
https://access.redhat.com/errata/RHSA-2025:22936
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
References
| URL | Category | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Kiali 1.73.25 for Red Hat OpenShift Service Mesh 2.6",
"title": "Topic"
},
{
"category": "general",
"text": "Kiali 1.73.25, for Red Hat OpenShift Service Mesh 2.6, provides observability for the service mesh by offering a visual representation of the mesh topology and metrics, helping users monitor, trace, and manage efficiently\n\nSecurity Fix(es):\n\n* kiali-ossmc-rhel9: node-forge ASN.1 Unbounded Recursion (CVE-2025-66031)\n\n* kiali-rhel9: node-forge ASN.1 Unbounded Recursion (CVE-2025-66031)\n\n* kiali-ossmc-rhel9: glob CLI: Command injection via -c/--cmd executes matches with shell:true (CVE-2025-64756)\n\n* kiali-rhel9: glob CLI: Command injection via -c/--cmd executes matches with shell:true (CVE-2025-64756)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:22936",
"url": "https://access.redhat.com/errata/RHSA-2025:22936"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-64756",
"url": "https://access.redhat.com/security/cve/CVE-2025-64756"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66031",
"url": "https://access.redhat.com/security/cve/CVE-2025-66031"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/cve-2025-64756",
"url": "https://access.redhat.com/security/cve/cve-2025-64756"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/cve-2025-66031",
"url": "https://access.redhat.com/security/cve/cve-2025-66031"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/cve-2025-12816",
"url": "https://access.redhat.com/security/cve/cve-2025-12816"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification",
"url": "https://access.redhat.com/security/updates/classification"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_22936.json"
}
],
"title": "Red Hat Security Advisory: Kiali 1.73.25 for Red Hat OpenShift Service Mesh 2.6",
"tracking": {
"current_release_date": "2026-05-06T20:54:27+00:00",
"generator": {
"date": "2026-05-06T20:54:27+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.9"
}
},
"id": "RHSA-2025:22936",
"initial_release_date": "2025-12-09T14:58:58+00:00",
"revision_history": [
{
"date": "2025-12-09T14:58:58+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-12-12T21:35:51+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-06T20:54:27+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Service Mesh 2.6",
"product": {
"name": "Red Hat OpenShift Service Mesh 2.6",
"product_id": "Red Hat OpenShift Service Mesh 2.6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:service_mesh:2.6::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Service Mesh"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:add09864ea186e10cbf36efa26c5e2be626c6e2a47726379d209e5a6cc5698fe_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:add09864ea186e10cbf36efa26c5e2be626c6e2a47726379d209e5a6cc5698fe_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:add09864ea186e10cbf36efa26c5e2be626c6e2a47726379d209e5a6cc5698fe_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256%3Aadd09864ea186e10cbf36efa26c5e2be626c6e2a47726379d209e5a6cc5698fe?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1.73.25-1764836020"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:ecd14b0b642cfcac1030a22e2f57a05ae0fd2d63a1f41c975487f30e34fef5d8_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:ecd14b0b642cfcac1030a22e2f57a05ae0fd2d63a1f41c975487f30e34fef5d8_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:ecd14b0b642cfcac1030a22e2f57a05ae0fd2d63a1f41c975487f30e34fef5d8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256%3Aecd14b0b642cfcac1030a22e2f57a05ae0fd2d63a1f41c975487f30e34fef5d8?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1.73.25-1764836138"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:5fa584e152eb852c9f9dd2ec07c4857924a87470bb92934cbd48efdb0ca238ba_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:5fa584e152eb852c9f9dd2ec07c4857924a87470bb92934cbd48efdb0ca238ba_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:5fa584e152eb852c9f9dd2ec07c4857924a87470bb92934cbd48efdb0ca238ba_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256%3A5fa584e152eb852c9f9dd2ec07c4857924a87470bb92934cbd48efdb0ca238ba?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1.73.25-1764836020"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:7ac05f2197eeba5533ad6ad6360e817d57de2f6893c260c20a7484945fceda92_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:7ac05f2197eeba5533ad6ad6360e817d57de2f6893c260c20a7484945fceda92_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:7ac05f2197eeba5533ad6ad6360e817d57de2f6893c260c20a7484945fceda92_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256%3A7ac05f2197eeba5533ad6ad6360e817d57de2f6893c260c20a7484945fceda92?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1.73.25-1764836138"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:accf357afa34ff4573ec5a538edfdd37b35f3aeabf786bd6a469f1f457498654_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:accf357afa34ff4573ec5a538edfdd37b35f3aeabf786bd6a469f1f457498654_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:accf357afa34ff4573ec5a538edfdd37b35f3aeabf786bd6a469f1f457498654_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256%3Aaccf357afa34ff4573ec5a538edfdd37b35f3aeabf786bd6a469f1f457498654?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1.73.25-1764836020"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:ab2b4a1a2d1e5230e3c092af3827a21c0838702ae227afd786925d1704002afd_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:ab2b4a1a2d1e5230e3c092af3827a21c0838702ae227afd786925d1704002afd_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:ab2b4a1a2d1e5230e3c092af3827a21c0838702ae227afd786925d1704002afd_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256%3Aab2b4a1a2d1e5230e3c092af3827a21c0838702ae227afd786925d1704002afd?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1.73.25-1764836138"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:29e6ecab0c0f10c17b752d30978dbda4892b3cf471344faa182ac0b86ee76928_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:29e6ecab0c0f10c17b752d30978dbda4892b3cf471344faa182ac0b86ee76928_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:29e6ecab0c0f10c17b752d30978dbda4892b3cf471344faa182ac0b86ee76928_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256%3A29e6ecab0c0f10c17b752d30978dbda4892b3cf471344faa182ac0b86ee76928?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1.73.25-1764836020"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:c34b5d86b07705fd0d610ba37bb54a5612b6aba81f04e661b207a2eb0209bea2_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:c34b5d86b07705fd0d610ba37bb54a5612b6aba81f04e661b207a2eb0209bea2_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:c34b5d86b07705fd0d610ba37bb54a5612b6aba81f04e661b207a2eb0209bea2_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256%3Ac34b5d86b07705fd0d610ba37bb54a5612b6aba81f04e661b207a2eb0209bea2?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1.73.25-1764836138"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:7ac05f2197eeba5533ad6ad6360e817d57de2f6893c260c20a7484945fceda92_arm64 as a component of Red Hat OpenShift Service Mesh 2.6",
"product_id": "Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:7ac05f2197eeba5533ad6ad6360e817d57de2f6893c260c20a7484945fceda92_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:7ac05f2197eeba5533ad6ad6360e817d57de2f6893c260c20a7484945fceda92_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:ab2b4a1a2d1e5230e3c092af3827a21c0838702ae227afd786925d1704002afd_ppc64le as a component of Red Hat OpenShift Service Mesh 2.6",
"product_id": "Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:ab2b4a1a2d1e5230e3c092af3827a21c0838702ae227afd786925d1704002afd_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:ab2b4a1a2d1e5230e3c092af3827a21c0838702ae227afd786925d1704002afd_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:c34b5d86b07705fd0d610ba37bb54a5612b6aba81f04e661b207a2eb0209bea2_s390x as a component of Red Hat OpenShift Service Mesh 2.6",
"product_id": "Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:c34b5d86b07705fd0d610ba37bb54a5612b6aba81f04e661b207a2eb0209bea2_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:c34b5d86b07705fd0d610ba37bb54a5612b6aba81f04e661b207a2eb0209bea2_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:ecd14b0b642cfcac1030a22e2f57a05ae0fd2d63a1f41c975487f30e34fef5d8_amd64 as a component of Red Hat OpenShift Service Mesh 2.6",
"product_id": "Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:ecd14b0b642cfcac1030a22e2f57a05ae0fd2d63a1f41c975487f30e34fef5d8_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:ecd14b0b642cfcac1030a22e2f57a05ae0fd2d63a1f41c975487f30e34fef5d8_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:29e6ecab0c0f10c17b752d30978dbda4892b3cf471344faa182ac0b86ee76928_s390x as a component of Red Hat OpenShift Service Mesh 2.6",
"product_id": "Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:29e6ecab0c0f10c17b752d30978dbda4892b3cf471344faa182ac0b86ee76928_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:29e6ecab0c0f10c17b752d30978dbda4892b3cf471344faa182ac0b86ee76928_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:5fa584e152eb852c9f9dd2ec07c4857924a87470bb92934cbd48efdb0ca238ba_arm64 as a component of Red Hat OpenShift Service Mesh 2.6",
"product_id": "Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:5fa584e152eb852c9f9dd2ec07c4857924a87470bb92934cbd48efdb0ca238ba_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:5fa584e152eb852c9f9dd2ec07c4857924a87470bb92934cbd48efdb0ca238ba_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:accf357afa34ff4573ec5a538edfdd37b35f3aeabf786bd6a469f1f457498654_ppc64le as a component of Red Hat OpenShift Service Mesh 2.6",
"product_id": "Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:accf357afa34ff4573ec5a538edfdd37b35f3aeabf786bd6a469f1f457498654_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:accf357afa34ff4573ec5a538edfdd37b35f3aeabf786bd6a469f1f457498654_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:add09864ea186e10cbf36efa26c5e2be626c6e2a47726379d209e5a6cc5698fe_amd64 as a component of Red Hat OpenShift Service Mesh 2.6",
"product_id": "Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:add09864ea186e10cbf36efa26c5e2be626c6e2a47726379d209e5a6cc5698fe_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:add09864ea186e10cbf36efa26c5e2be626c6e2a47726379d209e5a6cc5698fe_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 2.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-12816",
"cwe": {
"id": "CWE-179",
"name": "Incorrect Behavior Order: Early Validation"
},
"discovery_date": "2025-11-25T20:01:05.875196+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2417097"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in node-forge. This vulnerability allows unauthenticated attackers to bypass downstream cryptographic verifications and security decisions via crafting ASN.1 (Abstract Syntax Notation One) structures to desynchronize schema validations, yielding a semantic divergence.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: node-forge: Interpretation conflict vulnerability allows bypassing cryptographic verifications",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products due to an interpretation conflict in the node-forge library. An unauthenticated attacker could exploit this flaw by crafting malicious ASN.1 structures, leading to a bypass of cryptographic verifications and security decisions in affected applications. This impacts various Red Hat products that utilize node-forge for cryptographic operations.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:7ac05f2197eeba5533ad6ad6360e817d57de2f6893c260c20a7484945fceda92_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:ab2b4a1a2d1e5230e3c092af3827a21c0838702ae227afd786925d1704002afd_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:c34b5d86b07705fd0d610ba37bb54a5612b6aba81f04e661b207a2eb0209bea2_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:ecd14b0b642cfcac1030a22e2f57a05ae0fd2d63a1f41c975487f30e34fef5d8_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:29e6ecab0c0f10c17b752d30978dbda4892b3cf471344faa182ac0b86ee76928_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:5fa584e152eb852c9f9dd2ec07c4857924a87470bb92934cbd48efdb0ca238ba_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:accf357afa34ff4573ec5a538edfdd37b35f3aeabf786bd6a469f1f457498654_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:add09864ea186e10cbf36efa26c5e2be626c6e2a47726379d209e5a6cc5698fe_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-12816"
},
{
"category": "external",
"summary": "RHBZ#2417097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-12816",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12816"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-12816",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12816"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge",
"url": "https://github.com/digitalbazaar/forge"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/pull/1124",
"url": "https://github.com/digitalbazaar/forge/pull/1124"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5gfm-wpxj-wjgq",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5gfm-wpxj-wjgq"
},
{
"category": "external",
"summary": "https://kb.cert.org/vuls/id/521113",
"url": "https://kb.cert.org/vuls/id/521113"
},
{
"category": "external",
"summary": "https://www.npmjs.com/package/node-forge",
"url": "https://www.npmjs.com/package/node-forge"
}
],
"release_date": "2025-11-25T19:15:50.243000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-09T14:58:58+00:00",
"details": "See Kiali 1.73.25 documentation at https://docs.redhat.com/en/documentation/openshift_container_platform/4.18/html/service_mesh/service-mesh-2-x",
"product_ids": [
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:7ac05f2197eeba5533ad6ad6360e817d57de2f6893c260c20a7484945fceda92_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:ab2b4a1a2d1e5230e3c092af3827a21c0838702ae227afd786925d1704002afd_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:c34b5d86b07705fd0d610ba37bb54a5612b6aba81f04e661b207a2eb0209bea2_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:ecd14b0b642cfcac1030a22e2f57a05ae0fd2d63a1f41c975487f30e34fef5d8_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:29e6ecab0c0f10c17b752d30978dbda4892b3cf471344faa182ac0b86ee76928_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:5fa584e152eb852c9f9dd2ec07c4857924a87470bb92934cbd48efdb0ca238ba_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:accf357afa34ff4573ec5a538edfdd37b35f3aeabf786bd6a469f1f457498654_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:add09864ea186e10cbf36efa26c5e2be626c6e2a47726379d209e5a6cc5698fe_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22936"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:7ac05f2197eeba5533ad6ad6360e817d57de2f6893c260c20a7484945fceda92_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:ab2b4a1a2d1e5230e3c092af3827a21c0838702ae227afd786925d1704002afd_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:c34b5d86b07705fd0d610ba37bb54a5612b6aba81f04e661b207a2eb0209bea2_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:ecd14b0b642cfcac1030a22e2f57a05ae0fd2d63a1f41c975487f30e34fef5d8_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:29e6ecab0c0f10c17b752d30978dbda4892b3cf471344faa182ac0b86ee76928_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:5fa584e152eb852c9f9dd2ec07c4857924a87470bb92934cbd48efdb0ca238ba_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:accf357afa34ff4573ec5a538edfdd37b35f3aeabf786bd6a469f1f457498654_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:add09864ea186e10cbf36efa26c5e2be626c6e2a47726379d209e5a6cc5698fe_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:7ac05f2197eeba5533ad6ad6360e817d57de2f6893c260c20a7484945fceda92_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:ab2b4a1a2d1e5230e3c092af3827a21c0838702ae227afd786925d1704002afd_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:c34b5d86b07705fd0d610ba37bb54a5612b6aba81f04e661b207a2eb0209bea2_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:ecd14b0b642cfcac1030a22e2f57a05ae0fd2d63a1f41c975487f30e34fef5d8_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:29e6ecab0c0f10c17b752d30978dbda4892b3cf471344faa182ac0b86ee76928_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:5fa584e152eb852c9f9dd2ec07c4857924a87470bb92934cbd48efdb0ca238ba_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:accf357afa34ff4573ec5a538edfdd37b35f3aeabf786bd6a469f1f457498654_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:add09864ea186e10cbf36efa26c5e2be626c6e2a47726379d209e5a6cc5698fe_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "node-forge: node-forge: Interpretation conflict vulnerability allows bypassing cryptographic verifications"
},
{
"cve": "CVE-2025-64756",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"discovery_date": "2025-11-17T18:01:28.077927+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2415451"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in glob. This vulnerability allows arbitrary command execution via processing files with malicious names when the glob command-line interface (CLI) is used with the -c/--cmd option, enabling shell metacharacters to trigger command injection.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "glob: glob: Command Injection Vulnerability via Malicious Filenames",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw in glob allows arbitrary command execution when the `glob` command-line interface is used with the `-c/--cmd` option to process files with malicious names. The vulnerability is triggered by shell metacharacters in filenames, leading to command injection. The glob CLI tool utilizes the -c option to execute shell commands over the files which matched the searched pattern by using the shell:true parameter when creating the subprocess which will further execute the command informed via \u0027-c\u0027 option, this parameter allows the shell meta characters to be used and processed when executing the command. Given that information glob misses to sanitize the file name to eliminate such characters and expressions from the filename, leading to code execution as when performing the shell expansion such characters will be interpreted as shell commands.\n\nTo exploit this vulnerability the targeted system should run the glob CLI over a file with a maliciously crafted filename, additionally the attacker needs to have enough permission to create such file or trick the user to download and process the required file with the glob CLI.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:7ac05f2197eeba5533ad6ad6360e817d57de2f6893c260c20a7484945fceda92_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:ab2b4a1a2d1e5230e3c092af3827a21c0838702ae227afd786925d1704002afd_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:c34b5d86b07705fd0d610ba37bb54a5612b6aba81f04e661b207a2eb0209bea2_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:ecd14b0b642cfcac1030a22e2f57a05ae0fd2d63a1f41c975487f30e34fef5d8_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:29e6ecab0c0f10c17b752d30978dbda4892b3cf471344faa182ac0b86ee76928_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:5fa584e152eb852c9f9dd2ec07c4857924a87470bb92934cbd48efdb0ca238ba_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:accf357afa34ff4573ec5a538edfdd37b35f3aeabf786bd6a469f1f457498654_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:add09864ea186e10cbf36efa26c5e2be626c6e2a47726379d209e5a6cc5698fe_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-64756"
},
{
"category": "external",
"summary": "RHBZ#2415451",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2415451"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-64756",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-64756"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-64756",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-64756"
},
{
"category": "external",
"summary": "https://github.com/isaacs/node-glob/commit/47473c046b91c67269df7a66eab782a6c2716146",
"url": "https://github.com/isaacs/node-glob/commit/47473c046b91c67269df7a66eab782a6c2716146"
},
{
"category": "external",
"summary": "https://github.com/isaacs/node-glob/security/advisories/GHSA-5j98-mcp5-4vw2",
"url": "https://github.com/isaacs/node-glob/security/advisories/GHSA-5j98-mcp5-4vw2"
}
],
"release_date": "2025-11-17T17:29:08.029000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-09T14:58:58+00:00",
"details": "See Kiali 1.73.25 documentation at https://docs.redhat.com/en/documentation/openshift_container_platform/4.18/html/service_mesh/service-mesh-2-x",
"product_ids": [
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:7ac05f2197eeba5533ad6ad6360e817d57de2f6893c260c20a7484945fceda92_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:ab2b4a1a2d1e5230e3c092af3827a21c0838702ae227afd786925d1704002afd_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:c34b5d86b07705fd0d610ba37bb54a5612b6aba81f04e661b207a2eb0209bea2_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:ecd14b0b642cfcac1030a22e2f57a05ae0fd2d63a1f41c975487f30e34fef5d8_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:29e6ecab0c0f10c17b752d30978dbda4892b3cf471344faa182ac0b86ee76928_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:5fa584e152eb852c9f9dd2ec07c4857924a87470bb92934cbd48efdb0ca238ba_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:accf357afa34ff4573ec5a538edfdd37b35f3aeabf786bd6a469f1f457498654_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:add09864ea186e10cbf36efa26c5e2be626c6e2a47726379d209e5a6cc5698fe_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22936"
},
{
"category": "workaround",
"details": "To mitigate this issue, avoid using the `glob` command-line interface with the `-c` or `--cmd` option when processing filenames from untrusted sources. If programmatic use of `glob` is necessary, ensure that filenames are thoroughly sanitized before being passed to commands executed with shell interpretation enabled.",
"product_ids": [
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:7ac05f2197eeba5533ad6ad6360e817d57de2f6893c260c20a7484945fceda92_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:ab2b4a1a2d1e5230e3c092af3827a21c0838702ae227afd786925d1704002afd_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:c34b5d86b07705fd0d610ba37bb54a5612b6aba81f04e661b207a2eb0209bea2_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:ecd14b0b642cfcac1030a22e2f57a05ae0fd2d63a1f41c975487f30e34fef5d8_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:29e6ecab0c0f10c17b752d30978dbda4892b3cf471344faa182ac0b86ee76928_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:5fa584e152eb852c9f9dd2ec07c4857924a87470bb92934cbd48efdb0ca238ba_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:accf357afa34ff4573ec5a538edfdd37b35f3aeabf786bd6a469f1f457498654_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:add09864ea186e10cbf36efa26c5e2be626c6e2a47726379d209e5a6cc5698fe_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:7ac05f2197eeba5533ad6ad6360e817d57de2f6893c260c20a7484945fceda92_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:ab2b4a1a2d1e5230e3c092af3827a21c0838702ae227afd786925d1704002afd_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:c34b5d86b07705fd0d610ba37bb54a5612b6aba81f04e661b207a2eb0209bea2_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:ecd14b0b642cfcac1030a22e2f57a05ae0fd2d63a1f41c975487f30e34fef5d8_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:29e6ecab0c0f10c17b752d30978dbda4892b3cf471344faa182ac0b86ee76928_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:5fa584e152eb852c9f9dd2ec07c4857924a87470bb92934cbd48efdb0ca238ba_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:accf357afa34ff4573ec5a538edfdd37b35f3aeabf786bd6a469f1f457498654_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:add09864ea186e10cbf36efa26c5e2be626c6e2a47726379d209e5a6cc5698fe_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "glob: glob: Command Injection Vulnerability via Malicious Filenames"
},
{
"cve": "CVE-2025-66031",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2025-11-26T23:01:36.363253+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2417397"
}
],
"notes": [
{
"category": "description",
"text": "An ASN.1 Denial of Service (Dos) vulnerability exists in the node-forge asn1.fromDer function within forge/lib/asn1.js. The ASN.1 DER parser implementation (_fromDer) recurses for every constructed ASN.1 value (SEQUENCE, SET, etc.) and lacks a guard limiting recursion depth. An attacker can craft a small DER blob containing a very large nesting depth of constructed TLVs which causes the Node.js V8 engine to exhaust its call stack and throw RangeError: Maximum call stack size exceeded, crashing or incapacitating the process handling the parse. This is a remote, low-cost Denial-of-Service against applications that parse untrusted ASN.1 objects.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: node-forge ASN.1 Unbounded Recursion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:7ac05f2197eeba5533ad6ad6360e817d57de2f6893c260c20a7484945fceda92_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:ab2b4a1a2d1e5230e3c092af3827a21c0838702ae227afd786925d1704002afd_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:c34b5d86b07705fd0d610ba37bb54a5612b6aba81f04e661b207a2eb0209bea2_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:ecd14b0b642cfcac1030a22e2f57a05ae0fd2d63a1f41c975487f30e34fef5d8_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:29e6ecab0c0f10c17b752d30978dbda4892b3cf471344faa182ac0b86ee76928_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:5fa584e152eb852c9f9dd2ec07c4857924a87470bb92934cbd48efdb0ca238ba_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:accf357afa34ff4573ec5a538edfdd37b35f3aeabf786bd6a469f1f457498654_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:add09864ea186e10cbf36efa26c5e2be626c6e2a47726379d209e5a6cc5698fe_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66031"
},
{
"category": "external",
"summary": "RHBZ#2417397",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417397"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66031",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66031"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66031",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66031"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/commit/260425c6167a38aae038697132483b5517b26451",
"url": "https://github.com/digitalbazaar/forge/commit/260425c6167a38aae038697132483b5517b26451"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-554w-wpv2-vw27",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-554w-wpv2-vw27"
}
],
"release_date": "2025-11-26T22:23:26.013000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-09T14:58:58+00:00",
"details": "See Kiali 1.73.25 documentation at https://docs.redhat.com/en/documentation/openshift_container_platform/4.18/html/service_mesh/service-mesh-2-x",
"product_ids": [
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:7ac05f2197eeba5533ad6ad6360e817d57de2f6893c260c20a7484945fceda92_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:ab2b4a1a2d1e5230e3c092af3827a21c0838702ae227afd786925d1704002afd_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:c34b5d86b07705fd0d610ba37bb54a5612b6aba81f04e661b207a2eb0209bea2_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:ecd14b0b642cfcac1030a22e2f57a05ae0fd2d63a1f41c975487f30e34fef5d8_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:29e6ecab0c0f10c17b752d30978dbda4892b3cf471344faa182ac0b86ee76928_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:5fa584e152eb852c9f9dd2ec07c4857924a87470bb92934cbd48efdb0ca238ba_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:accf357afa34ff4573ec5a538edfdd37b35f3aeabf786bd6a469f1f457498654_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:add09864ea186e10cbf36efa26c5e2be626c6e2a47726379d209e5a6cc5698fe_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22936"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:7ac05f2197eeba5533ad6ad6360e817d57de2f6893c260c20a7484945fceda92_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:ab2b4a1a2d1e5230e3c092af3827a21c0838702ae227afd786925d1704002afd_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:c34b5d86b07705fd0d610ba37bb54a5612b6aba81f04e661b207a2eb0209bea2_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:ecd14b0b642cfcac1030a22e2f57a05ae0fd2d63a1f41c975487f30e34fef5d8_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:29e6ecab0c0f10c17b752d30978dbda4892b3cf471344faa182ac0b86ee76928_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:5fa584e152eb852c9f9dd2ec07c4857924a87470bb92934cbd48efdb0ca238ba_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:accf357afa34ff4573ec5a538edfdd37b35f3aeabf786bd6a469f1f457498654_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:add09864ea186e10cbf36efa26c5e2be626c6e2a47726379d209e5a6cc5698fe_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:7ac05f2197eeba5533ad6ad6360e817d57de2f6893c260c20a7484945fceda92_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:ab2b4a1a2d1e5230e3c092af3827a21c0838702ae227afd786925d1704002afd_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:c34b5d86b07705fd0d610ba37bb54a5612b6aba81f04e661b207a2eb0209bea2_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8@sha256:ecd14b0b642cfcac1030a22e2f57a05ae0fd2d63a1f41c975487f30e34fef5d8_amd64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:29e6ecab0c0f10c17b752d30978dbda4892b3cf471344faa182ac0b86ee76928_s390x",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:5fa584e152eb852c9f9dd2ec07c4857924a87470bb92934cbd48efdb0ca238ba_arm64",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:accf357afa34ff4573ec5a538edfdd37b35f3aeabf786bd6a469f1f457498654_ppc64le",
"Red Hat OpenShift Service Mesh 2.6:registry.redhat.io/openshift-service-mesh/kiali-rhel8@sha256:add09864ea186e10cbf36efa26c5e2be626c6e2a47726379d209e5a6cc5698fe_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "node-forge: node-forge ASN.1 Unbounded Recursion"
}
]
}
RHSA-2026:2106
Vulnerability from csaf_redhat - Published: 2026-02-05 13:38 - Updated: 2026-05-07 07:29Summary
Red Hat Security Advisory: RHOAI 2.25.2 - Red Hat OpenShift AI
Severity
Important
Notes
Topic: Updated images are now available for Red Hat OpenShift AI.
Details: Release of RHOAI 2.25.2 provides these changes:
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in Red Hat OpenShift AI (RHOAI) llama-stack-operator. This vulnerability allows unauthorized access to Llama Stack services deployed in other namespaces via direct network requests, because no NetworkPolicy restricts access to the llama-stack service endpoint. As a result, a user in one namespace can access another user’s Llama Stack instance and potentially view or manipulate sensitive data.
8.1 (High)
Vendor Fix
For Red Hat OpenShift AI 2.25.2 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:
https://docs.redhat.com/en/documentation/red_hat_openshift_ai/
https://access.redhat.com/errata/RHSA-2026:2106
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in node-forge. This vulnerability allows unauthenticated attackers to bypass downstream cryptographic verifications and security decisions via crafting ASN.1 (Abstract Syntax Notation One) structures to desynchronize schema validations, yielding a semantic divergence.
8.7 (High)
Vendor Fix
For Red Hat OpenShift AI 2.25.2 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:
https://docs.redhat.com/en/documentation/red_hat_openshift_ai/
https://access.redhat.com/errata/RHSA-2026:2106
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.
A flaw was found in runc. This attack is a more sophisticated variant of CVE-2019-16884, which was a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process. The mitigation applied for CVE-2019-16884 was fairly limited and effectively only caused runc to verify that when we write LSM labels that those labels are actual procfs files.
8.2 (High)
Vendor Fix
For Red Hat OpenShift AI 2.25.2 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:
https://docs.redhat.com/en/documentation/red_hat_openshift_ai/
https://access.redhat.com/errata/RHSA-2026:2106
Workaround
Potential mitigations for this issue include:
* Using rootless containers, as doing so will block most of the inadvertent writes (runc would run with reduced privileges, making attempts to write to procfs files ineffective).
* Based on our analysis, neither AppArmor or SELinux can protect against the full version of the redirected write attack. The container runtime is generally privileged enough to write to arbitrary procfs files, which is more than sufficient to cause a container breakout.
This vulnerability in fontTools varLib allows a crafted .designspace file to trigger arbitrary file writes and XML-based content injection during variable-font generation. Because filenames are not sanitized, an attacker can use path traversal to overwrite files anywhere on the filesystem, and malicious payloads embedded in XML labelname elements can be injected directly into the generated output. When these overwritten files reside in executable or web-served locations, this can enable local remote-code execution or corruption of application or configuration files. The issue affects the varLib CLI and any code that invokes fontTools.varLib.main().
6.3 (Medium)
Vendor Fix
For Red Hat OpenShift AI 2.25.2 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:
https://docs.redhat.com/en/documentation/red_hat_openshift_ai/
https://access.redhat.com/errata/RHSA-2026:2106
Workaround
To mitigate this issue, avoid processing untrusted .designspace files with the fontTools varLib script or any application that invokes fontTools.varLib.main(). Restrict the execution environment of processes handling .designspace files to minimize potential impact from arbitrary file writes. If the fonttools package is not required, consider removing it.
A flaw was found in urllib3 Python library that could lead to a Denial of Service condition. A remote, malicious server can exploit this flaw by responding to a client request with an HTTP message that uses an excessive number of chained compression algorithms. This unlimited decompression chain causes the client system to consume a virtually unbounded amount of CPU resources and memory. The high resource usage leads to service disruption, making the application unresponsive.
7.5 (High)
Vendor Fix
For Red Hat OpenShift AI 2.25.2 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:
https://docs.redhat.com/en/documentation/red_hat_openshift_ai/
https://access.redhat.com/errata/RHSA-2026:2106
A decompression handling flaw has been discovered in urllib3. When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header (e.g., gzip, deflate, br, or zstd). The library must read compressed data from the network and decompress it until the requested chunk size is met. Any resulting decompressed data that exceeds the requested amount is held in an internal buffer for the next read operation. The decompression logic could cause urllib3 to fully decode a small amount of highly compressed data in a single operation. This can result in excessive resource consumption (high CPU usage and massive memory allocation for the decompressed data; CWE-409) on the client side, even if the application only requested a small chunk of data.
7.5 (High)
Vendor Fix
For Red Hat OpenShift AI 2.25.2 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:
https://docs.redhat.com/en/documentation/red_hat_openshift_ai/
https://access.redhat.com/errata/RHSA-2026:2106
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in Fulcio, a free-to-use certificate authority. This vulnerability allows a denial of service (DoS) due to excessive memory allocation when processing a malicious OpenID Connect (OIDC) identity token containing numerous period characters.
7.5 (High)
Vendor Fix
For Red Hat OpenShift AI 2.25.2 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:
https://docs.redhat.com/en/documentation/red_hat_openshift_ai/
https://access.redhat.com/errata/RHSA-2026:2106
A path traversal and arbitrary file overwrite vulnerability has been identified in Argo Workflows during the extraction of archived artifacts, where symbolic links inside a crafted archive are not safely validated before file extraction. An attacker could exploit this flaw by submitting a malicious archive containing symbolic links that point outside the intended extraction directory, causing files to be written or overwritten in unintended locations within the workflow pod. Successful exploitation may allow an attacker to overwrite execution control files and achieve arbitrary command execution during pod startup.
8.3 (High)
Vendor Fix
For Red Hat OpenShift AI 2.25.2 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:
https://docs.redhat.com/en/documentation/red_hat_openshift_ai/
https://access.redhat.com/errata/RHSA-2026:2106
Workaround
No mitigation is currently available that meets Red Hat Product Security’s standards for usability, deployment, applicability, or stability.
A denial of service flaw has been discovered in the Tornado networking library. In Tornado, a single maliciously crafted HTTP request can block the server's event loop for an extended period, caused by the HTTPHeaders.add method. The function accumulates values using string concatenation when the same header name is repeated, causing a Denial of Service (DoS). Due to Python string immutability, each concatenation copies the entire string, resulting in O(n²) time complexity.
5.3 (Medium)
Vendor Fix
For Red Hat OpenShift AI 2.25.2 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:
https://docs.redhat.com/en/documentation/red_hat_openshift_ai/
https://access.redhat.com/errata/RHSA-2026:2106
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A denial of service flaw has been discovered in the Tornado networking library. Affected versions of Tornado us an inefficient algorithm when parsing parameters for HTTP header values, potentially causing a DoS. The _parseparam function in httputil.py is used to parse specific HTTP header values, such as those in multipart/form-data and repeatedly calls string.count() within a nested loop while processing quoted semicolons. If an attacker sends a request with a large number of maliciously crafted parameters in a Content-Disposition header, the server's CPU usage increases quadratically (O(n²)) during parsing. Due to Tornado's single event loop architecture, a single malicious request can cause the entire server to become unresponsive for an extended period.
5.3 (Medium)
Vendor Fix
For Red Hat OpenShift AI 2.25.2 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:
https://docs.redhat.com/en/documentation/red_hat_openshift_ai/
https://access.redhat.com/errata/RHSA-2026:2106
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in Expr, an expression language and expression evaluation for Go. This vulnerability allows a denial of service (DoS) via recursive traversal over user-provided deeply nested or cyclic data structures without enforcing a maximum recursion depth, leading to a stack overflow panic and application crash.
7.5 (High)
Vendor Fix
For Red Hat OpenShift AI 2.25.2 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:
https://docs.redhat.com/en/documentation/red_hat_openshift_ai/
https://access.redhat.com/errata/RHSA-2026:2106
Workaround
To mitigate this issue, applications using the `Expr` library should ensure that evaluation environments do not contain cyclic references. Additionally, externally supplied data structures must be validated or sanitized before being passed to `Expr` for evaluation. As a last-resort defensive measure, expression evaluation can be wrapped with panic recovery to prevent a full process crash.
A flaw was found in KEDA, a Kubernetes-based Event Driven Autoscaling component. This arbitrary file read vulnerability allows an attacker with permissions to create or modify a TriggerAuthentication resource to read any file from the node's filesystem where the KEDA pod resides. This is due to insufficient path validation when handling Service Account Tokens during HashiCorp Vault authentication. Successful exploitation can lead to the exfiltration of sensitive system information, such as secrets or configuration files.
7.7 (High)
Vendor Fix
For Red Hat OpenShift AI 2.25.2 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:
https://docs.redhat.com/en/documentation/red_hat_openshift_ai/
https://access.redhat.com/errata/RHSA-2026:2106
A decompression based denial of service flaw has been discovered in the AIOHTTP python library. Library versions 3.13.2 and below allow a zip bomb to be used to execute a DoS against the AIOHTTP server. An attacker may be able to send a compressed request that when decompressed by AIOHTTP could exhaust the host's memory.
7.5 (High)
Vendor Fix
For Red Hat OpenShift AI 2.25.2 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:
https://docs.redhat.com/en/documentation/red_hat_openshift_ai/
https://access.redhat.com/errata/RHSA-2026:2106
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP `Content-Encoding` header (e.g., `gzip`, `deflate`, `br`, or `zstd`). When using the streaming API, the library decompresses only the necessary bytes, enabling partial content consumption. Starting in version 1.22 and prior to version 2.6.3, for HTTP redirect responses, the library would read the entire response body to drain the connection and decompress the content unnecessarily. This decompression occurred even before any read methods were called, and configured read limits did not restrict the amount of decompressed data. As a result, there was no safeguard against decompression bombs. A malicious server could exploit this to trigger excessive resource consumption on the client. Applications and libraries are affected when they stream content from untrusted sources by setting `preload_content=False` when they do not disable redirects. Users should upgrade to at least urllib3 v2.6.3, in which the library does not decode content of redirect responses when `preload_content=False`. If upgrading is not immediately possible, disable redirects by setting `redirect=False` for requests to untrusted source.
7.5 (High)
Vendor Fix
For Red Hat OpenShift AI 2.25.2 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:
https://docs.redhat.com/en/documentation/red_hat_openshift_ai/
https://access.redhat.com/errata/RHSA-2026:2106
A path traversal flaw has been discovered in the python wheel too. The unpack function is vulnerable to file permission modification through mishandling of file permissions after extraction. The logic blindly trusts the filename from the archive header for the chmod operation, even though the extraction process itself might have sanitized the path. Attackers can craft a malicious wheel file that, when unpacked, changes the permissions of critical system files (e.g., /etc/passwd, SSH keys, config files), allowing for Privilege Escalation or arbitrary code execution by modifying now-writable scripts.
7.1 (High)
Vendor Fix
For Red Hat OpenShift AI 2.25.2 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:
https://docs.redhat.com/en/documentation/red_hat_openshift_ai/
https://access.redhat.com/errata/RHSA-2026:2106
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
References
| URL | Category | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated images are now available for Red Hat OpenShift AI.",
"title": "Topic"
},
{
"category": "general",
"text": "Release of RHOAI 2.25.2 provides these changes:",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:2106",
"url": "https://access.redhat.com/errata/RHSA-2026:2106"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-12805",
"url": "https://access.redhat.com/security/cve/CVE-2025-12805"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-12816",
"url": "https://access.redhat.com/security/cve/CVE-2025-12816"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-52881",
"url": "https://access.redhat.com/security/cve/CVE-2025-52881"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66034",
"url": "https://access.redhat.com/security/cve/CVE-2025-66034"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66418",
"url": "https://access.redhat.com/security/cve/CVE-2025-66418"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66471",
"url": "https://access.redhat.com/security/cve/CVE-2025-66471"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66506",
"url": "https://access.redhat.com/security/cve/CVE-2025-66506"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66626",
"url": "https://access.redhat.com/security/cve/CVE-2025-66626"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-67725",
"url": "https://access.redhat.com/security/cve/CVE-2025-67725"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-67726",
"url": "https://access.redhat.com/security/cve/CVE-2025-67726"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-68156",
"url": "https://access.redhat.com/security/cve/CVE-2025-68156"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-68476",
"url": "https://access.redhat.com/security/cve/CVE-2025-68476"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-69223",
"url": "https://access.redhat.com/security/cve/CVE-2025-69223"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-21441",
"url": "https://access.redhat.com/security/cve/CVE-2026-21441"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-24049",
"url": "https://access.redhat.com/security/cve/CVE-2026-24049"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"url": "https://docs.redhat.com/en/documentation/red_hat_openshift_ai/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_2106.json"
}
],
"title": "Red Hat Security Advisory: RHOAI 2.25.2 - Red Hat OpenShift AI",
"tracking": {
"current_release_date": "2026-05-07T07:29:46+00:00",
"generator": {
"date": "2026-05-07T07:29:46+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.9"
}
},
"id": "RHSA-2026:2106",
"initial_release_date": "2026-02-05T13:38:32+00:00",
"revision_history": [
{
"date": "2026-02-05T13:38:32+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-02-05T13:38:45+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-07T07:29:46+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift AI 2.25",
"product": {
"name": "Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_ai:2.25::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift AI"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:5ad2b6d2f8d4904a0191fa5ccc18411a786e6579d188489fa12faf9fc068cc9c_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:5ad2b6d2f8d4904a0191fa5ccc18411a786e6579d188489fa12faf9fc068cc9c_amd64",
"product_id": "registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:5ad2b6d2f8d4904a0191fa5ccc18411a786e6579d188489fa12faf9fc068cc9c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-built-in-detector-rhel9@sha256%3A5ad2b6d2f8d4904a0191fa5ccc18411a786e6579d188489fa12faf9fc068cc9c?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770054761"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-caikit-nlp-rhel9@sha256:11e5cb6b52e2184b332d632d8d7ad2c6976a034f270274d37b28ce712bd2cc36_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-caikit-nlp-rhel9@sha256:11e5cb6b52e2184b332d632d8d7ad2c6976a034f270274d37b28ce712bd2cc36_amd64",
"product_id": "registry.redhat.io/rhoai/odh-caikit-nlp-rhel9@sha256:11e5cb6b52e2184b332d632d8d7ad2c6976a034f270274d37b28ce712bd2cc36_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-caikit-nlp-rhel9@sha256%3A11e5cb6b52e2184b332d632d8d7ad2c6976a034f270274d37b28ce712bd2cc36?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770053939"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-caikit-tgis-serving-rhel9@sha256:81157ed2f613acec8425198f643fc55071792deffce6d9aee3542c8ea07c4d1a_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-caikit-tgis-serving-rhel9@sha256:81157ed2f613acec8425198f643fc55071792deffce6d9aee3542c8ea07c4d1a_amd64",
"product_id": "registry.redhat.io/rhoai/odh-caikit-tgis-serving-rhel9@sha256:81157ed2f613acec8425198f643fc55071792deffce6d9aee3542c8ea07c4d1a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-caikit-tgis-serving-rhel9@sha256%3A81157ed2f613acec8425198f643fc55071792deffce6d9aee3542c8ea07c4d1a?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770053804"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:6331e14388d919390d1af6585eeff151b65ad4c9860745134def57dba26bb97e_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:6331e14388d919390d1af6585eeff151b65ad4c9860745134def57dba26bb97e_amd64",
"product_id": "registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:6331e14388d919390d1af6585eeff151b65ad4c9860745134def57dba26bb97e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-codeflare-operator-rhel9@sha256%3A6331e14388d919390d1af6585eeff151b65ad4c9860745134def57dba26bb97e?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770223637"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:24f8d43160dc19c70e41cbbba12f688e1ac84a21077bf932aae7fea2ec24afb5_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:24f8d43160dc19c70e41cbbba12f688e1ac84a21077bf932aae7fea2ec24afb5_amd64",
"product_id": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:24f8d43160dc19c70e41cbbba12f688e1ac84a21077bf932aae7fea2ec24afb5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-dashboard-rhel9@sha256%3A24f8d43160dc19c70e41cbbba12f688e1ac84a21077bf932aae7fea2ec24afb5?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770209922"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:873dbf82b3b38ae1518019c143e403bed9dc1ecac199f850edff82b2b0f95231_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:873dbf82b3b38ae1518019c143e403bed9dc1ecac199f850edff82b2b0f95231_amd64",
"product_id": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:873dbf82b3b38ae1518019c143e403bed9dc1ecac199f850edff82b2b0f95231_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-data-science-pipelines-argo-argoexec-rhel9@sha256%3A873dbf82b3b38ae1518019c143e403bed9dc1ecac199f850edff82b2b0f95231?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770224105"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:af3fa2677f47b424b7e8712505ef30e7ead5c445c77bc32360c4ff5c2ea24b93_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:af3fa2677f47b424b7e8712505ef30e7ead5c445c77bc32360c4ff5c2ea24b93_amd64",
"product_id": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:af3fa2677f47b424b7e8712505ef30e7ead5c445c77bc32360c4ff5c2ea24b93_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256%3Aaf3fa2677f47b424b7e8712505ef30e7ead5c445c77bc32360c4ff5c2ea24b93?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770224104"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:4e4dc115dcb1061785653fcecbd2e81ff6089b62cf9ee0fda10eb87466047e39_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:4e4dc115dcb1061785653fcecbd2e81ff6089b62cf9ee0fda10eb87466047e39_amd64",
"product_id": "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:4e4dc115dcb1061785653fcecbd2e81ff6089b62cf9ee0fda10eb87466047e39_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-data-science-pipelines-operator-controller-rhel9@sha256%3A4e4dc115dcb1061785653fcecbd2e81ff6089b62cf9ee0fda10eb87466047e39?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770224116"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-feast-operator-rhel9@sha256:bf6ebf0abb38d3d5787f6e3ddf6e7ec2fd30d36c7607986cd8067b1099cbf571_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-feast-operator-rhel9@sha256:bf6ebf0abb38d3d5787f6e3ddf6e7ec2fd30d36c7607986cd8067b1099cbf571_amd64",
"product_id": "registry.redhat.io/rhoai/odh-feast-operator-rhel9@sha256:bf6ebf0abb38d3d5787f6e3ddf6e7ec2fd30d36c7607986cd8067b1099cbf571_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-feast-operator-rhel9@sha256%3Abf6ebf0abb38d3d5787f6e3ddf6e7ec2fd30d36c7607986cd8067b1099cbf571?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770060524"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-feature-server-rhel9@sha256:915cb9d745de85847cb147bc34a8c95453bf54cd5c3747fbaefad66bba32b9d9_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-feature-server-rhel9@sha256:915cb9d745de85847cb147bc34a8c95453bf54cd5c3747fbaefad66bba32b9d9_amd64",
"product_id": "registry.redhat.io/rhoai/odh-feature-server-rhel9@sha256:915cb9d745de85847cb147bc34a8c95453bf54cd5c3747fbaefad66bba32b9d9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-feature-server-rhel9@sha256%3A915cb9d745de85847cb147bc34a8c95453bf54cd5c3747fbaefad66bba32b9d9?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770061564"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:4c5adfffb316f3dd40499fb17c38f761c5b364639cd7cd30a49d7621b4ca4c60_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:4c5adfffb316f3dd40499fb17c38f761c5b364639cd7cd30a49d7621b4ca4c60_amd64",
"product_id": "registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:4c5adfffb316f3dd40499fb17c38f761c5b364639cd7cd30a49d7621b4ca4c60_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-fms-guardrails-orchestrator-rhel9@sha256%3A4c5adfffb316f3dd40499fb17c38f761c5b364639cd7cd30a49d7621b4ca4c60?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770230497"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:77715e48401fe876d99dbfcc4c198afdc5c290b7510960896ba1622ed6ca7f79_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:77715e48401fe876d99dbfcc4c198afdc5c290b7510960896ba1622ed6ca7f79_amd64",
"product_id": "registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:77715e48401fe876d99dbfcc4c198afdc5c290b7510960896ba1622ed6ca7f79_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-guardrails-detector-huggingface-runtime-rhel9@sha256%3A77715e48401fe876d99dbfcc4c198afdc5c290b7510960896ba1622ed6ca7f79?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770103233"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:a990326e7004c46de55e42f5944d0105b6d04da2dd1ce94d342869407bb98807_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:a990326e7004c46de55e42f5944d0105b6d04da2dd1ce94d342869407bb98807_amd64",
"product_id": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:a990326e7004c46de55e42f5944d0105b6d04da2dd1ce94d342869407bb98807_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-kf-notebook-controller-rhel9@sha256%3Aa990326e7004c46de55e42f5944d0105b6d04da2dd1ce94d342869407bb98807?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770224123"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:d88abafc4a46463442434b6622577fdb3ba938496a50c7afe3af3fbb0b2b091e_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:d88abafc4a46463442434b6622577fdb3ba938496a50c7afe3af3fbb0b2b091e_amd64",
"product_id": "registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:d88abafc4a46463442434b6622577fdb3ba938496a50c7afe3af3fbb0b2b091e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-kserve-agent-rhel9@sha256%3Ad88abafc4a46463442434b6622577fdb3ba938496a50c7afe3af3fbb0b2b091e?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055852"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:5b2d40d8d71e583e1bb3f374b724b58ee78a04b8c15e3fc13a249adc3b4c37c0_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:5b2d40d8d71e583e1bb3f374b724b58ee78a04b8c15e3fc13a249adc3b4c37c0_amd64",
"product_id": "registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:5b2d40d8d71e583e1bb3f374b724b58ee78a04b8c15e3fc13a249adc3b4c37c0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-kserve-controller-rhel9@sha256%3A5b2d40d8d71e583e1bb3f374b724b58ee78a04b8c15e3fc13a249adc3b4c37c0?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055872"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:173c0c8ed96e35def73f92bff784eb332de45924502f04b2d9c7a191581fdbeb_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:173c0c8ed96e35def73f92bff784eb332de45924502f04b2d9c7a191581fdbeb_amd64",
"product_id": "registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:173c0c8ed96e35def73f92bff784eb332de45924502f04b2d9c7a191581fdbeb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-kserve-router-rhel9@sha256%3A173c0c8ed96e35def73f92bff784eb332de45924502f04b2d9c7a191581fdbeb?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055874"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:fb25360c741915fa13d4b43049d369a7de295a97417e5401382f95701f463935_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:fb25360c741915fa13d4b43049d369a7de295a97417e5401382f95701f463935_amd64",
"product_id": "registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:fb25360c741915fa13d4b43049d369a7de295a97417e5401382f95701f463935_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-kserve-storage-initializer-rhel9@sha256%3Afb25360c741915fa13d4b43049d369a7de295a97417e5401382f95701f463935?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055932"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:deb42642848d93134455de3ae6a6f3f9378076ef9c038029cb1f302fb29dda07_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:deb42642848d93134455de3ae6a6f3f9378076ef9c038029cb1f302fb29dda07_amd64",
"product_id": "registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:deb42642848d93134455de3ae6a6f3f9378076ef9c038029cb1f302fb29dda07_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-kuberay-operator-controller-rhel9@sha256%3Adeb42642848d93134455de3ae6a6f3f9378076ef9c038029cb1f302fb29dda07?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770224357"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:a1b8003cb89c9bf7d51c857b27b53965fa62abb0ce24fb1cda89f34a9d1c2e46_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:a1b8003cb89c9bf7d51c857b27b53965fa62abb0ce24fb1cda89f34a9d1c2e46_amd64",
"product_id": "registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:a1b8003cb89c9bf7d51c857b27b53965fa62abb0ce24fb1cda89f34a9d1c2e46_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-kueue-controller-rhel9@sha256%3Aa1b8003cb89c9bf7d51c857b27b53965fa62abb0ce24fb1cda89f34a9d1c2e46?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770224400"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-llama-stack-core-rhel9@sha256:4f3e402082fd9064ef612b4306ba1da62f7b142d82b0f184b4b6ad65540927a9_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-llama-stack-core-rhel9@sha256:4f3e402082fd9064ef612b4306ba1da62f7b142d82b0f184b4b6ad65540927a9_amd64",
"product_id": "registry.redhat.io/rhoai/odh-llama-stack-core-rhel9@sha256:4f3e402082fd9064ef612b4306ba1da62f7b142d82b0f184b4b6ad65540927a9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-llama-stack-core-rhel9@sha256%3A4f3e402082fd9064ef612b4306ba1da62f7b142d82b0f184b4b6ad65540927a9?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770237759"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:fa16b7eff701a70f7548fdcd6cfe1f691c70f61031ffd62b9af12921e21e831e_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:fa16b7eff701a70f7548fdcd6cfe1f691c70f61031ffd62b9af12921e21e831e_amd64",
"product_id": "registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:fa16b7eff701a70f7548fdcd6cfe1f691c70f61031ffd62b9af12921e21e831e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-llama-stack-k8s-operator-rhel9@sha256%3Afa16b7eff701a70f7548fdcd6cfe1f691c70f61031ffd62b9af12921e21e831e?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770224279"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-llm-d-inference-scheduler-rhel9@sha256:b491af7175d76a2633083e737142965ffa27ce91547eacaeb56412e4df811872_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-llm-d-inference-scheduler-rhel9@sha256:b491af7175d76a2633083e737142965ffa27ce91547eacaeb56412e4df811872_amd64",
"product_id": "registry.redhat.io/rhoai/odh-llm-d-inference-scheduler-rhel9@sha256:b491af7175d76a2633083e737142965ffa27ce91547eacaeb56412e4df811872_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-llm-d-inference-scheduler-rhel9@sha256%3Ab491af7175d76a2633083e737142965ffa27ce91547eacaeb56412e4df811872?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770054097"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-llm-d-routing-sidecar-rhel9@sha256:d60a0e26725789985f6c2b5b0b68cecbe45f27089f5192a6e957caf2f6cdbdb2_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-llm-d-routing-sidecar-rhel9@sha256:d60a0e26725789985f6c2b5b0b68cecbe45f27089f5192a6e957caf2f6cdbdb2_amd64",
"product_id": "registry.redhat.io/rhoai/odh-llm-d-routing-sidecar-rhel9@sha256:d60a0e26725789985f6c2b5b0b68cecbe45f27089f5192a6e957caf2f6cdbdb2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-llm-d-routing-sidecar-rhel9@sha256%3Ad60a0e26725789985f6c2b5b0b68cecbe45f27089f5192a6e957caf2f6cdbdb2?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770053694"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:468cd1ec5882a82f2e3d7a0c5634d80bc272908703194e5950e3eebf5b2f6b54_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:468cd1ec5882a82f2e3d7a0c5634d80bc272908703194e5950e3eebf5b2f6b54_amd64",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:468cd1ec5882a82f2e3d7a0c5634d80bc272908703194e5950e3eebf5b2f6b54_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-api-server-v2-rhel9@sha256%3A468cd1ec5882a82f2e3d7a0c5634d80bc272908703194e5950e3eebf5b2f6b54?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770224177"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:b9d03b00198d04bee1f7c5f83f90f556c7eab3a462a926d7170bedc7a22b7520_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:b9d03b00198d04bee1f7c5f83f90f556c7eab3a462a926d7170bedc7a22b7520_amd64",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:b9d03b00198d04bee1f7c5f83f90f556c7eab3a462a926d7170bedc7a22b7520_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-driver-rhel9@sha256%3Ab9d03b00198d04bee1f7c5f83f90f556c7eab3a462a926d7170bedc7a22b7520?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770223791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:bf7638364b0afc379e25aa8ad6a6f8cc0d6cfc7fbd597831c9537472f9925d98_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:bf7638364b0afc379e25aa8ad6a6f8cc0d6cfc7fbd597831c9537472f9925d98_amd64",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:bf7638364b0afc379e25aa8ad6a6f8cc0d6cfc7fbd597831c9537472f9925d98_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-launcher-rhel9@sha256%3Abf7638364b0afc379e25aa8ad6a6f8cc0d6cfc7fbd597831c9537472f9925d98?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770223799"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:20647b054e2518ebe50745506932e2af1cc247b5e2876e36142cf25b318980fa_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:20647b054e2518ebe50745506932e2af1cc247b5e2876e36142cf25b318980fa_amd64",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:20647b054e2518ebe50745506932e2af1cc247b5e2876e36142cf25b318980fa_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256%3A20647b054e2518ebe50745506932e2af1cc247b5e2876e36142cf25b318980fa?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770223796"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:93436f429cc5fd089a464f22ed51a00505db398fe90c02565c83a6f72f265f45_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:93436f429cc5fd089a464f22ed51a00505db398fe90c02565c83a6f72f265f45_amd64",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:93436f429cc5fd089a464f22ed51a00505db398fe90c02565c83a6f72f265f45_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-runtime-generic-rhel9@sha256%3A93436f429cc5fd089a464f22ed51a00505db398fe90c02565c83a6f72f265f45?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770103375"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:ed02fb5e34ac2c6debd735b55af998d453d1cad29a108e924837bdee9b832a08_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:ed02fb5e34ac2c6debd735b55af998d453d1cad29a108e924837bdee9b832a08_amd64",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:ed02fb5e34ac2c6debd735b55af998d453d1cad29a108e924837bdee9b832a08_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256%3Aed02fb5e34ac2c6debd735b55af998d453d1cad29a108e924837bdee9b832a08?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770223798"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:01433193ce362a8165862b72f9a095184673a77ae802f125ca18c7aa42ac9333_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:01433193ce362a8165862b72f9a095184673a77ae802f125ca18c7aa42ac9333_amd64",
"product_id": "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:01433193ce362a8165862b72f9a095184673a77ae802f125ca18c7aa42ac9333_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-mlmd-grpc-server-rhel9@sha256%3A01433193ce362a8165862b72f9a095184673a77ae802f125ca18c7aa42ac9333?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770254750"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:47c2b0fddc529f3eac61fcf4fec9afe61fd63e711994c72b1d84adf8fa46986e_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:47c2b0fddc529f3eac61fcf4fec9afe61fd63e711994c72b1d84adf8fa46986e_amd64",
"product_id": "registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:47c2b0fddc529f3eac61fcf4fec9afe61fd63e711994c72b1d84adf8fa46986e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-mm-rest-proxy-rhel9@sha256%3A47c2b0fddc529f3eac61fcf4fec9afe61fd63e711994c72b1d84adf8fa46986e?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770211368"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:41443496092034e0591f625f6bb25fc2da592bc316878426aa286d6b9d8a5f20_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:41443496092034e0591f625f6bb25fc2da592bc316878426aa286d6b9d8a5f20_amd64",
"product_id": "registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:41443496092034e0591f625f6bb25fc2da592bc316878426aa286d6b9d8a5f20_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-mod-arch-model-registry-rhel9@sha256%3A41443496092034e0591f625f6bb25fc2da592bc316878426aa286d6b9d8a5f20?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770210287"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:1c985e860d986a8f7be4fe2afc7176d9a905f187252cdb61206c81cf8389aa45_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:1c985e860d986a8f7be4fe2afc7176d9a905f187252cdb61206c81cf8389aa45_amd64",
"product_id": "registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:1c985e860d986a8f7be4fe2afc7176d9a905f187252cdb61206c81cf8389aa45_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-model-controller-rhel9@sha256%3A1c985e860d986a8f7be4fe2afc7176d9a905f187252cdb61206c81cf8389aa45?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770056184"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:4eb742df1df9bb754adac6df9ea0c6150da2548d4e4f8df2841815a4ca3ff0fb_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:4eb742df1df9bb754adac6df9ea0c6150da2548d4e4f8df2841815a4ca3ff0fb_amd64",
"product_id": "registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:4eb742df1df9bb754adac6df9ea0c6150da2548d4e4f8df2841815a4ca3ff0fb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-model-metadata-collection-rhel9@sha256%3A4eb742df1df9bb754adac6df9ea0c6150da2548d4e4f8df2841815a4ca3ff0fb?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770054675"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:eadabd1ca3be57aa8e3e92795d8dcd40985e841dc4e164d0ebc4e272b40bac3e_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:eadabd1ca3be57aa8e3e92795d8dcd40985e841dc4e164d0ebc4e272b40bac3e_amd64",
"product_id": "registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:eadabd1ca3be57aa8e3e92795d8dcd40985e841dc4e164d0ebc4e272b40bac3e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-model-registry-job-async-upload-rhel9@sha256%3Aeadabd1ca3be57aa8e3e92795d8dcd40985e841dc4e164d0ebc4e272b40bac3e?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770103418"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:4de60e3690b5cd87a4057b7818f888e2bd97ef5b96b99c4c7dd249c1fff7ca38_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:4de60e3690b5cd87a4057b7818f888e2bd97ef5b96b99c4c7dd249c1fff7ca38_amd64",
"product_id": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:4de60e3690b5cd87a4057b7818f888e2bd97ef5b96b99c4c7dd249c1fff7ca38_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-model-registry-operator-rhel9@sha256%3A4de60e3690b5cd87a4057b7818f888e2bd97ef5b96b99c4c7dd249c1fff7ca38?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770211398"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:bc3041ddf8d7b7b2289cc5e4e1220b600ee0b34a6d3d8a85b8bd3761abea7e0d_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:bc3041ddf8d7b7b2289cc5e4e1220b600ee0b34a6d3d8a85b8bd3761abea7e0d_amd64",
"product_id": "registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:bc3041ddf8d7b7b2289cc5e4e1220b600ee0b34a6d3d8a85b8bd3761abea7e0d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-model-registry-rhel9@sha256%3Abc3041ddf8d7b7b2289cc5e4e1220b600ee0b34a6d3d8a85b8bd3761abea7e0d?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770240648"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:f2f82d2a1a33b36097d7bf16fa53cde6baebfcd170def12f75d3da6fe292a78c_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:f2f82d2a1a33b36097d7bf16fa53cde6baebfcd170def12f75d3da6fe292a78c_amd64",
"product_id": "registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:f2f82d2a1a33b36097d7bf16fa53cde6baebfcd170def12f75d3da6fe292a78c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-modelmesh-runtime-adapter-rhel9@sha256%3Af2f82d2a1a33b36097d7bf16fa53cde6baebfcd170def12f75d3da6fe292a78c?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055278"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:4fe3535468b5d6b49d08056ccd51284887baf1fc4a1cb7e7291057c2cf85f5f2_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:4fe3535468b5d6b49d08056ccd51284887baf1fc4a1cb7e7291057c2cf85f5f2_amd64",
"product_id": "registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:4fe3535468b5d6b49d08056ccd51284887baf1fc4a1cb7e7291057c2cf85f5f2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-modelmesh-serving-controller-rhel9@sha256%3A4fe3535468b5d6b49d08056ccd51284887baf1fc4a1cb7e7291057c2cf85f5f2?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770211530"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:6c53139b9dfc9dca16c31f9fd78cbb338a79311d42a823b344f9bdefb99733e7_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:6c53139b9dfc9dca16c31f9fd78cbb338a79311d42a823b344f9bdefb99733e7_amd64",
"product_id": "registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:6c53139b9dfc9dca16c31f9fd78cbb338a79311d42a823b344f9bdefb99733e7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-modelmesh-rhel9@sha256%3A6c53139b9dfc9dca16c31f9fd78cbb338a79311d42a823b344f9bdefb99733e7?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770053928"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:6f96d9a820c7cc7aa4f4b64a6b2910fd37949c9c941620ad274ee015d8276613_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:6f96d9a820c7cc7aa4f4b64a6b2910fd37949c9c941620ad274ee015d8276613_amd64",
"product_id": "registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:6f96d9a820c7cc7aa4f4b64a6b2910fd37949c9c941620ad274ee015d8276613_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-must-gather-rhel9@sha256%3A6f96d9a820c7cc7aa4f4b64a6b2910fd37949c9c941620ad274ee015d8276613?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770056306"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:d87a20577e08cbc139f48ab3154cc94b15597c67ff1351899fa4ca59d04bff58_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:d87a20577e08cbc139f48ab3154cc94b15597c67ff1351899fa4ca59d04bff58_amd64",
"product_id": "registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:d87a20577e08cbc139f48ab3154cc94b15597c67ff1351899fa4ca59d04bff58_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-notebook-controller-rhel9@sha256%3Ad87a20577e08cbc139f48ab3154cc94b15597c67ff1351899fa4ca59d04bff58?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770224116"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:fbfd2e7078a290dc240310e34bdf65eaf4b4fec5f6d5440e400b5481960ef448_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:fbfd2e7078a290dc240310e34bdf65eaf4b4fec5f6d5440e400b5481960ef448_amd64",
"product_id": "registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:fbfd2e7078a290dc240310e34bdf65eaf4b4fec5f6d5440e400b5481960ef448_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-openvino-model-server-rhel9@sha256%3Afbfd2e7078a290dc240310e34bdf65eaf4b4fec5f6d5440e400b5481960ef448?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770054044"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-operator-bundle@sha256:241f14acf737b23def38e8ad03707c575ddb20772a20995ee90b55b74c6e5557_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-operator-bundle@sha256:241f14acf737b23def38e8ad03707c575ddb20772a20995ee90b55b74c6e5557_amd64",
"product_id": "registry.redhat.io/rhoai/odh-operator-bundle@sha256:241f14acf737b23def38e8ad03707c575ddb20772a20995ee90b55b74c6e5557_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-operator-bundle@sha256%3A241f14acf737b23def38e8ad03707c575ddb20772a20995ee90b55b74c6e5557?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770268016"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:c16728de5b7bf18f51d480dec3a6b398c738c6bc6e144cb42d3c89bc6ecb9df2_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:c16728de5b7bf18f51d480dec3a6b398c738c6bc6e144cb42d3c89bc6ecb9df2_amd64",
"product_id": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:c16728de5b7bf18f51d480dec3a6b398c738c6bc6e144cb42d3c89bc6ecb9df2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-rhel9-operator@sha256%3Ac16728de5b7bf18f51d480dec3a6b398c738c6bc6e144cb42d3c89bc6ecb9df2?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770266840"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:d17199ec02f3f62ed061a5d51d8a9f7497dcade091a7b3c01ad14a781f6e97df_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:d17199ec02f3f62ed061a5d51d8a9f7497dcade091a7b3c01ad14a781f6e97df_amd64",
"product_id": "registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:d17199ec02f3f62ed061a5d51d8a9f7497dcade091a7b3c01ad14a781f6e97df_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256%3Ad17199ec02f3f62ed061a5d51d8a9f7497dcade091a7b3c01ad14a781f6e97df?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055428"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:c35c95fa0511503853770594040357cba04649739f4a61f862f6ac4de8b636eb_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:c35c95fa0511503853770594040357cba04649739f4a61f862f6ac4de8b636eb_amd64",
"product_id": "registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:c35c95fa0511503853770594040357cba04649739f4a61f862f6ac4de8b636eb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256%3Ac35c95fa0511503853770594040357cba04649739f4a61f862f6ac4de8b636eb?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770103255"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-pytorch-cuda-py312-rhel9@sha256:0780f52efa6c68ea2fb6371edfbd8b703157c38911803985bb1a676c84e073b5_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-pytorch-cuda-py312-rhel9@sha256:0780f52efa6c68ea2fb6371edfbd8b703157c38911803985bb1a676c84e073b5_amd64",
"product_id": "registry.redhat.io/rhoai/odh-pipeline-runtime-pytorch-cuda-py312-rhel9@sha256:0780f52efa6c68ea2fb6371edfbd8b703157c38911803985bb1a676c84e073b5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-pipeline-runtime-pytorch-cuda-py312-rhel9@sha256%3A0780f52efa6c68ea2fb6371edfbd8b703157c38911803985bb1a676c84e073b5?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770053703"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-pytorch-llmcompressor-cuda-py312-rhel9@sha256:a202c9ec6be34c4be1793e4f9f348077f345c450e0fcd04071d5092f266df9b4_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-pytorch-llmcompressor-cuda-py312-rhel9@sha256:a202c9ec6be34c4be1793e4f9f348077f345c450e0fcd04071d5092f266df9b4_amd64",
"product_id": "registry.redhat.io/rhoai/odh-pipeline-runtime-pytorch-llmcompressor-cuda-py312-rhel9@sha256:a202c9ec6be34c4be1793e4f9f348077f345c450e0fcd04071d5092f266df9b4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-pipeline-runtime-pytorch-llmcompressor-cuda-py312-rhel9@sha256%3Aa202c9ec6be34c4be1793e4f9f348077f345c450e0fcd04071d5092f266df9b4?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770053831"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-pytorch-rocm-py312-rhel9@sha256:e18d2d006c8cd4e3d3816540e154f421e7550a96f73901a799c15a5b4fe576db_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-pytorch-rocm-py312-rhel9@sha256:e18d2d006c8cd4e3d3816540e154f421e7550a96f73901a799c15a5b4fe576db_amd64",
"product_id": "registry.redhat.io/rhoai/odh-pipeline-runtime-pytorch-rocm-py312-rhel9@sha256:e18d2d006c8cd4e3d3816540e154f421e7550a96f73901a799c15a5b4fe576db_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-pipeline-runtime-pytorch-rocm-py312-rhel9@sha256%3Ae18d2d006c8cd4e3d3816540e154f421e7550a96f73901a799c15a5b4fe576db?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770053721"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-tensorflow-cuda-py312-rhel9@sha256:6e8f2fc28114e00d6f46450f111916b5b4efbdc1cee78596d36cd24baaea0c1c_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-tensorflow-cuda-py312-rhel9@sha256:6e8f2fc28114e00d6f46450f111916b5b4efbdc1cee78596d36cd24baaea0c1c_amd64",
"product_id": "registry.redhat.io/rhoai/odh-pipeline-runtime-tensorflow-cuda-py312-rhel9@sha256:6e8f2fc28114e00d6f46450f111916b5b4efbdc1cee78596d36cd24baaea0c1c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-pipeline-runtime-tensorflow-cuda-py312-rhel9@sha256%3A6e8f2fc28114e00d6f46450f111916b5b4efbdc1cee78596d36cd24baaea0c1c?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770053740"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-tensorflow-rocm-py312-rhel9@sha256:3bdeae6f78230e1d966cf7a3f35ea821c808f40cc4c2abb7af9b1748f5611826_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-tensorflow-rocm-py312-rhel9@sha256:3bdeae6f78230e1d966cf7a3f35ea821c808f40cc4c2abb7af9b1748f5611826_amd64",
"product_id": "registry.redhat.io/rhoai/odh-pipeline-runtime-tensorflow-rocm-py312-rhel9@sha256:3bdeae6f78230e1d966cf7a3f35ea821c808f40cc4c2abb7af9b1748f5611826_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-pipeline-runtime-tensorflow-rocm-py312-rhel9@sha256%3A3bdeae6f78230e1d966cf7a3f35ea821c808f40cc4c2abb7af9b1748f5611826?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770053864"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:fb238efd1812752a8ce8b47a9418f71c434d2560e0b06ad2cd8437d64a98498f_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:fb238efd1812752a8ce8b47a9418f71c434d2560e0b06ad2cd8437d64a98498f_amd64",
"product_id": "registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:fb238efd1812752a8ce8b47a9418f71c434d2560e0b06ad2cd8437d64a98498f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-ta-lmes-driver-rhel9@sha256%3Afb238efd1812752a8ce8b47a9418f71c434d2560e0b06ad2cd8437d64a98498f?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055751"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:616eb0426a428db355c82ef6763290c4e493be44b0b4c5411a55f57e9d0f13aa_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:616eb0426a428db355c82ef6763290c4e493be44b0b4c5411a55f57e9d0f13aa_amd64",
"product_id": "registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:616eb0426a428db355c82ef6763290c4e493be44b0b4c5411a55f57e9d0f13aa_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-ta-lmes-job-rhel9@sha256%3A616eb0426a428db355c82ef6763290c4e493be44b0b4c5411a55f57e9d0f13aa?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770245096"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-training-cuda121-torch24-py311-rhel9@sha256:3a8dd739be30f5d682f3a05e4f34644039458dcb630d172548b2bb4b15877ecb_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-training-cuda121-torch24-py311-rhel9@sha256:3a8dd739be30f5d682f3a05e4f34644039458dcb630d172548b2bb4b15877ecb_amd64",
"product_id": "registry.redhat.io/rhoai/odh-training-cuda121-torch24-py311-rhel9@sha256:3a8dd739be30f5d682f3a05e4f34644039458dcb630d172548b2bb4b15877ecb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-training-cuda121-torch24-py311-rhel9@sha256%3A3a8dd739be30f5d682f3a05e4f34644039458dcb630d172548b2bb4b15877ecb?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770053627"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-training-cuda124-torch25-py311-rhel9@sha256:67731cbfb492941b8711b0c602726070859222026006a43e6c2277355e7a27da_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-training-cuda124-torch25-py311-rhel9@sha256:67731cbfb492941b8711b0c602726070859222026006a43e6c2277355e7a27da_amd64",
"product_id": "registry.redhat.io/rhoai/odh-training-cuda124-torch25-py311-rhel9@sha256:67731cbfb492941b8711b0c602726070859222026006a43e6c2277355e7a27da_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-training-cuda124-torch25-py311-rhel9@sha256%3A67731cbfb492941b8711b0c602726070859222026006a43e6c2277355e7a27da?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770053626"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:77a27c980f9882272734739b5f6a8635e1acd303a4ca69a5635add956a4fe89f_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:77a27c980f9882272734739b5f6a8635e1acd303a4ca69a5635add956a4fe89f_amd64",
"product_id": "registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:77a27c980f9882272734739b5f6a8635e1acd303a4ca69a5635add956a4fe89f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-training-operator-rhel9@sha256%3A77a27c980f9882272734739b5f6a8635e1acd303a4ca69a5635add956a4fe89f?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770212592"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-training-rocm62-torch24-py311-rhel9@sha256:2c412361f470d93c05cb1bf0f38380b31cac8f48b21983c9709b9f6edd0ad5e1_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-training-rocm62-torch24-py311-rhel9@sha256:2c412361f470d93c05cb1bf0f38380b31cac8f48b21983c9709b9f6edd0ad5e1_amd64",
"product_id": "registry.redhat.io/rhoai/odh-training-rocm62-torch24-py311-rhel9@sha256:2c412361f470d93c05cb1bf0f38380b31cac8f48b21983c9709b9f6edd0ad5e1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-training-rocm62-torch24-py311-rhel9@sha256%3A2c412361f470d93c05cb1bf0f38380b31cac8f48b21983c9709b9f6edd0ad5e1?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770053822"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-training-rocm62-torch25-py311-rhel9@sha256:96cfb8aa1789dac69f6f6e91d66073f2757a04329c5b9ff4be6d506f370f5d5d_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-training-rocm62-torch25-py311-rhel9@sha256:96cfb8aa1789dac69f6f6e91d66073f2757a04329c5b9ff4be6d506f370f5d5d_amd64",
"product_id": "registry.redhat.io/rhoai/odh-training-rocm62-torch25-py311-rhel9@sha256:96cfb8aa1789dac69f6f6e91d66073f2757a04329c5b9ff4be6d506f370f5d5d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-training-rocm62-torch25-py311-rhel9@sha256%3A96cfb8aa1789dac69f6f6e91d66073f2757a04329c5b9ff4be6d506f370f5d5d?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770053784"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:9b24fa0cbf418b4531a5c57eb302a4235bcc15008727a857b63b8a9a54315e08_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:9b24fa0cbf418b4531a5c57eb302a4235bcc15008727a857b63b8a9a54315e08_amd64",
"product_id": "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:9b24fa0cbf418b4531a5c57eb302a4235bcc15008727a857b63b8a9a54315e08_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-trustyai-service-operator-rhel9@sha256%3A9b24fa0cbf418b4531a5c57eb302a4235bcc15008727a857b63b8a9a54315e08?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055796"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:a5f954cd1f5e59220266e5aad4446d5cc923253606b2c3a4ce303d74a6885604_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:a5f954cd1f5e59220266e5aad4446d5cc923253606b2c3a4ce303d74a6885604_amd64",
"product_id": "registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:a5f954cd1f5e59220266e5aad4446d5cc923253606b2c3a4ce303d74a6885604_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-trustyai-service-rhel9@sha256%3Aa5f954cd1f5e59220266e5aad4446d5cc923253606b2c3a4ce303d74a6885604?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770056349"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:90c886f732e038e7c7394d490dbb0d5e69433cdb2b020bea26d26e02fb1ea30e_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:90c886f732e038e7c7394d490dbb0d5e69433cdb2b020bea26d26e02fb1ea30e_amd64",
"product_id": "registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:90c886f732e038e7c7394d490dbb0d5e69433cdb2b020bea26d26e02fb1ea30e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256%3A90c886f732e038e7c7394d490dbb0d5e69433cdb2b020bea26d26e02fb1ea30e?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055923"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-vllm-cuda-rhel9@sha256:1e8b4f9fdc32213a45824c441171218fd4814ff5ea718b31fc0f74d9322f1a3f_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-vllm-cuda-rhel9@sha256:1e8b4f9fdc32213a45824c441171218fd4814ff5ea718b31fc0f74d9322f1a3f_amd64",
"product_id": "registry.redhat.io/rhoai/odh-vllm-cuda-rhel9@sha256:1e8b4f9fdc32213a45824c441171218fd4814ff5ea718b31fc0f74d9322f1a3f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-vllm-cuda-rhel9@sha256%3A1e8b4f9fdc32213a45824c441171218fd4814ff5ea718b31fc0f74d9322f1a3f?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770059269"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-vllm-gaudi-rhel9@sha256:a2d2b3da2877d3857b6e4dd3685ae12631b847fb4daf7a56234a4655e45cde0f_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-vllm-gaudi-rhel9@sha256:a2d2b3da2877d3857b6e4dd3685ae12631b847fb4daf7a56234a4655e45cde0f_amd64",
"product_id": "registry.redhat.io/rhoai/odh-vllm-gaudi-rhel9@sha256:a2d2b3da2877d3857b6e4dd3685ae12631b847fb4daf7a56234a4655e45cde0f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-vllm-gaudi-rhel9@sha256%3Aa2d2b3da2877d3857b6e4dd3685ae12631b847fb4daf7a56234a4655e45cde0f?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770053799"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-vllm-rocm-rhel9@sha256:7cf5a595faf09636baa94db52be028d4d4d1e2be0fc4748d276719387b2de3b4_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-vllm-rocm-rhel9@sha256:7cf5a595faf09636baa94db52be028d4d4d1e2be0fc4748d276719387b2de3b4_amd64",
"product_id": "registry.redhat.io/rhoai/odh-vllm-rocm-rhel9@sha256:7cf5a595faf09636baa94db52be028d4d4d1e2be0fc4748d276719387b2de3b4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-vllm-rocm-rhel9@sha256%3A7cf5a595faf09636baa94db52be028d4d4d1e2be0fc4748d276719387b2de3b4?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770053785"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-workbench-codeserver-datascience-cpu-py312-rhel9@sha256:2b6b580b98ece481ae56d3106d1f555502482e158747dbfa696f5b8b01e69732_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-workbench-codeserver-datascience-cpu-py312-rhel9@sha256:2b6b580b98ece481ae56d3106d1f555502482e158747dbfa696f5b8b01e69732_amd64",
"product_id": "registry.redhat.io/rhoai/odh-workbench-codeserver-datascience-cpu-py312-rhel9@sha256:2b6b580b98ece481ae56d3106d1f555502482e158747dbfa696f5b8b01e69732_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-workbench-codeserver-datascience-cpu-py312-rhel9@sha256%3A2b6b580b98ece481ae56d3106d1f555502482e158747dbfa696f5b8b01e69732?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055550"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:62a04dfef095c14dcf8ae37af42f49ad410d0525eb47c509d53c0469cdf09b8c_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:62a04dfef095c14dcf8ae37af42f49ad410d0525eb47c509d53c0469cdf09b8c_amd64",
"product_id": "registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:62a04dfef095c14dcf8ae37af42f49ad410d0525eb47c509d53c0469cdf09b8c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256%3A62a04dfef095c14dcf8ae37af42f49ad410d0525eb47c509d53c0469cdf09b8c?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055405"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:ccb50d7b1baa491283897be4f3c2a4bf9d8e3d2e7aa6fb3b18874abe9d43ea44_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:ccb50d7b1baa491283897be4f3c2a4bf9d8e3d2e7aa6fb3b18874abe9d43ea44_amd64",
"product_id": "registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:ccb50d7b1baa491283897be4f3c2a4bf9d8e3d2e7aa6fb3b18874abe9d43ea44_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256%3Accb50d7b1baa491283897be4f3c2a4bf9d8e3d2e7aa6fb3b18874abe9d43ea44?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055397"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cuda-py312-rhel9@sha256:47ebda63b857cae1475cb195d372db7a7a4ee729d286e1da386bdf5972d81482_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cuda-py312-rhel9@sha256:47ebda63b857cae1475cb195d372db7a7a4ee729d286e1da386bdf5972d81482_amd64",
"product_id": "registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cuda-py312-rhel9@sha256:47ebda63b857cae1475cb195d372db7a7a4ee729d286e1da386bdf5972d81482_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-workbench-jupyter-minimal-cuda-py312-rhel9@sha256%3A47ebda63b857cae1475cb195d372db7a7a4ee729d286e1da386bdf5972d81482?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770053733"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-rocm-py312-rhel9@sha256:158c783d59cdbdb9028c4dd760632edd7295330b5dcebbe0017bff4089635c3a_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-rocm-py312-rhel9@sha256:158c783d59cdbdb9028c4dd760632edd7295330b5dcebbe0017bff4089635c3a_amd64",
"product_id": "registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-rocm-py312-rhel9@sha256:158c783d59cdbdb9028c4dd760632edd7295330b5dcebbe0017bff4089635c3a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-workbench-jupyter-minimal-rocm-py312-rhel9@sha256%3A158c783d59cdbdb9028c4dd760632edd7295330b5dcebbe0017bff4089635c3a?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770053728"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-pytorch-cuda-py312-rhel9@sha256:fbe346eafcfbb867f595cbad5ea0190fabbabc61ad80a4be2265e0e2b0149f68_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-pytorch-cuda-py312-rhel9@sha256:fbe346eafcfbb867f595cbad5ea0190fabbabc61ad80a4be2265e0e2b0149f68_amd64",
"product_id": "registry.redhat.io/rhoai/odh-workbench-jupyter-pytorch-cuda-py312-rhel9@sha256:fbe346eafcfbb867f595cbad5ea0190fabbabc61ad80a4be2265e0e2b0149f68_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-workbench-jupyter-pytorch-cuda-py312-rhel9@sha256%3Afbe346eafcfbb867f595cbad5ea0190fabbabc61ad80a4be2265e0e2b0149f68?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770053730"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-pytorch-llmcompressor-cuda-py312-rhel9@sha256:fec8bf2d539fd00df8854a723bae98b7e173c43153c3132ba459bc0e9a86ae35_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-pytorch-llmcompressor-cuda-py312-rhel9@sha256:fec8bf2d539fd00df8854a723bae98b7e173c43153c3132ba459bc0e9a86ae35_amd64",
"product_id": "registry.redhat.io/rhoai/odh-workbench-jupyter-pytorch-llmcompressor-cuda-py312-rhel9@sha256:fec8bf2d539fd00df8854a723bae98b7e173c43153c3132ba459bc0e9a86ae35_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-workbench-jupyter-pytorch-llmcompressor-cuda-py312-rhel9@sha256%3Afec8bf2d539fd00df8854a723bae98b7e173c43153c3132ba459bc0e9a86ae35?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770053829"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-pytorch-rocm-py312-rhel9@sha256:b19482e4008ac03a39b432fb3056bb1ab372ef1617df5bbfe784bc2910b6827a_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-pytorch-rocm-py312-rhel9@sha256:b19482e4008ac03a39b432fb3056bb1ab372ef1617df5bbfe784bc2910b6827a_amd64",
"product_id": "registry.redhat.io/rhoai/odh-workbench-jupyter-pytorch-rocm-py312-rhel9@sha256:b19482e4008ac03a39b432fb3056bb1ab372ef1617df5bbfe784bc2910b6827a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-workbench-jupyter-pytorch-rocm-py312-rhel9@sha256%3Ab19482e4008ac03a39b432fb3056bb1ab372ef1617df5bbfe784bc2910b6827a?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770053864"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-tensorflow-cuda-py312-rhel9@sha256:bcb20d34a700e232c713123cc3b55ab538261d4f185f5ec532ba8c432a91676c_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-tensorflow-cuda-py312-rhel9@sha256:bcb20d34a700e232c713123cc3b55ab538261d4f185f5ec532ba8c432a91676c_amd64",
"product_id": "registry.redhat.io/rhoai/odh-workbench-jupyter-tensorflow-cuda-py312-rhel9@sha256:bcb20d34a700e232c713123cc3b55ab538261d4f185f5ec532ba8c432a91676c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-workbench-jupyter-tensorflow-cuda-py312-rhel9@sha256%3Abcb20d34a700e232c713123cc3b55ab538261d4f185f5ec532ba8c432a91676c?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770053748"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-tensorflow-rocm-py312-rhel9@sha256:85abac79e8d09b61a9fffb0b5d3fd2a3f9da65bad9573a72cecb878a81357dcf_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-tensorflow-rocm-py312-rhel9@sha256:85abac79e8d09b61a9fffb0b5d3fd2a3f9da65bad9573a72cecb878a81357dcf_amd64",
"product_id": "registry.redhat.io/rhoai/odh-workbench-jupyter-tensorflow-rocm-py312-rhel9@sha256:85abac79e8d09b61a9fffb0b5d3fd2a3f9da65bad9573a72cecb878a81357dcf_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-workbench-jupyter-tensorflow-rocm-py312-rhel9@sha256%3A85abac79e8d09b61a9fffb0b5d3fd2a3f9da65bad9573a72cecb878a81357dcf?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770053723"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-trustyai-cpu-py312-rhel9@sha256:b14e6b2a5f4b66dacfcd6c336e2a9e057b1d3ce7de902f0090d9a150a8292a84_amd64",
"product": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-trustyai-cpu-py312-rhel9@sha256:b14e6b2a5f4b66dacfcd6c336e2a9e057b1d3ce7de902f0090d9a150a8292a84_amd64",
"product_id": "registry.redhat.io/rhoai/odh-workbench-jupyter-trustyai-cpu-py312-rhel9@sha256:b14e6b2a5f4b66dacfcd6c336e2a9e057b1d3ce7de902f0090d9a150a8292a84_amd64",
"product_identification_helper": {
"purl": "pkg:oci/odh-workbench-jupyter-trustyai-cpu-py312-rhel9@sha256%3Ab14e6b2a5f4b66dacfcd6c336e2a9e057b1d3ce7de902f0090d9a150a8292a84?arch=amd64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055425"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:88949919f0aabc891dad1fd98ab58df3a08790765295741a8645f3b5d8a285db_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:88949919f0aabc891dad1fd98ab58df3a08790765295741a8645f3b5d8a285db_arm64",
"product_id": "registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:88949919f0aabc891dad1fd98ab58df3a08790765295741a8645f3b5d8a285db_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-built-in-detector-rhel9@sha256%3A88949919f0aabc891dad1fd98ab58df3a08790765295741a8645f3b5d8a285db?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770054761"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-caikit-nlp-rhel9@sha256:70a961b976ef12b9986a68034d127cb9ba998ff75b64e877f9ee3a10f06f0106_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-caikit-nlp-rhel9@sha256:70a961b976ef12b9986a68034d127cb9ba998ff75b64e877f9ee3a10f06f0106_arm64",
"product_id": "registry.redhat.io/rhoai/odh-caikit-nlp-rhel9@sha256:70a961b976ef12b9986a68034d127cb9ba998ff75b64e877f9ee3a10f06f0106_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-caikit-nlp-rhel9@sha256%3A70a961b976ef12b9986a68034d127cb9ba998ff75b64e877f9ee3a10f06f0106?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770053939"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-caikit-tgis-serving-rhel9@sha256:4c34b2d480f5ebd149fc4a0d1d6091a408cc7f1b258445805a1e4cbef3d7d0d2_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-caikit-tgis-serving-rhel9@sha256:4c34b2d480f5ebd149fc4a0d1d6091a408cc7f1b258445805a1e4cbef3d7d0d2_arm64",
"product_id": "registry.redhat.io/rhoai/odh-caikit-tgis-serving-rhel9@sha256:4c34b2d480f5ebd149fc4a0d1d6091a408cc7f1b258445805a1e4cbef3d7d0d2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-caikit-tgis-serving-rhel9@sha256%3A4c34b2d480f5ebd149fc4a0d1d6091a408cc7f1b258445805a1e4cbef3d7d0d2?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770053804"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:66615f22e0deca10743431636bad74e3ed4fb112dee8d0c3c8f27a380e38ae70_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:66615f22e0deca10743431636bad74e3ed4fb112dee8d0c3c8f27a380e38ae70_arm64",
"product_id": "registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:66615f22e0deca10743431636bad74e3ed4fb112dee8d0c3c8f27a380e38ae70_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-codeflare-operator-rhel9@sha256%3A66615f22e0deca10743431636bad74e3ed4fb112dee8d0c3c8f27a380e38ae70?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770223637"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:91389e1c6b30eebfc2f4a5c48bb2d499942b33d89a5419fc1903c180f0087cee_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:91389e1c6b30eebfc2f4a5c48bb2d499942b33d89a5419fc1903c180f0087cee_arm64",
"product_id": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:91389e1c6b30eebfc2f4a5c48bb2d499942b33d89a5419fc1903c180f0087cee_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-dashboard-rhel9@sha256%3A91389e1c6b30eebfc2f4a5c48bb2d499942b33d89a5419fc1903c180f0087cee?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770209922"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:c8fba2ae05c577c06c90364b6d94d92d5470c3150f07c001bbdfed40707220e2_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:c8fba2ae05c577c06c90364b6d94d92d5470c3150f07c001bbdfed40707220e2_arm64",
"product_id": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:c8fba2ae05c577c06c90364b6d94d92d5470c3150f07c001bbdfed40707220e2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-data-science-pipelines-argo-argoexec-rhel9@sha256%3Ac8fba2ae05c577c06c90364b6d94d92d5470c3150f07c001bbdfed40707220e2?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770224105"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:81ce7ecaafd32d352a24ac27dafd6afba1f124f734df7c4fa1864b757759a6bc_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:81ce7ecaafd32d352a24ac27dafd6afba1f124f734df7c4fa1864b757759a6bc_arm64",
"product_id": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:81ce7ecaafd32d352a24ac27dafd6afba1f124f734df7c4fa1864b757759a6bc_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256%3A81ce7ecaafd32d352a24ac27dafd6afba1f124f734df7c4fa1864b757759a6bc?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770224104"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:3eb5049152b666d5cf4bce10957e8ac31bc0a2e74a846d56f9fa15196108f1c2_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:3eb5049152b666d5cf4bce10957e8ac31bc0a2e74a846d56f9fa15196108f1c2_arm64",
"product_id": "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:3eb5049152b666d5cf4bce10957e8ac31bc0a2e74a846d56f9fa15196108f1c2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-data-science-pipelines-operator-controller-rhel9@sha256%3A3eb5049152b666d5cf4bce10957e8ac31bc0a2e74a846d56f9fa15196108f1c2?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770224116"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-feast-operator-rhel9@sha256:14fde57a474874674cfafad3a508ac5645cd50c12c2a267d0235944a77803640_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-feast-operator-rhel9@sha256:14fde57a474874674cfafad3a508ac5645cd50c12c2a267d0235944a77803640_arm64",
"product_id": "registry.redhat.io/rhoai/odh-feast-operator-rhel9@sha256:14fde57a474874674cfafad3a508ac5645cd50c12c2a267d0235944a77803640_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-feast-operator-rhel9@sha256%3A14fde57a474874674cfafad3a508ac5645cd50c12c2a267d0235944a77803640?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770060524"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-feature-server-rhel9@sha256:1e921ff8d31f51a8cf001e62f8ec3d4b999260ac0c6eafcc601d09a4ec4bdf3a_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-feature-server-rhel9@sha256:1e921ff8d31f51a8cf001e62f8ec3d4b999260ac0c6eafcc601d09a4ec4bdf3a_arm64",
"product_id": "registry.redhat.io/rhoai/odh-feature-server-rhel9@sha256:1e921ff8d31f51a8cf001e62f8ec3d4b999260ac0c6eafcc601d09a4ec4bdf3a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-feature-server-rhel9@sha256%3A1e921ff8d31f51a8cf001e62f8ec3d4b999260ac0c6eafcc601d09a4ec4bdf3a?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770061564"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:6b74c03967d50504a813c8c3c5fa48c7cb30cd09c98bb0bac0b6148d63aebcdc_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:6b74c03967d50504a813c8c3c5fa48c7cb30cd09c98bb0bac0b6148d63aebcdc_arm64",
"product_id": "registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:6b74c03967d50504a813c8c3c5fa48c7cb30cd09c98bb0bac0b6148d63aebcdc_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-fms-guardrails-orchestrator-rhel9@sha256%3A6b74c03967d50504a813c8c3c5fa48c7cb30cd09c98bb0bac0b6148d63aebcdc?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770230497"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:91b8c0b48fa8e0704b6d16b516e08b0fe39614b9b089e1f15102288bf5d60959_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:91b8c0b48fa8e0704b6d16b516e08b0fe39614b9b089e1f15102288bf5d60959_arm64",
"product_id": "registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:91b8c0b48fa8e0704b6d16b516e08b0fe39614b9b089e1f15102288bf5d60959_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-guardrails-detector-huggingface-runtime-rhel9@sha256%3A91b8c0b48fa8e0704b6d16b516e08b0fe39614b9b089e1f15102288bf5d60959?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770103233"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:3b365965099e17509fffd095610bd58e709feb1cf3e35ad118c5a8aa52ff8f12_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:3b365965099e17509fffd095610bd58e709feb1cf3e35ad118c5a8aa52ff8f12_arm64",
"product_id": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:3b365965099e17509fffd095610bd58e709feb1cf3e35ad118c5a8aa52ff8f12_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-kf-notebook-controller-rhel9@sha256%3A3b365965099e17509fffd095610bd58e709feb1cf3e35ad118c5a8aa52ff8f12?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770224123"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:a8935624aae93ce1ede521508a9148e8ed0d4ada0c8ccd36c3cfcb3971cb2b29_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:a8935624aae93ce1ede521508a9148e8ed0d4ada0c8ccd36c3cfcb3971cb2b29_arm64",
"product_id": "registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:a8935624aae93ce1ede521508a9148e8ed0d4ada0c8ccd36c3cfcb3971cb2b29_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-kserve-agent-rhel9@sha256%3Aa8935624aae93ce1ede521508a9148e8ed0d4ada0c8ccd36c3cfcb3971cb2b29?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055852"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:8cfd70b3f0864c54c1bcc0ae9f11337c4570aa2c6ced8140810a997b7a842c93_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:8cfd70b3f0864c54c1bcc0ae9f11337c4570aa2c6ced8140810a997b7a842c93_arm64",
"product_id": "registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:8cfd70b3f0864c54c1bcc0ae9f11337c4570aa2c6ced8140810a997b7a842c93_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-kserve-controller-rhel9@sha256%3A8cfd70b3f0864c54c1bcc0ae9f11337c4570aa2c6ced8140810a997b7a842c93?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055872"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:280c53068de6bd3bad6a5d32dd50f322b8d1f92615097fa15f63188bedfed00d_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:280c53068de6bd3bad6a5d32dd50f322b8d1f92615097fa15f63188bedfed00d_arm64",
"product_id": "registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:280c53068de6bd3bad6a5d32dd50f322b8d1f92615097fa15f63188bedfed00d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-kserve-router-rhel9@sha256%3A280c53068de6bd3bad6a5d32dd50f322b8d1f92615097fa15f63188bedfed00d?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055874"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:509b53d9ccd21683c81b4e42770dc0d90e9c05de5f20df7edf1fa0c7591b8ae2_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:509b53d9ccd21683c81b4e42770dc0d90e9c05de5f20df7edf1fa0c7591b8ae2_arm64",
"product_id": "registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:509b53d9ccd21683c81b4e42770dc0d90e9c05de5f20df7edf1fa0c7591b8ae2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-kserve-storage-initializer-rhel9@sha256%3A509b53d9ccd21683c81b4e42770dc0d90e9c05de5f20df7edf1fa0c7591b8ae2?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055932"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:50d35e3e4c759fc9b61934b099d412cf0dee4e491965d4db8c4589ccc68eee49_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:50d35e3e4c759fc9b61934b099d412cf0dee4e491965d4db8c4589ccc68eee49_arm64",
"product_id": "registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:50d35e3e4c759fc9b61934b099d412cf0dee4e491965d4db8c4589ccc68eee49_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-kuberay-operator-controller-rhel9@sha256%3A50d35e3e4c759fc9b61934b099d412cf0dee4e491965d4db8c4589ccc68eee49?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770224357"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:cd682edaf2fe812615d6b3d98f6a9b4ff66d57f79169eeb192b0c9c5b05ccba1_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:cd682edaf2fe812615d6b3d98f6a9b4ff66d57f79169eeb192b0c9c5b05ccba1_arm64",
"product_id": "registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:cd682edaf2fe812615d6b3d98f6a9b4ff66d57f79169eeb192b0c9c5b05ccba1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-kueue-controller-rhel9@sha256%3Acd682edaf2fe812615d6b3d98f6a9b4ff66d57f79169eeb192b0c9c5b05ccba1?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770224400"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-llama-stack-core-rhel9@sha256:ef279e1fd560d020a552e75c43a762c9b8facc78aae067122f9f37af95652af5_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-llama-stack-core-rhel9@sha256:ef279e1fd560d020a552e75c43a762c9b8facc78aae067122f9f37af95652af5_arm64",
"product_id": "registry.redhat.io/rhoai/odh-llama-stack-core-rhel9@sha256:ef279e1fd560d020a552e75c43a762c9b8facc78aae067122f9f37af95652af5_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-llama-stack-core-rhel9@sha256%3Aef279e1fd560d020a552e75c43a762c9b8facc78aae067122f9f37af95652af5?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770237759"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:c0d95dfbae20e87113ffb81026d379bb63ad300447df98b27d1bf9a83b084744_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:c0d95dfbae20e87113ffb81026d379bb63ad300447df98b27d1bf9a83b084744_arm64",
"product_id": "registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:c0d95dfbae20e87113ffb81026d379bb63ad300447df98b27d1bf9a83b084744_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-llama-stack-k8s-operator-rhel9@sha256%3Ac0d95dfbae20e87113ffb81026d379bb63ad300447df98b27d1bf9a83b084744?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770224279"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-llm-d-inference-scheduler-rhel9@sha256:b6da3e72cb8a8168fc0379d8af5514fac5ddf991b39486e20a700c60e23704a4_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-llm-d-inference-scheduler-rhel9@sha256:b6da3e72cb8a8168fc0379d8af5514fac5ddf991b39486e20a700c60e23704a4_arm64",
"product_id": "registry.redhat.io/rhoai/odh-llm-d-inference-scheduler-rhel9@sha256:b6da3e72cb8a8168fc0379d8af5514fac5ddf991b39486e20a700c60e23704a4_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-llm-d-inference-scheduler-rhel9@sha256%3Ab6da3e72cb8a8168fc0379d8af5514fac5ddf991b39486e20a700c60e23704a4?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770054097"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-llm-d-routing-sidecar-rhel9@sha256:9908cfe2d50b00ee658382256af0a738cb0f719dfb37f5a1cdb5af1ca4500344_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-llm-d-routing-sidecar-rhel9@sha256:9908cfe2d50b00ee658382256af0a738cb0f719dfb37f5a1cdb5af1ca4500344_arm64",
"product_id": "registry.redhat.io/rhoai/odh-llm-d-routing-sidecar-rhel9@sha256:9908cfe2d50b00ee658382256af0a738cb0f719dfb37f5a1cdb5af1ca4500344_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-llm-d-routing-sidecar-rhel9@sha256%3A9908cfe2d50b00ee658382256af0a738cb0f719dfb37f5a1cdb5af1ca4500344?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770053694"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:be7d70ba27a9c09b4fb4e6bae222f7e58cb3c813407d5a9dd3219a4a82cb55b0_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:be7d70ba27a9c09b4fb4e6bae222f7e58cb3c813407d5a9dd3219a4a82cb55b0_arm64",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:be7d70ba27a9c09b4fb4e6bae222f7e58cb3c813407d5a9dd3219a4a82cb55b0_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-api-server-v2-rhel9@sha256%3Abe7d70ba27a9c09b4fb4e6bae222f7e58cb3c813407d5a9dd3219a4a82cb55b0?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770224177"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:52f55f3225d0f4d0f7ea2017f5138344cf9f206398546ce8e1598764111935a4_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:52f55f3225d0f4d0f7ea2017f5138344cf9f206398546ce8e1598764111935a4_arm64",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:52f55f3225d0f4d0f7ea2017f5138344cf9f206398546ce8e1598764111935a4_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-driver-rhel9@sha256%3A52f55f3225d0f4d0f7ea2017f5138344cf9f206398546ce8e1598764111935a4?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770223791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:67deadc75f0552f04b3815ba81615edfa7909e03b1505cf74c315db6e5a8ca76_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:67deadc75f0552f04b3815ba81615edfa7909e03b1505cf74c315db6e5a8ca76_arm64",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:67deadc75f0552f04b3815ba81615edfa7909e03b1505cf74c315db6e5a8ca76_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-launcher-rhel9@sha256%3A67deadc75f0552f04b3815ba81615edfa7909e03b1505cf74c315db6e5a8ca76?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770223799"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:c3e8c04fad71e76381e05f43d9277f6fd523d9aada895bd0ca20bca48944ff68_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:c3e8c04fad71e76381e05f43d9277f6fd523d9aada895bd0ca20bca48944ff68_arm64",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:c3e8c04fad71e76381e05f43d9277f6fd523d9aada895bd0ca20bca48944ff68_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256%3Ac3e8c04fad71e76381e05f43d9277f6fd523d9aada895bd0ca20bca48944ff68?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770223796"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:91aab4a10d8cc1340044c6297ae1bd0a5744c41164a3d83b3bf455a275f9f5cd_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:91aab4a10d8cc1340044c6297ae1bd0a5744c41164a3d83b3bf455a275f9f5cd_arm64",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:91aab4a10d8cc1340044c6297ae1bd0a5744c41164a3d83b3bf455a275f9f5cd_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-runtime-generic-rhel9@sha256%3A91aab4a10d8cc1340044c6297ae1bd0a5744c41164a3d83b3bf455a275f9f5cd?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770103375"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f3fbc2fd0ac0b4677fdef170818c25235369103d2123dffb55d3d42bacd76663_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f3fbc2fd0ac0b4677fdef170818c25235369103d2123dffb55d3d42bacd76663_arm64",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f3fbc2fd0ac0b4677fdef170818c25235369103d2123dffb55d3d42bacd76663_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256%3Af3fbc2fd0ac0b4677fdef170818c25235369103d2123dffb55d3d42bacd76663?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770223798"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:ab93a3d6489d5f64c6193748091c7c07f75cc25ec0a83abcb0605d4919281640_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:ab93a3d6489d5f64c6193748091c7c07f75cc25ec0a83abcb0605d4919281640_arm64",
"product_id": "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:ab93a3d6489d5f64c6193748091c7c07f75cc25ec0a83abcb0605d4919281640_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-mlmd-grpc-server-rhel9@sha256%3Aab93a3d6489d5f64c6193748091c7c07f75cc25ec0a83abcb0605d4919281640?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770254750"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:45a875b1e295421cfce026f3f02388f0782613fcd4ffa5b3a4f143dc317739b0_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:45a875b1e295421cfce026f3f02388f0782613fcd4ffa5b3a4f143dc317739b0_arm64",
"product_id": "registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:45a875b1e295421cfce026f3f02388f0782613fcd4ffa5b3a4f143dc317739b0_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-mm-rest-proxy-rhel9@sha256%3A45a875b1e295421cfce026f3f02388f0782613fcd4ffa5b3a4f143dc317739b0?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770211368"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f632916f22e58f24a4e7a731f62921f13f4c1d0e946f7ac983acbfe671e390b7_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f632916f22e58f24a4e7a731f62921f13f4c1d0e946f7ac983acbfe671e390b7_arm64",
"product_id": "registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f632916f22e58f24a4e7a731f62921f13f4c1d0e946f7ac983acbfe671e390b7_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-mod-arch-model-registry-rhel9@sha256%3Af632916f22e58f24a4e7a731f62921f13f4c1d0e946f7ac983acbfe671e390b7?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770210287"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:d4687faf278546087f07a091d654f5a3723985b28ace8632249a8dd6b81a644f_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:d4687faf278546087f07a091d654f5a3723985b28ace8632249a8dd6b81a644f_arm64",
"product_id": "registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:d4687faf278546087f07a091d654f5a3723985b28ace8632249a8dd6b81a644f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-model-controller-rhel9@sha256%3Ad4687faf278546087f07a091d654f5a3723985b28ace8632249a8dd6b81a644f?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770056184"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:189397a122e85b746a45993fc6e1a4e4f65d748fb92138d2048b88f919a6d5e4_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:189397a122e85b746a45993fc6e1a4e4f65d748fb92138d2048b88f919a6d5e4_arm64",
"product_id": "registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:189397a122e85b746a45993fc6e1a4e4f65d748fb92138d2048b88f919a6d5e4_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-model-metadata-collection-rhel9@sha256%3A189397a122e85b746a45993fc6e1a4e4f65d748fb92138d2048b88f919a6d5e4?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770054675"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:d4d70a9fd8dcea2315b29ea36c085b6a37bd317fb7df6688993f4e7b62a2a47e_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:d4d70a9fd8dcea2315b29ea36c085b6a37bd317fb7df6688993f4e7b62a2a47e_arm64",
"product_id": "registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:d4d70a9fd8dcea2315b29ea36c085b6a37bd317fb7df6688993f4e7b62a2a47e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-model-registry-job-async-upload-rhel9@sha256%3Ad4d70a9fd8dcea2315b29ea36c085b6a37bd317fb7df6688993f4e7b62a2a47e?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770103418"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:a977560da71f539a5e7076deb6d374afba36121c877f59e85310895f2045d3ee_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:a977560da71f539a5e7076deb6d374afba36121c877f59e85310895f2045d3ee_arm64",
"product_id": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:a977560da71f539a5e7076deb6d374afba36121c877f59e85310895f2045d3ee_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-model-registry-operator-rhel9@sha256%3Aa977560da71f539a5e7076deb6d374afba36121c877f59e85310895f2045d3ee?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770211398"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:419c6ec3e5fea5d957a8e4cd5510995d2f4a6b0537fe94ea82dfebab975a42a2_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:419c6ec3e5fea5d957a8e4cd5510995d2f4a6b0537fe94ea82dfebab975a42a2_arm64",
"product_id": "registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:419c6ec3e5fea5d957a8e4cd5510995d2f4a6b0537fe94ea82dfebab975a42a2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-model-registry-rhel9@sha256%3A419c6ec3e5fea5d957a8e4cd5510995d2f4a6b0537fe94ea82dfebab975a42a2?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770240648"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:c05de2381d517323b0ae164f7b3cf23d9f8c641ea47e2cd0a897224429ed5533_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:c05de2381d517323b0ae164f7b3cf23d9f8c641ea47e2cd0a897224429ed5533_arm64",
"product_id": "registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:c05de2381d517323b0ae164f7b3cf23d9f8c641ea47e2cd0a897224429ed5533_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-modelmesh-runtime-adapter-rhel9@sha256%3Ac05de2381d517323b0ae164f7b3cf23d9f8c641ea47e2cd0a897224429ed5533?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055278"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef5b9e57765b47b45c682075fcd8017f1eff985de28c1baad33617964c006a52_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef5b9e57765b47b45c682075fcd8017f1eff985de28c1baad33617964c006a52_arm64",
"product_id": "registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef5b9e57765b47b45c682075fcd8017f1eff985de28c1baad33617964c006a52_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-modelmesh-serving-controller-rhel9@sha256%3Aef5b9e57765b47b45c682075fcd8017f1eff985de28c1baad33617964c006a52?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770211530"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:d0c2eaa242cedd58d0810f5a326b8dc4ce54a38a8579c5fdfda3bd8e30e74e75_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:d0c2eaa242cedd58d0810f5a326b8dc4ce54a38a8579c5fdfda3bd8e30e74e75_arm64",
"product_id": "registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:d0c2eaa242cedd58d0810f5a326b8dc4ce54a38a8579c5fdfda3bd8e30e74e75_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-modelmesh-rhel9@sha256%3Ad0c2eaa242cedd58d0810f5a326b8dc4ce54a38a8579c5fdfda3bd8e30e74e75?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770053928"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:314e3ae61356b86a365bace1060f7cd6013e46ff88dace6bb2b61c281c287827_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:314e3ae61356b86a365bace1060f7cd6013e46ff88dace6bb2b61c281c287827_arm64",
"product_id": "registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:314e3ae61356b86a365bace1060f7cd6013e46ff88dace6bb2b61c281c287827_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-must-gather-rhel9@sha256%3A314e3ae61356b86a365bace1060f7cd6013e46ff88dace6bb2b61c281c287827?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770056306"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:ab51ed9b5aea2919f8a62c0d99c6e3f7defe69056290b3062a636f4a1a8aecc2_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:ab51ed9b5aea2919f8a62c0d99c6e3f7defe69056290b3062a636f4a1a8aecc2_arm64",
"product_id": "registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:ab51ed9b5aea2919f8a62c0d99c6e3f7defe69056290b3062a636f4a1a8aecc2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-notebook-controller-rhel9@sha256%3Aab51ed9b5aea2919f8a62c0d99c6e3f7defe69056290b3062a636f4a1a8aecc2?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770224116"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:e6399638e0138333e4493d200bde94039c097773b677a1d0e4d07e81cee9ef00_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:e6399638e0138333e4493d200bde94039c097773b677a1d0e4d07e81cee9ef00_arm64",
"product_id": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:e6399638e0138333e4493d200bde94039c097773b677a1d0e4d07e81cee9ef00_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-rhel9-operator@sha256%3Ae6399638e0138333e4493d200bde94039c097773b677a1d0e4d07e81cee9ef00?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770266840"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:7a354b91b17b33b26c57c3b8a90747c31569bb7c40ce473534a5ba5f173d7322_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:7a354b91b17b33b26c57c3b8a90747c31569bb7c40ce473534a5ba5f173d7322_arm64",
"product_id": "registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:7a354b91b17b33b26c57c3b8a90747c31569bb7c40ce473534a5ba5f173d7322_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256%3A7a354b91b17b33b26c57c3b8a90747c31569bb7c40ce473534a5ba5f173d7322?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055428"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:00390c9d7dc34d84a819429e0b881e5fae11a659f2dde48689e102c8eddb3fe2_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:00390c9d7dc34d84a819429e0b881e5fae11a659f2dde48689e102c8eddb3fe2_arm64",
"product_id": "registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:00390c9d7dc34d84a819429e0b881e5fae11a659f2dde48689e102c8eddb3fe2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256%3A00390c9d7dc34d84a819429e0b881e5fae11a659f2dde48689e102c8eddb3fe2?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770103255"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-tensorflow-cuda-py312-rhel9@sha256:fa2b62d5001452ad077383bc63124f021bbef766fb104203a9a05bba87332d8e_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-tensorflow-cuda-py312-rhel9@sha256:fa2b62d5001452ad077383bc63124f021bbef766fb104203a9a05bba87332d8e_arm64",
"product_id": "registry.redhat.io/rhoai/odh-pipeline-runtime-tensorflow-cuda-py312-rhel9@sha256:fa2b62d5001452ad077383bc63124f021bbef766fb104203a9a05bba87332d8e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-pipeline-runtime-tensorflow-cuda-py312-rhel9@sha256%3Afa2b62d5001452ad077383bc63124f021bbef766fb104203a9a05bba87332d8e?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770053740"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:7a8408dd838cc49f46ddbab416ded7f0e17cdf70fd53c4989aced80735401e23_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:7a8408dd838cc49f46ddbab416ded7f0e17cdf70fd53c4989aced80735401e23_arm64",
"product_id": "registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:7a8408dd838cc49f46ddbab416ded7f0e17cdf70fd53c4989aced80735401e23_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-ta-lmes-driver-rhel9@sha256%3A7a8408dd838cc49f46ddbab416ded7f0e17cdf70fd53c4989aced80735401e23?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055751"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:521682a029cda192fdd8ebde9245c7eba540c8f97bca2cbb3e84189a9897572e_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:521682a029cda192fdd8ebde9245c7eba540c8f97bca2cbb3e84189a9897572e_arm64",
"product_id": "registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:521682a029cda192fdd8ebde9245c7eba540c8f97bca2cbb3e84189a9897572e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-ta-lmes-job-rhel9@sha256%3A521682a029cda192fdd8ebde9245c7eba540c8f97bca2cbb3e84189a9897572e?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770245096"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:2980f5cddc9a58ad489e9e2beca20f1d8c8a75f814be7ce673db003f0e6de579_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:2980f5cddc9a58ad489e9e2beca20f1d8c8a75f814be7ce673db003f0e6de579_arm64",
"product_id": "registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:2980f5cddc9a58ad489e9e2beca20f1d8c8a75f814be7ce673db003f0e6de579_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-training-operator-rhel9@sha256%3A2980f5cddc9a58ad489e9e2beca20f1d8c8a75f814be7ce673db003f0e6de579?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770212592"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:c0558782a9ce1fcd3530aaa0e83f330f15c7e76f5543876fe72c420bfe970d59_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:c0558782a9ce1fcd3530aaa0e83f330f15c7e76f5543876fe72c420bfe970d59_arm64",
"product_id": "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:c0558782a9ce1fcd3530aaa0e83f330f15c7e76f5543876fe72c420bfe970d59_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-trustyai-service-operator-rhel9@sha256%3Ac0558782a9ce1fcd3530aaa0e83f330f15c7e76f5543876fe72c420bfe970d59?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055796"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:7ab2029ebe7ade1697ad33ab5ec7552eff355cb09d2fcbcc0fee938c39c5eb98_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:7ab2029ebe7ade1697ad33ab5ec7552eff355cb09d2fcbcc0fee938c39c5eb98_arm64",
"product_id": "registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:7ab2029ebe7ade1697ad33ab5ec7552eff355cb09d2fcbcc0fee938c39c5eb98_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-trustyai-service-rhel9@sha256%3A7ab2029ebe7ade1697ad33ab5ec7552eff355cb09d2fcbcc0fee938c39c5eb98?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770056349"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:75a6fdf619836b3da7198a2d6588cf8d8f895b8db7507318370c316d37616df8_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:75a6fdf619836b3da7198a2d6588cf8d8f895b8db7507318370c316d37616df8_arm64",
"product_id": "registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:75a6fdf619836b3da7198a2d6588cf8d8f895b8db7507318370c316d37616df8_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256%3A75a6fdf619836b3da7198a2d6588cf8d8f895b8db7507318370c316d37616df8?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055923"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-vllm-cuda-rhel9@sha256:78ccc2cef82e18943e3d9f3433597a77c3430814ab9f042c5b2a9e907049f8de_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-vllm-cuda-rhel9@sha256:78ccc2cef82e18943e3d9f3433597a77c3430814ab9f042c5b2a9e907049f8de_arm64",
"product_id": "registry.redhat.io/rhoai/odh-vllm-cuda-rhel9@sha256:78ccc2cef82e18943e3d9f3433597a77c3430814ab9f042c5b2a9e907049f8de_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-vllm-cuda-rhel9@sha256%3A78ccc2cef82e18943e3d9f3433597a77c3430814ab9f042c5b2a9e907049f8de?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770059269"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-workbench-codeserver-datascience-cpu-py312-rhel9@sha256:012089e186f66a139d3dbab861f2c88e18c7953b81381872fb5ccf78465ab641_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-workbench-codeserver-datascience-cpu-py312-rhel9@sha256:012089e186f66a139d3dbab861f2c88e18c7953b81381872fb5ccf78465ab641_arm64",
"product_id": "registry.redhat.io/rhoai/odh-workbench-codeserver-datascience-cpu-py312-rhel9@sha256:012089e186f66a139d3dbab861f2c88e18c7953b81381872fb5ccf78465ab641_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-workbench-codeserver-datascience-cpu-py312-rhel9@sha256%3A012089e186f66a139d3dbab861f2c88e18c7953b81381872fb5ccf78465ab641?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055550"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:b15df9b9947b193cf648102945059587d5f56353b3a2f97e148ec30c34ec3953_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:b15df9b9947b193cf648102945059587d5f56353b3a2f97e148ec30c34ec3953_arm64",
"product_id": "registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:b15df9b9947b193cf648102945059587d5f56353b3a2f97e148ec30c34ec3953_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256%3Ab15df9b9947b193cf648102945059587d5f56353b3a2f97e148ec30c34ec3953?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055405"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:267b5f0d8edc1ffa3cb8f069fd83483712c17de02d0d8568cd9bda0b2389ebf0_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:267b5f0d8edc1ffa3cb8f069fd83483712c17de02d0d8568cd9bda0b2389ebf0_arm64",
"product_id": "registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:267b5f0d8edc1ffa3cb8f069fd83483712c17de02d0d8568cd9bda0b2389ebf0_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256%3A267b5f0d8edc1ffa3cb8f069fd83483712c17de02d0d8568cd9bda0b2389ebf0?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055397"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cuda-py312-rhel9@sha256:0a10e0df52a41f7ca9053f3292befde92ab9e1c2965bc3a2bdbe51eaeb5b8e48_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cuda-py312-rhel9@sha256:0a10e0df52a41f7ca9053f3292befde92ab9e1c2965bc3a2bdbe51eaeb5b8e48_arm64",
"product_id": "registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cuda-py312-rhel9@sha256:0a10e0df52a41f7ca9053f3292befde92ab9e1c2965bc3a2bdbe51eaeb5b8e48_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-workbench-jupyter-minimal-cuda-py312-rhel9@sha256%3A0a10e0df52a41f7ca9053f3292befde92ab9e1c2965bc3a2bdbe51eaeb5b8e48?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770053733"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-tensorflow-cuda-py312-rhel9@sha256:1213d9e9a56ec3fddb887082d95c2ac168876eee8592aba265aeadd7ffad3898_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-tensorflow-cuda-py312-rhel9@sha256:1213d9e9a56ec3fddb887082d95c2ac168876eee8592aba265aeadd7ffad3898_arm64",
"product_id": "registry.redhat.io/rhoai/odh-workbench-jupyter-tensorflow-cuda-py312-rhel9@sha256:1213d9e9a56ec3fddb887082d95c2ac168876eee8592aba265aeadd7ffad3898_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-workbench-jupyter-tensorflow-cuda-py312-rhel9@sha256%3A1213d9e9a56ec3fddb887082d95c2ac168876eee8592aba265aeadd7ffad3898?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770053748"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-trustyai-cpu-py312-rhel9@sha256:992d644dbe23533126eee70cf983e9afdf31efa558b7a435cc08ad3e14923090_arm64",
"product": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-trustyai-cpu-py312-rhel9@sha256:992d644dbe23533126eee70cf983e9afdf31efa558b7a435cc08ad3e14923090_arm64",
"product_id": "registry.redhat.io/rhoai/odh-workbench-jupyter-trustyai-cpu-py312-rhel9@sha256:992d644dbe23533126eee70cf983e9afdf31efa558b7a435cc08ad3e14923090_arm64",
"product_identification_helper": {
"purl": "pkg:oci/odh-workbench-jupyter-trustyai-cpu-py312-rhel9@sha256%3A992d644dbe23533126eee70cf983e9afdf31efa558b7a435cc08ad3e14923090?arch=arm64\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055425"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:a389155782f92006e5bba65e46a895f7cf452686543a14b7b1fa52406f9058cd_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:a389155782f92006e5bba65e46a895f7cf452686543a14b7b1fa52406f9058cd_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:a389155782f92006e5bba65e46a895f7cf452686543a14b7b1fa52406f9058cd_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-built-in-detector-rhel9@sha256%3Aa389155782f92006e5bba65e46a895f7cf452686543a14b7b1fa52406f9058cd?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770054761"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:7c4110fe722576a3e8f65c4e6ae155be27e805b43e8ac8ca7ef82f3990a99874_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:7c4110fe722576a3e8f65c4e6ae155be27e805b43e8ac8ca7ef82f3990a99874_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:7c4110fe722576a3e8f65c4e6ae155be27e805b43e8ac8ca7ef82f3990a99874_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-dashboard-rhel9@sha256%3A7c4110fe722576a3e8f65c4e6ae155be27e805b43e8ac8ca7ef82f3990a99874?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770209922"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:f7933e6dc10f8169ae87369a3ff62bee34d43d8d1c838f7ae833d0908d54a45d_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:f7933e6dc10f8169ae87369a3ff62bee34d43d8d1c838f7ae833d0908d54a45d_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:f7933e6dc10f8169ae87369a3ff62bee34d43d8d1c838f7ae833d0908d54a45d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-data-science-pipelines-argo-argoexec-rhel9@sha256%3Af7933e6dc10f8169ae87369a3ff62bee34d43d8d1c838f7ae833d0908d54a45d?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770224105"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:36e001b965f7eebd64b872def5c57231de0819469d7a26ea86df744f28c2785a_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:36e001b965f7eebd64b872def5c57231de0819469d7a26ea86df744f28c2785a_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:36e001b965f7eebd64b872def5c57231de0819469d7a26ea86df744f28c2785a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256%3A36e001b965f7eebd64b872def5c57231de0819469d7a26ea86df744f28c2785a?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770224104"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:2295017f41d6d273157b8f094074690f49521d3e0680580e26e37a9ab545d6fc_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:2295017f41d6d273157b8f094074690f49521d3e0680580e26e37a9ab545d6fc_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:2295017f41d6d273157b8f094074690f49521d3e0680580e26e37a9ab545d6fc_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-data-science-pipelines-operator-controller-rhel9@sha256%3A2295017f41d6d273157b8f094074690f49521d3e0680580e26e37a9ab545d6fc?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770224116"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-feast-operator-rhel9@sha256:81c034b0d7ca5042b273697e7ff6a58c913cc1f9b514df46d44774b6346883a1_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-feast-operator-rhel9@sha256:81c034b0d7ca5042b273697e7ff6a58c913cc1f9b514df46d44774b6346883a1_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-feast-operator-rhel9@sha256:81c034b0d7ca5042b273697e7ff6a58c913cc1f9b514df46d44774b6346883a1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-feast-operator-rhel9@sha256%3A81c034b0d7ca5042b273697e7ff6a58c913cc1f9b514df46d44774b6346883a1?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770060524"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-feature-server-rhel9@sha256:0ea130b6f98f7addc0128ac96e373dd685556ef1dbc8fa5400683f4b91425940_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-feature-server-rhel9@sha256:0ea130b6f98f7addc0128ac96e373dd685556ef1dbc8fa5400683f4b91425940_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-feature-server-rhel9@sha256:0ea130b6f98f7addc0128ac96e373dd685556ef1dbc8fa5400683f4b91425940_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-feature-server-rhel9@sha256%3A0ea130b6f98f7addc0128ac96e373dd685556ef1dbc8fa5400683f4b91425940?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770061564"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:1ac518cbe7ed66f94fa11d48c19e1fc4c4a6972d070ec2e4ce8699c0d33a7c56_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:1ac518cbe7ed66f94fa11d48c19e1fc4c4a6972d070ec2e4ce8699c0d33a7c56_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:1ac518cbe7ed66f94fa11d48c19e1fc4c4a6972d070ec2e4ce8699c0d33a7c56_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-fms-guardrails-orchestrator-rhel9@sha256%3A1ac518cbe7ed66f94fa11d48c19e1fc4c4a6972d070ec2e4ce8699c0d33a7c56?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770230497"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:51866ab99ca80fa1090ae4b10254f4c73362c0136187b8459e290be8392e0a1e_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:51866ab99ca80fa1090ae4b10254f4c73362c0136187b8459e290be8392e0a1e_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:51866ab99ca80fa1090ae4b10254f4c73362c0136187b8459e290be8392e0a1e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-guardrails-detector-huggingface-runtime-rhel9@sha256%3A51866ab99ca80fa1090ae4b10254f4c73362c0136187b8459e290be8392e0a1e?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770103233"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7293f49b5919ab43d2e8f6ff3a6dea6c88e34fdfaf2570c43ad221a94c03e8ee_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7293f49b5919ab43d2e8f6ff3a6dea6c88e34fdfaf2570c43ad221a94c03e8ee_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7293f49b5919ab43d2e8f6ff3a6dea6c88e34fdfaf2570c43ad221a94c03e8ee_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-kf-notebook-controller-rhel9@sha256%3A7293f49b5919ab43d2e8f6ff3a6dea6c88e34fdfaf2570c43ad221a94c03e8ee?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770224123"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:2a9e4f6b7abbb962922ecdb473ff44902a7b6ef811bdbc08c27db2460dde515d_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:2a9e4f6b7abbb962922ecdb473ff44902a7b6ef811bdbc08c27db2460dde515d_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:2a9e4f6b7abbb962922ecdb473ff44902a7b6ef811bdbc08c27db2460dde515d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-kserve-agent-rhel9@sha256%3A2a9e4f6b7abbb962922ecdb473ff44902a7b6ef811bdbc08c27db2460dde515d?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055852"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:8a3021116d34e958681022873a7a249f9331031df1659181a593c9abc48ca697_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:8a3021116d34e958681022873a7a249f9331031df1659181a593c9abc48ca697_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:8a3021116d34e958681022873a7a249f9331031df1659181a593c9abc48ca697_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-kserve-controller-rhel9@sha256%3A8a3021116d34e958681022873a7a249f9331031df1659181a593c9abc48ca697?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055872"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:584315e5697664ba0a6814033c7bc179bf400aac665627bf1291b83c527ab5d2_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:584315e5697664ba0a6814033c7bc179bf400aac665627bf1291b83c527ab5d2_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:584315e5697664ba0a6814033c7bc179bf400aac665627bf1291b83c527ab5d2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-kserve-router-rhel9@sha256%3A584315e5697664ba0a6814033c7bc179bf400aac665627bf1291b83c527ab5d2?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055874"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:50731e11aab49e36bb9e5cf23b88ac8591c22df1f98a11c9e65ff0e47f8ae2f9_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:50731e11aab49e36bb9e5cf23b88ac8591c22df1f98a11c9e65ff0e47f8ae2f9_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:50731e11aab49e36bb9e5cf23b88ac8591c22df1f98a11c9e65ff0e47f8ae2f9_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-kserve-storage-initializer-rhel9@sha256%3A50731e11aab49e36bb9e5cf23b88ac8591c22df1f98a11c9e65ff0e47f8ae2f9?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055932"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:a7b50a2e83fb514f43e1887e965e13652396a576785964fe6173babdee638b05_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:a7b50a2e83fb514f43e1887e965e13652396a576785964fe6173babdee638b05_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:a7b50a2e83fb514f43e1887e965e13652396a576785964fe6173babdee638b05_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-kueue-controller-rhel9@sha256%3Aa7b50a2e83fb514f43e1887e965e13652396a576785964fe6173babdee638b05?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770224400"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:80da179d8cc59245c6424ebe7bc4b25fd23bb9c83a71c1d22b3b4ee5d5a7b37a_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:80da179d8cc59245c6424ebe7bc4b25fd23bb9c83a71c1d22b3b4ee5d5a7b37a_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:80da179d8cc59245c6424ebe7bc4b25fd23bb9c83a71c1d22b3b4ee5d5a7b37a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-api-server-v2-rhel9@sha256%3A80da179d8cc59245c6424ebe7bc4b25fd23bb9c83a71c1d22b3b4ee5d5a7b37a?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770224177"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:91add789382d1e87ef73f6df4275e0dea8d24330a785c99c5292832341ad5266_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:91add789382d1e87ef73f6df4275e0dea8d24330a785c99c5292832341ad5266_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:91add789382d1e87ef73f6df4275e0dea8d24330a785c99c5292832341ad5266_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-driver-rhel9@sha256%3A91add789382d1e87ef73f6df4275e0dea8d24330a785c99c5292832341ad5266?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770223791"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:bef83517710b3137f5004c13870c6af61f4e6c78dc81a7f2cfe2ffa1dd46c524_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:bef83517710b3137f5004c13870c6af61f4e6c78dc81a7f2cfe2ffa1dd46c524_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:bef83517710b3137f5004c13870c6af61f4e6c78dc81a7f2cfe2ffa1dd46c524_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-launcher-rhel9@sha256%3Abef83517710b3137f5004c13870c6af61f4e6c78dc81a7f2cfe2ffa1dd46c524?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770223799"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:ebef4624564bb028554772ffafca61c2d74137d453566b7b1c04ac2e3015bb90_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:ebef4624564bb028554772ffafca61c2d74137d453566b7b1c04ac2e3015bb90_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:ebef4624564bb028554772ffafca61c2d74137d453566b7b1c04ac2e3015bb90_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256%3Aebef4624564bb028554772ffafca61c2d74137d453566b7b1c04ac2e3015bb90?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770223796"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:e15c9c336a37dc83afbb1b0a69a9b5dd50ac515f0cde2560a4d00ed6bba7d244_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:e15c9c336a37dc83afbb1b0a69a9b5dd50ac515f0cde2560a4d00ed6bba7d244_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:e15c9c336a37dc83afbb1b0a69a9b5dd50ac515f0cde2560a4d00ed6bba7d244_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-runtime-generic-rhel9@sha256%3Ae15c9c336a37dc83afbb1b0a69a9b5dd50ac515f0cde2560a4d00ed6bba7d244?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770103375"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f77a24d488369ffa73ac4275f3b600c149279c0cea6304d3d4333d2d49b5baea_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f77a24d488369ffa73ac4275f3b600c149279c0cea6304d3d4333d2d49b5baea_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f77a24d488369ffa73ac4275f3b600c149279c0cea6304d3d4333d2d49b5baea_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256%3Af77a24d488369ffa73ac4275f3b600c149279c0cea6304d3d4333d2d49b5baea?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770223798"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:39a05ceaeecda6fa31e5bec7eb2613451db74190d9f466344f6694fa9fb02b5c_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:39a05ceaeecda6fa31e5bec7eb2613451db74190d9f466344f6694fa9fb02b5c_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:39a05ceaeecda6fa31e5bec7eb2613451db74190d9f466344f6694fa9fb02b5c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-mlmd-grpc-server-rhel9@sha256%3A39a05ceaeecda6fa31e5bec7eb2613451db74190d9f466344f6694fa9fb02b5c?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770254750"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:21dbe80b1a0ba0f54219f6349737e9647f2f07e4d8c293b8841853ba184cf978_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:21dbe80b1a0ba0f54219f6349737e9647f2f07e4d8c293b8841853ba184cf978_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:21dbe80b1a0ba0f54219f6349737e9647f2f07e4d8c293b8841853ba184cf978_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-mod-arch-model-registry-rhel9@sha256%3A21dbe80b1a0ba0f54219f6349737e9647f2f07e4d8c293b8841853ba184cf978?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770210287"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:981a2ea3d88b08e312e521c87dca79497991d7cf66304a279e9ca0a50fec5774_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:981a2ea3d88b08e312e521c87dca79497991d7cf66304a279e9ca0a50fec5774_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:981a2ea3d88b08e312e521c87dca79497991d7cf66304a279e9ca0a50fec5774_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-model-controller-rhel9@sha256%3A981a2ea3d88b08e312e521c87dca79497991d7cf66304a279e9ca0a50fec5774?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770056184"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:e465a23c2107028933200f1d4286f7183a514237dfb678074f61b0c0ce3b673a_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:e465a23c2107028933200f1d4286f7183a514237dfb678074f61b0c0ce3b673a_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:e465a23c2107028933200f1d4286f7183a514237dfb678074f61b0c0ce3b673a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-model-metadata-collection-rhel9@sha256%3Ae465a23c2107028933200f1d4286f7183a514237dfb678074f61b0c0ce3b673a?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770054675"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:994e2cf04a3fac9c9d3002a1e09cb1d7ddc39ace4083efcdf797ff406dbd2480_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:994e2cf04a3fac9c9d3002a1e09cb1d7ddc39ace4083efcdf797ff406dbd2480_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:994e2cf04a3fac9c9d3002a1e09cb1d7ddc39ace4083efcdf797ff406dbd2480_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-model-registry-job-async-upload-rhel9@sha256%3A994e2cf04a3fac9c9d3002a1e09cb1d7ddc39ace4083efcdf797ff406dbd2480?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770103418"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:49944a86d30194982f92a0bba70e02682715bc3bd8ae72fcf855b7509f993496_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:49944a86d30194982f92a0bba70e02682715bc3bd8ae72fcf855b7509f993496_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:49944a86d30194982f92a0bba70e02682715bc3bd8ae72fcf855b7509f993496_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-model-registry-operator-rhel9@sha256%3A49944a86d30194982f92a0bba70e02682715bc3bd8ae72fcf855b7509f993496?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770211398"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:723112cb61845745edf0d9ef5354c4845be6fbe5cb11ab3166c17b207130a943_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:723112cb61845745edf0d9ef5354c4845be6fbe5cb11ab3166c17b207130a943_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:723112cb61845745edf0d9ef5354c4845be6fbe5cb11ab3166c17b207130a943_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-model-registry-rhel9@sha256%3A723112cb61845745edf0d9ef5354c4845be6fbe5cb11ab3166c17b207130a943?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770240648"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:a4e9cfc29cf740ac5914cca780fa2384646990c043048fa55151ff4f5df00fa2_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:a4e9cfc29cf740ac5914cca780fa2384646990c043048fa55151ff4f5df00fa2_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:a4e9cfc29cf740ac5914cca780fa2384646990c043048fa55151ff4f5df00fa2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-must-gather-rhel9@sha256%3Aa4e9cfc29cf740ac5914cca780fa2384646990c043048fa55151ff4f5df00fa2?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770056306"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:8aa7ebdea91590ecfab30e333dc62577a8e873fe014f21628fee904c040da3c6_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:8aa7ebdea91590ecfab30e333dc62577a8e873fe014f21628fee904c040da3c6_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:8aa7ebdea91590ecfab30e333dc62577a8e873fe014f21628fee904c040da3c6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-notebook-controller-rhel9@sha256%3A8aa7ebdea91590ecfab30e333dc62577a8e873fe014f21628fee904c040da3c6?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770224116"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:ef1dbf4b3d733bca3f599ef8a3a5173650ef26dd1f422e464d637b41dadb1f1d_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:ef1dbf4b3d733bca3f599ef8a3a5173650ef26dd1f422e464d637b41dadb1f1d_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:ef1dbf4b3d733bca3f599ef8a3a5173650ef26dd1f422e464d637b41dadb1f1d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-rhel9-operator@sha256%3Aef1dbf4b3d733bca3f599ef8a3a5173650ef26dd1f422e464d637b41dadb1f1d?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770266840"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:88fbe21741f4052b4fb118c652e5f39ae28937e8b60fad930945be8ac3351eec_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:88fbe21741f4052b4fb118c652e5f39ae28937e8b60fad930945be8ac3351eec_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:88fbe21741f4052b4fb118c652e5f39ae28937e8b60fad930945be8ac3351eec_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256%3A88fbe21741f4052b4fb118c652e5f39ae28937e8b60fad930945be8ac3351eec?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055428"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:d017ace8b157f711e269dd0a1f073235eaa9f4c58a7ff8fc974ae3d05efb80a6_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:d017ace8b157f711e269dd0a1f073235eaa9f4c58a7ff8fc974ae3d05efb80a6_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:d017ace8b157f711e269dd0a1f073235eaa9f4c58a7ff8fc974ae3d05efb80a6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256%3Ad017ace8b157f711e269dd0a1f073235eaa9f4c58a7ff8fc974ae3d05efb80a6?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770103255"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:67fce9de4e734d3e32c1cbdc60831ad54fe10d9265333535590d7b154281ead8_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:67fce9de4e734d3e32c1cbdc60831ad54fe10d9265333535590d7b154281ead8_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:67fce9de4e734d3e32c1cbdc60831ad54fe10d9265333535590d7b154281ead8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-ta-lmes-driver-rhel9@sha256%3A67fce9de4e734d3e32c1cbdc60831ad54fe10d9265333535590d7b154281ead8?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055751"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:8dd600e003d1b6395f1406fc31c17f7204ec6cce0e067dac8c2f3cbed4534c49_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:8dd600e003d1b6395f1406fc31c17f7204ec6cce0e067dac8c2f3cbed4534c49_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:8dd600e003d1b6395f1406fc31c17f7204ec6cce0e067dac8c2f3cbed4534c49_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-ta-lmes-job-rhel9@sha256%3A8dd600e003d1b6395f1406fc31c17f7204ec6cce0e067dac8c2f3cbed4534c49?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770245096"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:bcebd560c77cf1a02e70a26fda256d1af078d7aafe57fed52c96b699f7381876_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:bcebd560c77cf1a02e70a26fda256d1af078d7aafe57fed52c96b699f7381876_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:bcebd560c77cf1a02e70a26fda256d1af078d7aafe57fed52c96b699f7381876_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-training-operator-rhel9@sha256%3Abcebd560c77cf1a02e70a26fda256d1af078d7aafe57fed52c96b699f7381876?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770212592"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:d0549a90f03c87bb0d2e811123b56f71caee1df38ea8016a6338cba3b0a060c5_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:d0549a90f03c87bb0d2e811123b56f71caee1df38ea8016a6338cba3b0a060c5_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:d0549a90f03c87bb0d2e811123b56f71caee1df38ea8016a6338cba3b0a060c5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-trustyai-service-operator-rhel9@sha256%3Ad0549a90f03c87bb0d2e811123b56f71caee1df38ea8016a6338cba3b0a060c5?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055796"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:74f401ef1af1ee81c4f09de1c2874e9b1a9667c847e01a09b224f6e6628f3860_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:74f401ef1af1ee81c4f09de1c2874e9b1a9667c847e01a09b224f6e6628f3860_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:74f401ef1af1ee81c4f09de1c2874e9b1a9667c847e01a09b224f6e6628f3860_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-trustyai-service-rhel9@sha256%3A74f401ef1af1ee81c4f09de1c2874e9b1a9667c847e01a09b224f6e6628f3860?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770056349"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:b5fe5f528b0a9c8fb45beba3a4b4fccdf132285febc41291fdc5f9d648098b60_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:b5fe5f528b0a9c8fb45beba3a4b4fccdf132285febc41291fdc5f9d648098b60_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:b5fe5f528b0a9c8fb45beba3a4b4fccdf132285febc41291fdc5f9d648098b60_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256%3Ab5fe5f528b0a9c8fb45beba3a4b4fccdf132285febc41291fdc5f9d648098b60?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055923"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:d2ce36d1f2d19fef64320af65a24fe313432ccd8f0fbf205f981fdba5a4e6bc3_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:d2ce36d1f2d19fef64320af65a24fe313432ccd8f0fbf205f981fdba5a4e6bc3_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:d2ce36d1f2d19fef64320af65a24fe313432ccd8f0fbf205f981fdba5a4e6bc3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-vllm-cpu-rhel9@sha256%3Ad2ce36d1f2d19fef64320af65a24fe313432ccd8f0fbf205f981fdba5a4e6bc3?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770116416"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-workbench-codeserver-datascience-cpu-py312-rhel9@sha256:b1ae091d2676b195a4fe49130d26d28bb1ecd6b346533ebfafd04e438d9787a3_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-workbench-codeserver-datascience-cpu-py312-rhel9@sha256:b1ae091d2676b195a4fe49130d26d28bb1ecd6b346533ebfafd04e438d9787a3_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-workbench-codeserver-datascience-cpu-py312-rhel9@sha256:b1ae091d2676b195a4fe49130d26d28bb1ecd6b346533ebfafd04e438d9787a3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-workbench-codeserver-datascience-cpu-py312-rhel9@sha256%3Ab1ae091d2676b195a4fe49130d26d28bb1ecd6b346533ebfafd04e438d9787a3?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055550"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:8f3cfa79c68587c251805f01acc84a6a24bc08505a7548a9b3aebc8f58ed8a25_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:8f3cfa79c68587c251805f01acc84a6a24bc08505a7548a9b3aebc8f58ed8a25_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:8f3cfa79c68587c251805f01acc84a6a24bc08505a7548a9b3aebc8f58ed8a25_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256%3A8f3cfa79c68587c251805f01acc84a6a24bc08505a7548a9b3aebc8f58ed8a25?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055405"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:7ea4b2d6a2da83adf6680f65621575c4cae8ac246d52c6a59c1bebc6d7c73295_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:7ea4b2d6a2da83adf6680f65621575c4cae8ac246d52c6a59c1bebc6d7c73295_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:7ea4b2d6a2da83adf6680f65621575c4cae8ac246d52c6a59c1bebc6d7c73295_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256%3A7ea4b2d6a2da83adf6680f65621575c4cae8ac246d52c6a59c1bebc6d7c73295?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055397"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-trustyai-cpu-py312-rhel9@sha256:dc4a277cebbdc373534b73a432085d3a4b502e3c189fe75da8f0441ff9d3ce2c_ppc64le",
"product": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-trustyai-cpu-py312-rhel9@sha256:dc4a277cebbdc373534b73a432085d3a4b502e3c189fe75da8f0441ff9d3ce2c_ppc64le",
"product_id": "registry.redhat.io/rhoai/odh-workbench-jupyter-trustyai-cpu-py312-rhel9@sha256:dc4a277cebbdc373534b73a432085d3a4b502e3c189fe75da8f0441ff9d3ce2c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/odh-workbench-jupyter-trustyai-cpu-py312-rhel9@sha256%3Adc4a277cebbdc373534b73a432085d3a4b502e3c189fe75da8f0441ff9d3ce2c?arch=ppc64le\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055425"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:51403d59dbd78a41d75e7545b1e4aabd8d1bc0b2ccaafe529c4f48e1963a2035_s390x",
"product": {
"name": "registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:51403d59dbd78a41d75e7545b1e4aabd8d1bc0b2ccaafe529c4f48e1963a2035_s390x",
"product_id": "registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:51403d59dbd78a41d75e7545b1e4aabd8d1bc0b2ccaafe529c4f48e1963a2035_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odh-built-in-detector-rhel9@sha256%3A51403d59dbd78a41d75e7545b1e4aabd8d1bc0b2ccaafe529c4f48e1963a2035?arch=s390x\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770054761"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:8adc9de681e4d883ee9eac8b0fdcd2f2b1a22cb92ce90f8a63d46e30a7e5f61e_s390x",
"product": {
"name": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:8adc9de681e4d883ee9eac8b0fdcd2f2b1a22cb92ce90f8a63d46e30a7e5f61e_s390x",
"product_id": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:8adc9de681e4d883ee9eac8b0fdcd2f2b1a22cb92ce90f8a63d46e30a7e5f61e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odh-dashboard-rhel9@sha256%3A8adc9de681e4d883ee9eac8b0fdcd2f2b1a22cb92ce90f8a63d46e30a7e5f61e?arch=s390x\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770209922"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:20c912ccbfe525ee8850e818255cc46549b734b4befda1bc5876f4d46dfa36ae_s390x",
"product": {
"name": "registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:20c912ccbfe525ee8850e818255cc46549b734b4befda1bc5876f4d46dfa36ae_s390x",
"product_id": "registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:20c912ccbfe525ee8850e818255cc46549b734b4befda1bc5876f4d46dfa36ae_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odh-fms-guardrails-orchestrator-rhel9@sha256%3A20c912ccbfe525ee8850e818255cc46549b734b4befda1bc5876f4d46dfa36ae?arch=s390x\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770230497"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:960ec175b82072a4c88af0ba47f2a9b2a0b15895cf2571c0bb442caee71bc221_s390x",
"product": {
"name": "registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:960ec175b82072a4c88af0ba47f2a9b2a0b15895cf2571c0bb442caee71bc221_s390x",
"product_id": "registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:960ec175b82072a4c88af0ba47f2a9b2a0b15895cf2571c0bb442caee71bc221_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odh-guardrails-detector-huggingface-runtime-rhel9@sha256%3A960ec175b82072a4c88af0ba47f2a9b2a0b15895cf2571c0bb442caee71bc221?arch=s390x\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770103233"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:c73e6521aa644290a8848db4a8953192d3a527843560ca80424a1323133aaea2_s390x",
"product": {
"name": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:c73e6521aa644290a8848db4a8953192d3a527843560ca80424a1323133aaea2_s390x",
"product_id": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:c73e6521aa644290a8848db4a8953192d3a527843560ca80424a1323133aaea2_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odh-kf-notebook-controller-rhel9@sha256%3Ac73e6521aa644290a8848db4a8953192d3a527843560ca80424a1323133aaea2?arch=s390x\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770224123"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:bdc7caa4dfa31d3ab73f6dab5f96af60fc47f8175066eb117bc5bfed1eb6413a_s390x",
"product": {
"name": "registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:bdc7caa4dfa31d3ab73f6dab5f96af60fc47f8175066eb117bc5bfed1eb6413a_s390x",
"product_id": "registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:bdc7caa4dfa31d3ab73f6dab5f96af60fc47f8175066eb117bc5bfed1eb6413a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odh-kserve-agent-rhel9@sha256%3Abdc7caa4dfa31d3ab73f6dab5f96af60fc47f8175066eb117bc5bfed1eb6413a?arch=s390x\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055852"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:f2c8c8a8198292184c29dc3de0b0d341fca30d42191e5e86caa43eaae46eff7c_s390x",
"product": {
"name": "registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:f2c8c8a8198292184c29dc3de0b0d341fca30d42191e5e86caa43eaae46eff7c_s390x",
"product_id": "registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:f2c8c8a8198292184c29dc3de0b0d341fca30d42191e5e86caa43eaae46eff7c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odh-kserve-controller-rhel9@sha256%3Af2c8c8a8198292184c29dc3de0b0d341fca30d42191e5e86caa43eaae46eff7c?arch=s390x\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055872"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:bd4d9178fa38f29972af15da5dc663f9636c033f10b7503616adbfea78f7f1ad_s390x",
"product": {
"name": "registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:bd4d9178fa38f29972af15da5dc663f9636c033f10b7503616adbfea78f7f1ad_s390x",
"product_id": "registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:bd4d9178fa38f29972af15da5dc663f9636c033f10b7503616adbfea78f7f1ad_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odh-kserve-router-rhel9@sha256%3Abd4d9178fa38f29972af15da5dc663f9636c033f10b7503616adbfea78f7f1ad?arch=s390x\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055874"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:26beb55e89fe94805cad1d718d64000a61ccef6510a360d57af7f4300a25ed49_s390x",
"product": {
"name": "registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:26beb55e89fe94805cad1d718d64000a61ccef6510a360d57af7f4300a25ed49_s390x",
"product_id": "registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:26beb55e89fe94805cad1d718d64000a61ccef6510a360d57af7f4300a25ed49_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odh-kserve-storage-initializer-rhel9@sha256%3A26beb55e89fe94805cad1d718d64000a61ccef6510a360d57af7f4300a25ed49?arch=s390x\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055932"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:e440d95feb1bd619c099d1e5460812287c7072d07d9d1e13fd9cbbbf09aceb82_s390x",
"product": {
"name": "registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:e440d95feb1bd619c099d1e5460812287c7072d07d9d1e13fd9cbbbf09aceb82_s390x",
"product_id": "registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:e440d95feb1bd619c099d1e5460812287c7072d07d9d1e13fd9cbbbf09aceb82_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odh-kueue-controller-rhel9@sha256%3Ae440d95feb1bd619c099d1e5460812287c7072d07d9d1e13fd9cbbbf09aceb82?arch=s390x\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770224400"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:a17ebde45f294859d21882537c89af095a5893716f965f4866ac2acb307bc4a8_s390x",
"product": {
"name": "registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:a17ebde45f294859d21882537c89af095a5893716f965f4866ac2acb307bc4a8_s390x",
"product_id": "registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:a17ebde45f294859d21882537c89af095a5893716f965f4866ac2acb307bc4a8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odh-mod-arch-model-registry-rhel9@sha256%3Aa17ebde45f294859d21882537c89af095a5893716f965f4866ac2acb307bc4a8?arch=s390x\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770210287"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:434c592a3457d383532303e4ca608ec7a99a3ae517a00bc3af1d2d80028609fe_s390x",
"product": {
"name": "registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:434c592a3457d383532303e4ca608ec7a99a3ae517a00bc3af1d2d80028609fe_s390x",
"product_id": "registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:434c592a3457d383532303e4ca608ec7a99a3ae517a00bc3af1d2d80028609fe_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odh-model-controller-rhel9@sha256%3A434c592a3457d383532303e4ca608ec7a99a3ae517a00bc3af1d2d80028609fe?arch=s390x\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770056184"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:90ea3f8de580cddc460c62e4777dfddb7ec3ec98d22ee1a2ec39766d3f323af3_s390x",
"product": {
"name": "registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:90ea3f8de580cddc460c62e4777dfddb7ec3ec98d22ee1a2ec39766d3f323af3_s390x",
"product_id": "registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:90ea3f8de580cddc460c62e4777dfddb7ec3ec98d22ee1a2ec39766d3f323af3_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odh-model-metadata-collection-rhel9@sha256%3A90ea3f8de580cddc460c62e4777dfddb7ec3ec98d22ee1a2ec39766d3f323af3?arch=s390x\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770054675"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:1eaaf44444a5c06551ab4ed08d1f63e58bbaf6f99d72cd5e6045dc0e4f784e14_s390x",
"product": {
"name": "registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:1eaaf44444a5c06551ab4ed08d1f63e58bbaf6f99d72cd5e6045dc0e4f784e14_s390x",
"product_id": "registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:1eaaf44444a5c06551ab4ed08d1f63e58bbaf6f99d72cd5e6045dc0e4f784e14_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odh-model-registry-job-async-upload-rhel9@sha256%3A1eaaf44444a5c06551ab4ed08d1f63e58bbaf6f99d72cd5e6045dc0e4f784e14?arch=s390x\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770103418"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2c0f9298efa8fcae81f129122b8cdf2e2391a7042cf4a9b44faf125b1f0e0f73_s390x",
"product": {
"name": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2c0f9298efa8fcae81f129122b8cdf2e2391a7042cf4a9b44faf125b1f0e0f73_s390x",
"product_id": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2c0f9298efa8fcae81f129122b8cdf2e2391a7042cf4a9b44faf125b1f0e0f73_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odh-model-registry-operator-rhel9@sha256%3A2c0f9298efa8fcae81f129122b8cdf2e2391a7042cf4a9b44faf125b1f0e0f73?arch=s390x\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770211398"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:2be50d667e5c0f2e06e60e4f62d744aea9116332ae728919b7cf7a246b618664_s390x",
"product": {
"name": "registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:2be50d667e5c0f2e06e60e4f62d744aea9116332ae728919b7cf7a246b618664_s390x",
"product_id": "registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:2be50d667e5c0f2e06e60e4f62d744aea9116332ae728919b7cf7a246b618664_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odh-model-registry-rhel9@sha256%3A2be50d667e5c0f2e06e60e4f62d744aea9116332ae728919b7cf7a246b618664?arch=s390x\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770240648"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:16b8ccd7cb2600a2225eee5317bf7250c37f45a7e58a43ffbdaf862e9066f0a0_s390x",
"product": {
"name": "registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:16b8ccd7cb2600a2225eee5317bf7250c37f45a7e58a43ffbdaf862e9066f0a0_s390x",
"product_id": "registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:16b8ccd7cb2600a2225eee5317bf7250c37f45a7e58a43ffbdaf862e9066f0a0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odh-must-gather-rhel9@sha256%3A16b8ccd7cb2600a2225eee5317bf7250c37f45a7e58a43ffbdaf862e9066f0a0?arch=s390x\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770056306"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:72278a1be67fa3887019782dbbcbfe9399dbb3eb6a02ee1d55010fd7bad464f5_s390x",
"product": {
"name": "registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:72278a1be67fa3887019782dbbcbfe9399dbb3eb6a02ee1d55010fd7bad464f5_s390x",
"product_id": "registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:72278a1be67fa3887019782dbbcbfe9399dbb3eb6a02ee1d55010fd7bad464f5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odh-notebook-controller-rhel9@sha256%3A72278a1be67fa3887019782dbbcbfe9399dbb3eb6a02ee1d55010fd7bad464f5?arch=s390x\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770224116"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:16d6fcea2a0d24da26ee5e784d20a5d2af9db6e99e804bf2c6b8c2d88fd41485_s390x",
"product": {
"name": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:16d6fcea2a0d24da26ee5e784d20a5d2af9db6e99e804bf2c6b8c2d88fd41485_s390x",
"product_id": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:16d6fcea2a0d24da26ee5e784d20a5d2af9db6e99e804bf2c6b8c2d88fd41485_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odh-rhel9-operator@sha256%3A16d6fcea2a0d24da26ee5e784d20a5d2af9db6e99e804bf2c6b8c2d88fd41485?arch=s390x\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770266840"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:360b97cfa5cc929c7fd33172eb80f7f71c298335c4271030fa124cc33a6cb1d8_s390x",
"product": {
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:360b97cfa5cc929c7fd33172eb80f7f71c298335c4271030fa124cc33a6cb1d8_s390x",
"product_id": "registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:360b97cfa5cc929c7fd33172eb80f7f71c298335c4271030fa124cc33a6cb1d8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256%3A360b97cfa5cc929c7fd33172eb80f7f71c298335c4271030fa124cc33a6cb1d8?arch=s390x\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055428"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:9414a3f5c38ef2fe7ed73f70bb2cf7c3f271ea75c941bce2561e74b81251c153_s390x",
"product": {
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:9414a3f5c38ef2fe7ed73f70bb2cf7c3f271ea75c941bce2561e74b81251c153_s390x",
"product_id": "registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:9414a3f5c38ef2fe7ed73f70bb2cf7c3f271ea75c941bce2561e74b81251c153_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256%3A9414a3f5c38ef2fe7ed73f70bb2cf7c3f271ea75c941bce2561e74b81251c153?arch=s390x\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770103255"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:af384a9f034c11f7bb2a4acdf3bcd6087282c1a18b6817a82abed5b8638c6951_s390x",
"product": {
"name": "registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:af384a9f034c11f7bb2a4acdf3bcd6087282c1a18b6817a82abed5b8638c6951_s390x",
"product_id": "registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:af384a9f034c11f7bb2a4acdf3bcd6087282c1a18b6817a82abed5b8638c6951_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odh-ta-lmes-driver-rhel9@sha256%3Aaf384a9f034c11f7bb2a4acdf3bcd6087282c1a18b6817a82abed5b8638c6951?arch=s390x\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055751"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:eed2ac205ef82e2534e721cb23e9e4c2e7ceb41dcd3bf98267c2cf987112db19_s390x",
"product": {
"name": "registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:eed2ac205ef82e2534e721cb23e9e4c2e7ceb41dcd3bf98267c2cf987112db19_s390x",
"product_id": "registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:eed2ac205ef82e2534e721cb23e9e4c2e7ceb41dcd3bf98267c2cf987112db19_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odh-ta-lmes-job-rhel9@sha256%3Aeed2ac205ef82e2534e721cb23e9e4c2e7ceb41dcd3bf98267c2cf987112db19?arch=s390x\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770245096"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:4c61c28b243a1e6d0f765fd37281f5e7abbb85fd2f09b5a1963aedf3b359fb9a_s390x",
"product": {
"name": "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:4c61c28b243a1e6d0f765fd37281f5e7abbb85fd2f09b5a1963aedf3b359fb9a_s390x",
"product_id": "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:4c61c28b243a1e6d0f765fd37281f5e7abbb85fd2f09b5a1963aedf3b359fb9a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odh-trustyai-service-operator-rhel9@sha256%3A4c61c28b243a1e6d0f765fd37281f5e7abbb85fd2f09b5a1963aedf3b359fb9a?arch=s390x\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055796"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:8ee4bfb7fbb1e28c1678f2471c1eec5451f4833a4c6c7c791a08c4872c330137_s390x",
"product": {
"name": "registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:8ee4bfb7fbb1e28c1678f2471c1eec5451f4833a4c6c7c791a08c4872c330137_s390x",
"product_id": "registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:8ee4bfb7fbb1e28c1678f2471c1eec5451f4833a4c6c7c791a08c4872c330137_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odh-trustyai-service-rhel9@sha256%3A8ee4bfb7fbb1e28c1678f2471c1eec5451f4833a4c6c7c791a08c4872c330137?arch=s390x\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770056349"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:5957a6eee180b64492d9203571a0466c0da23cd275f1778927dd94a54f27b93b_s390x",
"product": {
"name": "registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:5957a6eee180b64492d9203571a0466c0da23cd275f1778927dd94a54f27b93b_s390x",
"product_id": "registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:5957a6eee180b64492d9203571a0466c0da23cd275f1778927dd94a54f27b93b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256%3A5957a6eee180b64492d9203571a0466c0da23cd275f1778927dd94a54f27b93b?arch=s390x\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055923"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:2e62aca12b975fa68c15bf7a4f7cde9c45f4843e2b464646832cda8e1787e952_s390x",
"product": {
"name": "registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:2e62aca12b975fa68c15bf7a4f7cde9c45f4843e2b464646832cda8e1787e952_s390x",
"product_id": "registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:2e62aca12b975fa68c15bf7a4f7cde9c45f4843e2b464646832cda8e1787e952_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odh-vllm-cpu-rhel9@sha256%3A2e62aca12b975fa68c15bf7a4f7cde9c45f4843e2b464646832cda8e1787e952?arch=s390x\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770116416"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:6061305164604c2715095f95b8a5ffad2acebb8e7e9db1483c7f9305626f396e_s390x",
"product": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:6061305164604c2715095f95b8a5ffad2acebb8e7e9db1483c7f9305626f396e_s390x",
"product_id": "registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:6061305164604c2715095f95b8a5ffad2acebb8e7e9db1483c7f9305626f396e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256%3A6061305164604c2715095f95b8a5ffad2acebb8e7e9db1483c7f9305626f396e?arch=s390x\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055405"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:300d59e66dee9bfc24d53cc14428c1fd95ea714e34a1b75b1317bd5a7f182150_s390x",
"product": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:300d59e66dee9bfc24d53cc14428c1fd95ea714e34a1b75b1317bd5a7f182150_s390x",
"product_id": "registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:300d59e66dee9bfc24d53cc14428c1fd95ea714e34a1b75b1317bd5a7f182150_s390x",
"product_identification_helper": {
"purl": "pkg:oci/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256%3A300d59e66dee9bfc24d53cc14428c1fd95ea714e34a1b75b1317bd5a7f182150?arch=s390x\u0026repository_url=registry.redhat.io/rhoai\u0026tag=1770055397"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:51403d59dbd78a41d75e7545b1e4aabd8d1bc0b2ccaafe529c4f48e1963a2035_s390x as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:51403d59dbd78a41d75e7545b1e4aabd8d1bc0b2ccaafe529c4f48e1963a2035_s390x"
},
"product_reference": "registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:51403d59dbd78a41d75e7545b1e4aabd8d1bc0b2ccaafe529c4f48e1963a2035_s390x",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:5ad2b6d2f8d4904a0191fa5ccc18411a786e6579d188489fa12faf9fc068cc9c_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:5ad2b6d2f8d4904a0191fa5ccc18411a786e6579d188489fa12faf9fc068cc9c_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:5ad2b6d2f8d4904a0191fa5ccc18411a786e6579d188489fa12faf9fc068cc9c_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:88949919f0aabc891dad1fd98ab58df3a08790765295741a8645f3b5d8a285db_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:88949919f0aabc891dad1fd98ab58df3a08790765295741a8645f3b5d8a285db_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:88949919f0aabc891dad1fd98ab58df3a08790765295741a8645f3b5d8a285db_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:a389155782f92006e5bba65e46a895f7cf452686543a14b7b1fa52406f9058cd_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:a389155782f92006e5bba65e46a895f7cf452686543a14b7b1fa52406f9058cd_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:a389155782f92006e5bba65e46a895f7cf452686543a14b7b1fa52406f9058cd_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-caikit-nlp-rhel9@sha256:11e5cb6b52e2184b332d632d8d7ad2c6976a034f270274d37b28ce712bd2cc36_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-caikit-nlp-rhel9@sha256:11e5cb6b52e2184b332d632d8d7ad2c6976a034f270274d37b28ce712bd2cc36_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-caikit-nlp-rhel9@sha256:11e5cb6b52e2184b332d632d8d7ad2c6976a034f270274d37b28ce712bd2cc36_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-caikit-nlp-rhel9@sha256:70a961b976ef12b9986a68034d127cb9ba998ff75b64e877f9ee3a10f06f0106_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-caikit-nlp-rhel9@sha256:70a961b976ef12b9986a68034d127cb9ba998ff75b64e877f9ee3a10f06f0106_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-caikit-nlp-rhel9@sha256:70a961b976ef12b9986a68034d127cb9ba998ff75b64e877f9ee3a10f06f0106_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-caikit-tgis-serving-rhel9@sha256:4c34b2d480f5ebd149fc4a0d1d6091a408cc7f1b258445805a1e4cbef3d7d0d2_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-caikit-tgis-serving-rhel9@sha256:4c34b2d480f5ebd149fc4a0d1d6091a408cc7f1b258445805a1e4cbef3d7d0d2_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-caikit-tgis-serving-rhel9@sha256:4c34b2d480f5ebd149fc4a0d1d6091a408cc7f1b258445805a1e4cbef3d7d0d2_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-caikit-tgis-serving-rhel9@sha256:81157ed2f613acec8425198f643fc55071792deffce6d9aee3542c8ea07c4d1a_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-caikit-tgis-serving-rhel9@sha256:81157ed2f613acec8425198f643fc55071792deffce6d9aee3542c8ea07c4d1a_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-caikit-tgis-serving-rhel9@sha256:81157ed2f613acec8425198f643fc55071792deffce6d9aee3542c8ea07c4d1a_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:6331e14388d919390d1af6585eeff151b65ad4c9860745134def57dba26bb97e_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:6331e14388d919390d1af6585eeff151b65ad4c9860745134def57dba26bb97e_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:6331e14388d919390d1af6585eeff151b65ad4c9860745134def57dba26bb97e_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:66615f22e0deca10743431636bad74e3ed4fb112dee8d0c3c8f27a380e38ae70_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:66615f22e0deca10743431636bad74e3ed4fb112dee8d0c3c8f27a380e38ae70_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:66615f22e0deca10743431636bad74e3ed4fb112dee8d0c3c8f27a380e38ae70_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:24f8d43160dc19c70e41cbbba12f688e1ac84a21077bf932aae7fea2ec24afb5_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:24f8d43160dc19c70e41cbbba12f688e1ac84a21077bf932aae7fea2ec24afb5_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:24f8d43160dc19c70e41cbbba12f688e1ac84a21077bf932aae7fea2ec24afb5_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:7c4110fe722576a3e8f65c4e6ae155be27e805b43e8ac8ca7ef82f3990a99874_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:7c4110fe722576a3e8f65c4e6ae155be27e805b43e8ac8ca7ef82f3990a99874_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:7c4110fe722576a3e8f65c4e6ae155be27e805b43e8ac8ca7ef82f3990a99874_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:8adc9de681e4d883ee9eac8b0fdcd2f2b1a22cb92ce90f8a63d46e30a7e5f61e_s390x as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:8adc9de681e4d883ee9eac8b0fdcd2f2b1a22cb92ce90f8a63d46e30a7e5f61e_s390x"
},
"product_reference": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:8adc9de681e4d883ee9eac8b0fdcd2f2b1a22cb92ce90f8a63d46e30a7e5f61e_s390x",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:91389e1c6b30eebfc2f4a5c48bb2d499942b33d89a5419fc1903c180f0087cee_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:91389e1c6b30eebfc2f4a5c48bb2d499942b33d89a5419fc1903c180f0087cee_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:91389e1c6b30eebfc2f4a5c48bb2d499942b33d89a5419fc1903c180f0087cee_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:873dbf82b3b38ae1518019c143e403bed9dc1ecac199f850edff82b2b0f95231_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:873dbf82b3b38ae1518019c143e403bed9dc1ecac199f850edff82b2b0f95231_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:873dbf82b3b38ae1518019c143e403bed9dc1ecac199f850edff82b2b0f95231_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:c8fba2ae05c577c06c90364b6d94d92d5470c3150f07c001bbdfed40707220e2_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:c8fba2ae05c577c06c90364b6d94d92d5470c3150f07c001bbdfed40707220e2_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:c8fba2ae05c577c06c90364b6d94d92d5470c3150f07c001bbdfed40707220e2_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:f7933e6dc10f8169ae87369a3ff62bee34d43d8d1c838f7ae833d0908d54a45d_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:f7933e6dc10f8169ae87369a3ff62bee34d43d8d1c838f7ae833d0908d54a45d_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:f7933e6dc10f8169ae87369a3ff62bee34d43d8d1c838f7ae833d0908d54a45d_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:36e001b965f7eebd64b872def5c57231de0819469d7a26ea86df744f28c2785a_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:36e001b965f7eebd64b872def5c57231de0819469d7a26ea86df744f28c2785a_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:36e001b965f7eebd64b872def5c57231de0819469d7a26ea86df744f28c2785a_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:81ce7ecaafd32d352a24ac27dafd6afba1f124f734df7c4fa1864b757759a6bc_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:81ce7ecaafd32d352a24ac27dafd6afba1f124f734df7c4fa1864b757759a6bc_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:81ce7ecaafd32d352a24ac27dafd6afba1f124f734df7c4fa1864b757759a6bc_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:af3fa2677f47b424b7e8712505ef30e7ead5c445c77bc32360c4ff5c2ea24b93_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:af3fa2677f47b424b7e8712505ef30e7ead5c445c77bc32360c4ff5c2ea24b93_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:af3fa2677f47b424b7e8712505ef30e7ead5c445c77bc32360c4ff5c2ea24b93_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:2295017f41d6d273157b8f094074690f49521d3e0680580e26e37a9ab545d6fc_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:2295017f41d6d273157b8f094074690f49521d3e0680580e26e37a9ab545d6fc_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:2295017f41d6d273157b8f094074690f49521d3e0680580e26e37a9ab545d6fc_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:3eb5049152b666d5cf4bce10957e8ac31bc0a2e74a846d56f9fa15196108f1c2_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:3eb5049152b666d5cf4bce10957e8ac31bc0a2e74a846d56f9fa15196108f1c2_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:3eb5049152b666d5cf4bce10957e8ac31bc0a2e74a846d56f9fa15196108f1c2_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:4e4dc115dcb1061785653fcecbd2e81ff6089b62cf9ee0fda10eb87466047e39_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:4e4dc115dcb1061785653fcecbd2e81ff6089b62cf9ee0fda10eb87466047e39_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:4e4dc115dcb1061785653fcecbd2e81ff6089b62cf9ee0fda10eb87466047e39_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-feast-operator-rhel9@sha256:14fde57a474874674cfafad3a508ac5645cd50c12c2a267d0235944a77803640_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feast-operator-rhel9@sha256:14fde57a474874674cfafad3a508ac5645cd50c12c2a267d0235944a77803640_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-feast-operator-rhel9@sha256:14fde57a474874674cfafad3a508ac5645cd50c12c2a267d0235944a77803640_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-feast-operator-rhel9@sha256:81c034b0d7ca5042b273697e7ff6a58c913cc1f9b514df46d44774b6346883a1_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feast-operator-rhel9@sha256:81c034b0d7ca5042b273697e7ff6a58c913cc1f9b514df46d44774b6346883a1_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-feast-operator-rhel9@sha256:81c034b0d7ca5042b273697e7ff6a58c913cc1f9b514df46d44774b6346883a1_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-feast-operator-rhel9@sha256:bf6ebf0abb38d3d5787f6e3ddf6e7ec2fd30d36c7607986cd8067b1099cbf571_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feast-operator-rhel9@sha256:bf6ebf0abb38d3d5787f6e3ddf6e7ec2fd30d36c7607986cd8067b1099cbf571_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-feast-operator-rhel9@sha256:bf6ebf0abb38d3d5787f6e3ddf6e7ec2fd30d36c7607986cd8067b1099cbf571_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-feature-server-rhel9@sha256:0ea130b6f98f7addc0128ac96e373dd685556ef1dbc8fa5400683f4b91425940_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feature-server-rhel9@sha256:0ea130b6f98f7addc0128ac96e373dd685556ef1dbc8fa5400683f4b91425940_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-feature-server-rhel9@sha256:0ea130b6f98f7addc0128ac96e373dd685556ef1dbc8fa5400683f4b91425940_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-feature-server-rhel9@sha256:1e921ff8d31f51a8cf001e62f8ec3d4b999260ac0c6eafcc601d09a4ec4bdf3a_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feature-server-rhel9@sha256:1e921ff8d31f51a8cf001e62f8ec3d4b999260ac0c6eafcc601d09a4ec4bdf3a_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-feature-server-rhel9@sha256:1e921ff8d31f51a8cf001e62f8ec3d4b999260ac0c6eafcc601d09a4ec4bdf3a_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-feature-server-rhel9@sha256:915cb9d745de85847cb147bc34a8c95453bf54cd5c3747fbaefad66bba32b9d9_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feature-server-rhel9@sha256:915cb9d745de85847cb147bc34a8c95453bf54cd5c3747fbaefad66bba32b9d9_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-feature-server-rhel9@sha256:915cb9d745de85847cb147bc34a8c95453bf54cd5c3747fbaefad66bba32b9d9_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:1ac518cbe7ed66f94fa11d48c19e1fc4c4a6972d070ec2e4ce8699c0d33a7c56_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:1ac518cbe7ed66f94fa11d48c19e1fc4c4a6972d070ec2e4ce8699c0d33a7c56_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:1ac518cbe7ed66f94fa11d48c19e1fc4c4a6972d070ec2e4ce8699c0d33a7c56_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:20c912ccbfe525ee8850e818255cc46549b734b4befda1bc5876f4d46dfa36ae_s390x as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:20c912ccbfe525ee8850e818255cc46549b734b4befda1bc5876f4d46dfa36ae_s390x"
},
"product_reference": "registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:20c912ccbfe525ee8850e818255cc46549b734b4befda1bc5876f4d46dfa36ae_s390x",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:4c5adfffb316f3dd40499fb17c38f761c5b364639cd7cd30a49d7621b4ca4c60_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:4c5adfffb316f3dd40499fb17c38f761c5b364639cd7cd30a49d7621b4ca4c60_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:4c5adfffb316f3dd40499fb17c38f761c5b364639cd7cd30a49d7621b4ca4c60_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:6b74c03967d50504a813c8c3c5fa48c7cb30cd09c98bb0bac0b6148d63aebcdc_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:6b74c03967d50504a813c8c3c5fa48c7cb30cd09c98bb0bac0b6148d63aebcdc_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:6b74c03967d50504a813c8c3c5fa48c7cb30cd09c98bb0bac0b6148d63aebcdc_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:51866ab99ca80fa1090ae4b10254f4c73362c0136187b8459e290be8392e0a1e_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:51866ab99ca80fa1090ae4b10254f4c73362c0136187b8459e290be8392e0a1e_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:51866ab99ca80fa1090ae4b10254f4c73362c0136187b8459e290be8392e0a1e_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:77715e48401fe876d99dbfcc4c198afdc5c290b7510960896ba1622ed6ca7f79_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:77715e48401fe876d99dbfcc4c198afdc5c290b7510960896ba1622ed6ca7f79_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:77715e48401fe876d99dbfcc4c198afdc5c290b7510960896ba1622ed6ca7f79_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:91b8c0b48fa8e0704b6d16b516e08b0fe39614b9b089e1f15102288bf5d60959_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:91b8c0b48fa8e0704b6d16b516e08b0fe39614b9b089e1f15102288bf5d60959_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:91b8c0b48fa8e0704b6d16b516e08b0fe39614b9b089e1f15102288bf5d60959_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:960ec175b82072a4c88af0ba47f2a9b2a0b15895cf2571c0bb442caee71bc221_s390x as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:960ec175b82072a4c88af0ba47f2a9b2a0b15895cf2571c0bb442caee71bc221_s390x"
},
"product_reference": "registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:960ec175b82072a4c88af0ba47f2a9b2a0b15895cf2571c0bb442caee71bc221_s390x",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:3b365965099e17509fffd095610bd58e709feb1cf3e35ad118c5a8aa52ff8f12_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:3b365965099e17509fffd095610bd58e709feb1cf3e35ad118c5a8aa52ff8f12_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:3b365965099e17509fffd095610bd58e709feb1cf3e35ad118c5a8aa52ff8f12_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7293f49b5919ab43d2e8f6ff3a6dea6c88e34fdfaf2570c43ad221a94c03e8ee_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7293f49b5919ab43d2e8f6ff3a6dea6c88e34fdfaf2570c43ad221a94c03e8ee_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7293f49b5919ab43d2e8f6ff3a6dea6c88e34fdfaf2570c43ad221a94c03e8ee_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:a990326e7004c46de55e42f5944d0105b6d04da2dd1ce94d342869407bb98807_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:a990326e7004c46de55e42f5944d0105b6d04da2dd1ce94d342869407bb98807_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:a990326e7004c46de55e42f5944d0105b6d04da2dd1ce94d342869407bb98807_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:c73e6521aa644290a8848db4a8953192d3a527843560ca80424a1323133aaea2_s390x as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:c73e6521aa644290a8848db4a8953192d3a527843560ca80424a1323133aaea2_s390x"
},
"product_reference": "registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:c73e6521aa644290a8848db4a8953192d3a527843560ca80424a1323133aaea2_s390x",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:2a9e4f6b7abbb962922ecdb473ff44902a7b6ef811bdbc08c27db2460dde515d_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:2a9e4f6b7abbb962922ecdb473ff44902a7b6ef811bdbc08c27db2460dde515d_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:2a9e4f6b7abbb962922ecdb473ff44902a7b6ef811bdbc08c27db2460dde515d_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:a8935624aae93ce1ede521508a9148e8ed0d4ada0c8ccd36c3cfcb3971cb2b29_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:a8935624aae93ce1ede521508a9148e8ed0d4ada0c8ccd36c3cfcb3971cb2b29_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:a8935624aae93ce1ede521508a9148e8ed0d4ada0c8ccd36c3cfcb3971cb2b29_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:bdc7caa4dfa31d3ab73f6dab5f96af60fc47f8175066eb117bc5bfed1eb6413a_s390x as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:bdc7caa4dfa31d3ab73f6dab5f96af60fc47f8175066eb117bc5bfed1eb6413a_s390x"
},
"product_reference": "registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:bdc7caa4dfa31d3ab73f6dab5f96af60fc47f8175066eb117bc5bfed1eb6413a_s390x",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:d88abafc4a46463442434b6622577fdb3ba938496a50c7afe3af3fbb0b2b091e_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:d88abafc4a46463442434b6622577fdb3ba938496a50c7afe3af3fbb0b2b091e_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:d88abafc4a46463442434b6622577fdb3ba938496a50c7afe3af3fbb0b2b091e_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:5b2d40d8d71e583e1bb3f374b724b58ee78a04b8c15e3fc13a249adc3b4c37c0_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:5b2d40d8d71e583e1bb3f374b724b58ee78a04b8c15e3fc13a249adc3b4c37c0_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:5b2d40d8d71e583e1bb3f374b724b58ee78a04b8c15e3fc13a249adc3b4c37c0_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:8a3021116d34e958681022873a7a249f9331031df1659181a593c9abc48ca697_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:8a3021116d34e958681022873a7a249f9331031df1659181a593c9abc48ca697_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:8a3021116d34e958681022873a7a249f9331031df1659181a593c9abc48ca697_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:8cfd70b3f0864c54c1bcc0ae9f11337c4570aa2c6ced8140810a997b7a842c93_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:8cfd70b3f0864c54c1bcc0ae9f11337c4570aa2c6ced8140810a997b7a842c93_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:8cfd70b3f0864c54c1bcc0ae9f11337c4570aa2c6ced8140810a997b7a842c93_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:f2c8c8a8198292184c29dc3de0b0d341fca30d42191e5e86caa43eaae46eff7c_s390x as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:f2c8c8a8198292184c29dc3de0b0d341fca30d42191e5e86caa43eaae46eff7c_s390x"
},
"product_reference": "registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:f2c8c8a8198292184c29dc3de0b0d341fca30d42191e5e86caa43eaae46eff7c_s390x",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:173c0c8ed96e35def73f92bff784eb332de45924502f04b2d9c7a191581fdbeb_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:173c0c8ed96e35def73f92bff784eb332de45924502f04b2d9c7a191581fdbeb_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:173c0c8ed96e35def73f92bff784eb332de45924502f04b2d9c7a191581fdbeb_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:280c53068de6bd3bad6a5d32dd50f322b8d1f92615097fa15f63188bedfed00d_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:280c53068de6bd3bad6a5d32dd50f322b8d1f92615097fa15f63188bedfed00d_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:280c53068de6bd3bad6a5d32dd50f322b8d1f92615097fa15f63188bedfed00d_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:584315e5697664ba0a6814033c7bc179bf400aac665627bf1291b83c527ab5d2_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:584315e5697664ba0a6814033c7bc179bf400aac665627bf1291b83c527ab5d2_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:584315e5697664ba0a6814033c7bc179bf400aac665627bf1291b83c527ab5d2_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:bd4d9178fa38f29972af15da5dc663f9636c033f10b7503616adbfea78f7f1ad_s390x as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:bd4d9178fa38f29972af15da5dc663f9636c033f10b7503616adbfea78f7f1ad_s390x"
},
"product_reference": "registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:bd4d9178fa38f29972af15da5dc663f9636c033f10b7503616adbfea78f7f1ad_s390x",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:26beb55e89fe94805cad1d718d64000a61ccef6510a360d57af7f4300a25ed49_s390x as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:26beb55e89fe94805cad1d718d64000a61ccef6510a360d57af7f4300a25ed49_s390x"
},
"product_reference": "registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:26beb55e89fe94805cad1d718d64000a61ccef6510a360d57af7f4300a25ed49_s390x",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:50731e11aab49e36bb9e5cf23b88ac8591c22df1f98a11c9e65ff0e47f8ae2f9_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:50731e11aab49e36bb9e5cf23b88ac8591c22df1f98a11c9e65ff0e47f8ae2f9_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:50731e11aab49e36bb9e5cf23b88ac8591c22df1f98a11c9e65ff0e47f8ae2f9_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:509b53d9ccd21683c81b4e42770dc0d90e9c05de5f20df7edf1fa0c7591b8ae2_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:509b53d9ccd21683c81b4e42770dc0d90e9c05de5f20df7edf1fa0c7591b8ae2_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:509b53d9ccd21683c81b4e42770dc0d90e9c05de5f20df7edf1fa0c7591b8ae2_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:fb25360c741915fa13d4b43049d369a7de295a97417e5401382f95701f463935_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:fb25360c741915fa13d4b43049d369a7de295a97417e5401382f95701f463935_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:fb25360c741915fa13d4b43049d369a7de295a97417e5401382f95701f463935_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:50d35e3e4c759fc9b61934b099d412cf0dee4e491965d4db8c4589ccc68eee49_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:50d35e3e4c759fc9b61934b099d412cf0dee4e491965d4db8c4589ccc68eee49_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:50d35e3e4c759fc9b61934b099d412cf0dee4e491965d4db8c4589ccc68eee49_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:deb42642848d93134455de3ae6a6f3f9378076ef9c038029cb1f302fb29dda07_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:deb42642848d93134455de3ae6a6f3f9378076ef9c038029cb1f302fb29dda07_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:deb42642848d93134455de3ae6a6f3f9378076ef9c038029cb1f302fb29dda07_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:a1b8003cb89c9bf7d51c857b27b53965fa62abb0ce24fb1cda89f34a9d1c2e46_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:a1b8003cb89c9bf7d51c857b27b53965fa62abb0ce24fb1cda89f34a9d1c2e46_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:a1b8003cb89c9bf7d51c857b27b53965fa62abb0ce24fb1cda89f34a9d1c2e46_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:a7b50a2e83fb514f43e1887e965e13652396a576785964fe6173babdee638b05_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:a7b50a2e83fb514f43e1887e965e13652396a576785964fe6173babdee638b05_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:a7b50a2e83fb514f43e1887e965e13652396a576785964fe6173babdee638b05_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:cd682edaf2fe812615d6b3d98f6a9b4ff66d57f79169eeb192b0c9c5b05ccba1_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:cd682edaf2fe812615d6b3d98f6a9b4ff66d57f79169eeb192b0c9c5b05ccba1_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:cd682edaf2fe812615d6b3d98f6a9b4ff66d57f79169eeb192b0c9c5b05ccba1_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:e440d95feb1bd619c099d1e5460812287c7072d07d9d1e13fd9cbbbf09aceb82_s390x as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:e440d95feb1bd619c099d1e5460812287c7072d07d9d1e13fd9cbbbf09aceb82_s390x"
},
"product_reference": "registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:e440d95feb1bd619c099d1e5460812287c7072d07d9d1e13fd9cbbbf09aceb82_s390x",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-llama-stack-core-rhel9@sha256:4f3e402082fd9064ef612b4306ba1da62f7b142d82b0f184b4b6ad65540927a9_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-core-rhel9@sha256:4f3e402082fd9064ef612b4306ba1da62f7b142d82b0f184b4b6ad65540927a9_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-llama-stack-core-rhel9@sha256:4f3e402082fd9064ef612b4306ba1da62f7b142d82b0f184b4b6ad65540927a9_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-llama-stack-core-rhel9@sha256:ef279e1fd560d020a552e75c43a762c9b8facc78aae067122f9f37af95652af5_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-core-rhel9@sha256:ef279e1fd560d020a552e75c43a762c9b8facc78aae067122f9f37af95652af5_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-llama-stack-core-rhel9@sha256:ef279e1fd560d020a552e75c43a762c9b8facc78aae067122f9f37af95652af5_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:c0d95dfbae20e87113ffb81026d379bb63ad300447df98b27d1bf9a83b084744_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:c0d95dfbae20e87113ffb81026d379bb63ad300447df98b27d1bf9a83b084744_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:c0d95dfbae20e87113ffb81026d379bb63ad300447df98b27d1bf9a83b084744_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:fa16b7eff701a70f7548fdcd6cfe1f691c70f61031ffd62b9af12921e21e831e_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:fa16b7eff701a70f7548fdcd6cfe1f691c70f61031ffd62b9af12921e21e831e_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:fa16b7eff701a70f7548fdcd6cfe1f691c70f61031ffd62b9af12921e21e831e_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-llm-d-inference-scheduler-rhel9@sha256:b491af7175d76a2633083e737142965ffa27ce91547eacaeb56412e4df811872_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llm-d-inference-scheduler-rhel9@sha256:b491af7175d76a2633083e737142965ffa27ce91547eacaeb56412e4df811872_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-llm-d-inference-scheduler-rhel9@sha256:b491af7175d76a2633083e737142965ffa27ce91547eacaeb56412e4df811872_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-llm-d-inference-scheduler-rhel9@sha256:b6da3e72cb8a8168fc0379d8af5514fac5ddf991b39486e20a700c60e23704a4_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llm-d-inference-scheduler-rhel9@sha256:b6da3e72cb8a8168fc0379d8af5514fac5ddf991b39486e20a700c60e23704a4_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-llm-d-inference-scheduler-rhel9@sha256:b6da3e72cb8a8168fc0379d8af5514fac5ddf991b39486e20a700c60e23704a4_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-llm-d-routing-sidecar-rhel9@sha256:9908cfe2d50b00ee658382256af0a738cb0f719dfb37f5a1cdb5af1ca4500344_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llm-d-routing-sidecar-rhel9@sha256:9908cfe2d50b00ee658382256af0a738cb0f719dfb37f5a1cdb5af1ca4500344_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-llm-d-routing-sidecar-rhel9@sha256:9908cfe2d50b00ee658382256af0a738cb0f719dfb37f5a1cdb5af1ca4500344_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-llm-d-routing-sidecar-rhel9@sha256:d60a0e26725789985f6c2b5b0b68cecbe45f27089f5192a6e957caf2f6cdbdb2_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llm-d-routing-sidecar-rhel9@sha256:d60a0e26725789985f6c2b5b0b68cecbe45f27089f5192a6e957caf2f6cdbdb2_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-llm-d-routing-sidecar-rhel9@sha256:d60a0e26725789985f6c2b5b0b68cecbe45f27089f5192a6e957caf2f6cdbdb2_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:468cd1ec5882a82f2e3d7a0c5634d80bc272908703194e5950e3eebf5b2f6b54_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:468cd1ec5882a82f2e3d7a0c5634d80bc272908703194e5950e3eebf5b2f6b54_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:468cd1ec5882a82f2e3d7a0c5634d80bc272908703194e5950e3eebf5b2f6b54_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:80da179d8cc59245c6424ebe7bc4b25fd23bb9c83a71c1d22b3b4ee5d5a7b37a_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:80da179d8cc59245c6424ebe7bc4b25fd23bb9c83a71c1d22b3b4ee5d5a7b37a_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:80da179d8cc59245c6424ebe7bc4b25fd23bb9c83a71c1d22b3b4ee5d5a7b37a_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:be7d70ba27a9c09b4fb4e6bae222f7e58cb3c813407d5a9dd3219a4a82cb55b0_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:be7d70ba27a9c09b4fb4e6bae222f7e58cb3c813407d5a9dd3219a4a82cb55b0_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:be7d70ba27a9c09b4fb4e6bae222f7e58cb3c813407d5a9dd3219a4a82cb55b0_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:52f55f3225d0f4d0f7ea2017f5138344cf9f206398546ce8e1598764111935a4_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:52f55f3225d0f4d0f7ea2017f5138344cf9f206398546ce8e1598764111935a4_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:52f55f3225d0f4d0f7ea2017f5138344cf9f206398546ce8e1598764111935a4_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:91add789382d1e87ef73f6df4275e0dea8d24330a785c99c5292832341ad5266_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:91add789382d1e87ef73f6df4275e0dea8d24330a785c99c5292832341ad5266_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:91add789382d1e87ef73f6df4275e0dea8d24330a785c99c5292832341ad5266_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:b9d03b00198d04bee1f7c5f83f90f556c7eab3a462a926d7170bedc7a22b7520_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:b9d03b00198d04bee1f7c5f83f90f556c7eab3a462a926d7170bedc7a22b7520_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:b9d03b00198d04bee1f7c5f83f90f556c7eab3a462a926d7170bedc7a22b7520_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:67deadc75f0552f04b3815ba81615edfa7909e03b1505cf74c315db6e5a8ca76_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:67deadc75f0552f04b3815ba81615edfa7909e03b1505cf74c315db6e5a8ca76_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:67deadc75f0552f04b3815ba81615edfa7909e03b1505cf74c315db6e5a8ca76_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:bef83517710b3137f5004c13870c6af61f4e6c78dc81a7f2cfe2ffa1dd46c524_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:bef83517710b3137f5004c13870c6af61f4e6c78dc81a7f2cfe2ffa1dd46c524_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:bef83517710b3137f5004c13870c6af61f4e6c78dc81a7f2cfe2ffa1dd46c524_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:bf7638364b0afc379e25aa8ad6a6f8cc0d6cfc7fbd597831c9537472f9925d98_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:bf7638364b0afc379e25aa8ad6a6f8cc0d6cfc7fbd597831c9537472f9925d98_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:bf7638364b0afc379e25aa8ad6a6f8cc0d6cfc7fbd597831c9537472f9925d98_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:20647b054e2518ebe50745506932e2af1cc247b5e2876e36142cf25b318980fa_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:20647b054e2518ebe50745506932e2af1cc247b5e2876e36142cf25b318980fa_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:20647b054e2518ebe50745506932e2af1cc247b5e2876e36142cf25b318980fa_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:c3e8c04fad71e76381e05f43d9277f6fd523d9aada895bd0ca20bca48944ff68_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:c3e8c04fad71e76381e05f43d9277f6fd523d9aada895bd0ca20bca48944ff68_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:c3e8c04fad71e76381e05f43d9277f6fd523d9aada895bd0ca20bca48944ff68_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:ebef4624564bb028554772ffafca61c2d74137d453566b7b1c04ac2e3015bb90_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:ebef4624564bb028554772ffafca61c2d74137d453566b7b1c04ac2e3015bb90_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:ebef4624564bb028554772ffafca61c2d74137d453566b7b1c04ac2e3015bb90_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:91aab4a10d8cc1340044c6297ae1bd0a5744c41164a3d83b3bf455a275f9f5cd_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:91aab4a10d8cc1340044c6297ae1bd0a5744c41164a3d83b3bf455a275f9f5cd_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:91aab4a10d8cc1340044c6297ae1bd0a5744c41164a3d83b3bf455a275f9f5cd_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:93436f429cc5fd089a464f22ed51a00505db398fe90c02565c83a6f72f265f45_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:93436f429cc5fd089a464f22ed51a00505db398fe90c02565c83a6f72f265f45_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:93436f429cc5fd089a464f22ed51a00505db398fe90c02565c83a6f72f265f45_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:e15c9c336a37dc83afbb1b0a69a9b5dd50ac515f0cde2560a4d00ed6bba7d244_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:e15c9c336a37dc83afbb1b0a69a9b5dd50ac515f0cde2560a4d00ed6bba7d244_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:e15c9c336a37dc83afbb1b0a69a9b5dd50ac515f0cde2560a4d00ed6bba7d244_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:ed02fb5e34ac2c6debd735b55af998d453d1cad29a108e924837bdee9b832a08_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:ed02fb5e34ac2c6debd735b55af998d453d1cad29a108e924837bdee9b832a08_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:ed02fb5e34ac2c6debd735b55af998d453d1cad29a108e924837bdee9b832a08_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f3fbc2fd0ac0b4677fdef170818c25235369103d2123dffb55d3d42bacd76663_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f3fbc2fd0ac0b4677fdef170818c25235369103d2123dffb55d3d42bacd76663_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f3fbc2fd0ac0b4677fdef170818c25235369103d2123dffb55d3d42bacd76663_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f77a24d488369ffa73ac4275f3b600c149279c0cea6304d3d4333d2d49b5baea_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f77a24d488369ffa73ac4275f3b600c149279c0cea6304d3d4333d2d49b5baea_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f77a24d488369ffa73ac4275f3b600c149279c0cea6304d3d4333d2d49b5baea_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:01433193ce362a8165862b72f9a095184673a77ae802f125ca18c7aa42ac9333_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:01433193ce362a8165862b72f9a095184673a77ae802f125ca18c7aa42ac9333_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:01433193ce362a8165862b72f9a095184673a77ae802f125ca18c7aa42ac9333_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:39a05ceaeecda6fa31e5bec7eb2613451db74190d9f466344f6694fa9fb02b5c_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:39a05ceaeecda6fa31e5bec7eb2613451db74190d9f466344f6694fa9fb02b5c_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:39a05ceaeecda6fa31e5bec7eb2613451db74190d9f466344f6694fa9fb02b5c_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:ab93a3d6489d5f64c6193748091c7c07f75cc25ec0a83abcb0605d4919281640_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:ab93a3d6489d5f64c6193748091c7c07f75cc25ec0a83abcb0605d4919281640_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:ab93a3d6489d5f64c6193748091c7c07f75cc25ec0a83abcb0605d4919281640_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:45a875b1e295421cfce026f3f02388f0782613fcd4ffa5b3a4f143dc317739b0_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:45a875b1e295421cfce026f3f02388f0782613fcd4ffa5b3a4f143dc317739b0_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:45a875b1e295421cfce026f3f02388f0782613fcd4ffa5b3a4f143dc317739b0_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:47c2b0fddc529f3eac61fcf4fec9afe61fd63e711994c72b1d84adf8fa46986e_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:47c2b0fddc529f3eac61fcf4fec9afe61fd63e711994c72b1d84adf8fa46986e_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:47c2b0fddc529f3eac61fcf4fec9afe61fd63e711994c72b1d84adf8fa46986e_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:21dbe80b1a0ba0f54219f6349737e9647f2f07e4d8c293b8841853ba184cf978_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:21dbe80b1a0ba0f54219f6349737e9647f2f07e4d8c293b8841853ba184cf978_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:21dbe80b1a0ba0f54219f6349737e9647f2f07e4d8c293b8841853ba184cf978_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:41443496092034e0591f625f6bb25fc2da592bc316878426aa286d6b9d8a5f20_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:41443496092034e0591f625f6bb25fc2da592bc316878426aa286d6b9d8a5f20_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:41443496092034e0591f625f6bb25fc2da592bc316878426aa286d6b9d8a5f20_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:a17ebde45f294859d21882537c89af095a5893716f965f4866ac2acb307bc4a8_s390x as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:a17ebde45f294859d21882537c89af095a5893716f965f4866ac2acb307bc4a8_s390x"
},
"product_reference": "registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:a17ebde45f294859d21882537c89af095a5893716f965f4866ac2acb307bc4a8_s390x",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f632916f22e58f24a4e7a731f62921f13f4c1d0e946f7ac983acbfe671e390b7_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f632916f22e58f24a4e7a731f62921f13f4c1d0e946f7ac983acbfe671e390b7_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f632916f22e58f24a4e7a731f62921f13f4c1d0e946f7ac983acbfe671e390b7_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:1c985e860d986a8f7be4fe2afc7176d9a905f187252cdb61206c81cf8389aa45_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:1c985e860d986a8f7be4fe2afc7176d9a905f187252cdb61206c81cf8389aa45_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:1c985e860d986a8f7be4fe2afc7176d9a905f187252cdb61206c81cf8389aa45_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:434c592a3457d383532303e4ca608ec7a99a3ae517a00bc3af1d2d80028609fe_s390x as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:434c592a3457d383532303e4ca608ec7a99a3ae517a00bc3af1d2d80028609fe_s390x"
},
"product_reference": "registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:434c592a3457d383532303e4ca608ec7a99a3ae517a00bc3af1d2d80028609fe_s390x",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:981a2ea3d88b08e312e521c87dca79497991d7cf66304a279e9ca0a50fec5774_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:981a2ea3d88b08e312e521c87dca79497991d7cf66304a279e9ca0a50fec5774_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:981a2ea3d88b08e312e521c87dca79497991d7cf66304a279e9ca0a50fec5774_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:d4687faf278546087f07a091d654f5a3723985b28ace8632249a8dd6b81a644f_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:d4687faf278546087f07a091d654f5a3723985b28ace8632249a8dd6b81a644f_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:d4687faf278546087f07a091d654f5a3723985b28ace8632249a8dd6b81a644f_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:189397a122e85b746a45993fc6e1a4e4f65d748fb92138d2048b88f919a6d5e4_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:189397a122e85b746a45993fc6e1a4e4f65d748fb92138d2048b88f919a6d5e4_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:189397a122e85b746a45993fc6e1a4e4f65d748fb92138d2048b88f919a6d5e4_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:4eb742df1df9bb754adac6df9ea0c6150da2548d4e4f8df2841815a4ca3ff0fb_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:4eb742df1df9bb754adac6df9ea0c6150da2548d4e4f8df2841815a4ca3ff0fb_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:4eb742df1df9bb754adac6df9ea0c6150da2548d4e4f8df2841815a4ca3ff0fb_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:90ea3f8de580cddc460c62e4777dfddb7ec3ec98d22ee1a2ec39766d3f323af3_s390x as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:90ea3f8de580cddc460c62e4777dfddb7ec3ec98d22ee1a2ec39766d3f323af3_s390x"
},
"product_reference": "registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:90ea3f8de580cddc460c62e4777dfddb7ec3ec98d22ee1a2ec39766d3f323af3_s390x",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:e465a23c2107028933200f1d4286f7183a514237dfb678074f61b0c0ce3b673a_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:e465a23c2107028933200f1d4286f7183a514237dfb678074f61b0c0ce3b673a_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:e465a23c2107028933200f1d4286f7183a514237dfb678074f61b0c0ce3b673a_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:1eaaf44444a5c06551ab4ed08d1f63e58bbaf6f99d72cd5e6045dc0e4f784e14_s390x as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:1eaaf44444a5c06551ab4ed08d1f63e58bbaf6f99d72cd5e6045dc0e4f784e14_s390x"
},
"product_reference": "registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:1eaaf44444a5c06551ab4ed08d1f63e58bbaf6f99d72cd5e6045dc0e4f784e14_s390x",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:994e2cf04a3fac9c9d3002a1e09cb1d7ddc39ace4083efcdf797ff406dbd2480_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:994e2cf04a3fac9c9d3002a1e09cb1d7ddc39ace4083efcdf797ff406dbd2480_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:994e2cf04a3fac9c9d3002a1e09cb1d7ddc39ace4083efcdf797ff406dbd2480_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:d4d70a9fd8dcea2315b29ea36c085b6a37bd317fb7df6688993f4e7b62a2a47e_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:d4d70a9fd8dcea2315b29ea36c085b6a37bd317fb7df6688993f4e7b62a2a47e_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:d4d70a9fd8dcea2315b29ea36c085b6a37bd317fb7df6688993f4e7b62a2a47e_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:eadabd1ca3be57aa8e3e92795d8dcd40985e841dc4e164d0ebc4e272b40bac3e_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:eadabd1ca3be57aa8e3e92795d8dcd40985e841dc4e164d0ebc4e272b40bac3e_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:eadabd1ca3be57aa8e3e92795d8dcd40985e841dc4e164d0ebc4e272b40bac3e_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2c0f9298efa8fcae81f129122b8cdf2e2391a7042cf4a9b44faf125b1f0e0f73_s390x as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2c0f9298efa8fcae81f129122b8cdf2e2391a7042cf4a9b44faf125b1f0e0f73_s390x"
},
"product_reference": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2c0f9298efa8fcae81f129122b8cdf2e2391a7042cf4a9b44faf125b1f0e0f73_s390x",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:49944a86d30194982f92a0bba70e02682715bc3bd8ae72fcf855b7509f993496_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:49944a86d30194982f92a0bba70e02682715bc3bd8ae72fcf855b7509f993496_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:49944a86d30194982f92a0bba70e02682715bc3bd8ae72fcf855b7509f993496_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:4de60e3690b5cd87a4057b7818f888e2bd97ef5b96b99c4c7dd249c1fff7ca38_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:4de60e3690b5cd87a4057b7818f888e2bd97ef5b96b99c4c7dd249c1fff7ca38_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:4de60e3690b5cd87a4057b7818f888e2bd97ef5b96b99c4c7dd249c1fff7ca38_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:a977560da71f539a5e7076deb6d374afba36121c877f59e85310895f2045d3ee_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:a977560da71f539a5e7076deb6d374afba36121c877f59e85310895f2045d3ee_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:a977560da71f539a5e7076deb6d374afba36121c877f59e85310895f2045d3ee_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:2be50d667e5c0f2e06e60e4f62d744aea9116332ae728919b7cf7a246b618664_s390x as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:2be50d667e5c0f2e06e60e4f62d744aea9116332ae728919b7cf7a246b618664_s390x"
},
"product_reference": "registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:2be50d667e5c0f2e06e60e4f62d744aea9116332ae728919b7cf7a246b618664_s390x",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:419c6ec3e5fea5d957a8e4cd5510995d2f4a6b0537fe94ea82dfebab975a42a2_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:419c6ec3e5fea5d957a8e4cd5510995d2f4a6b0537fe94ea82dfebab975a42a2_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:419c6ec3e5fea5d957a8e4cd5510995d2f4a6b0537fe94ea82dfebab975a42a2_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:723112cb61845745edf0d9ef5354c4845be6fbe5cb11ab3166c17b207130a943_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:723112cb61845745edf0d9ef5354c4845be6fbe5cb11ab3166c17b207130a943_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:723112cb61845745edf0d9ef5354c4845be6fbe5cb11ab3166c17b207130a943_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:bc3041ddf8d7b7b2289cc5e4e1220b600ee0b34a6d3d8a85b8bd3761abea7e0d_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:bc3041ddf8d7b7b2289cc5e4e1220b600ee0b34a6d3d8a85b8bd3761abea7e0d_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:bc3041ddf8d7b7b2289cc5e4e1220b600ee0b34a6d3d8a85b8bd3761abea7e0d_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:6c53139b9dfc9dca16c31f9fd78cbb338a79311d42a823b344f9bdefb99733e7_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:6c53139b9dfc9dca16c31f9fd78cbb338a79311d42a823b344f9bdefb99733e7_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:6c53139b9dfc9dca16c31f9fd78cbb338a79311d42a823b344f9bdefb99733e7_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:d0c2eaa242cedd58d0810f5a326b8dc4ce54a38a8579c5fdfda3bd8e30e74e75_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:d0c2eaa242cedd58d0810f5a326b8dc4ce54a38a8579c5fdfda3bd8e30e74e75_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:d0c2eaa242cedd58d0810f5a326b8dc4ce54a38a8579c5fdfda3bd8e30e74e75_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:c05de2381d517323b0ae164f7b3cf23d9f8c641ea47e2cd0a897224429ed5533_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:c05de2381d517323b0ae164f7b3cf23d9f8c641ea47e2cd0a897224429ed5533_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:c05de2381d517323b0ae164f7b3cf23d9f8c641ea47e2cd0a897224429ed5533_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:f2f82d2a1a33b36097d7bf16fa53cde6baebfcd170def12f75d3da6fe292a78c_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:f2f82d2a1a33b36097d7bf16fa53cde6baebfcd170def12f75d3da6fe292a78c_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:f2f82d2a1a33b36097d7bf16fa53cde6baebfcd170def12f75d3da6fe292a78c_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:4fe3535468b5d6b49d08056ccd51284887baf1fc4a1cb7e7291057c2cf85f5f2_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:4fe3535468b5d6b49d08056ccd51284887baf1fc4a1cb7e7291057c2cf85f5f2_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:4fe3535468b5d6b49d08056ccd51284887baf1fc4a1cb7e7291057c2cf85f5f2_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef5b9e57765b47b45c682075fcd8017f1eff985de28c1baad33617964c006a52_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef5b9e57765b47b45c682075fcd8017f1eff985de28c1baad33617964c006a52_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef5b9e57765b47b45c682075fcd8017f1eff985de28c1baad33617964c006a52_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:16b8ccd7cb2600a2225eee5317bf7250c37f45a7e58a43ffbdaf862e9066f0a0_s390x as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:16b8ccd7cb2600a2225eee5317bf7250c37f45a7e58a43ffbdaf862e9066f0a0_s390x"
},
"product_reference": "registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:16b8ccd7cb2600a2225eee5317bf7250c37f45a7e58a43ffbdaf862e9066f0a0_s390x",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:314e3ae61356b86a365bace1060f7cd6013e46ff88dace6bb2b61c281c287827_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:314e3ae61356b86a365bace1060f7cd6013e46ff88dace6bb2b61c281c287827_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:314e3ae61356b86a365bace1060f7cd6013e46ff88dace6bb2b61c281c287827_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:6f96d9a820c7cc7aa4f4b64a6b2910fd37949c9c941620ad274ee015d8276613_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:6f96d9a820c7cc7aa4f4b64a6b2910fd37949c9c941620ad274ee015d8276613_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:6f96d9a820c7cc7aa4f4b64a6b2910fd37949c9c941620ad274ee015d8276613_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:a4e9cfc29cf740ac5914cca780fa2384646990c043048fa55151ff4f5df00fa2_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:a4e9cfc29cf740ac5914cca780fa2384646990c043048fa55151ff4f5df00fa2_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:a4e9cfc29cf740ac5914cca780fa2384646990c043048fa55151ff4f5df00fa2_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:72278a1be67fa3887019782dbbcbfe9399dbb3eb6a02ee1d55010fd7bad464f5_s390x as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:72278a1be67fa3887019782dbbcbfe9399dbb3eb6a02ee1d55010fd7bad464f5_s390x"
},
"product_reference": "registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:72278a1be67fa3887019782dbbcbfe9399dbb3eb6a02ee1d55010fd7bad464f5_s390x",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:8aa7ebdea91590ecfab30e333dc62577a8e873fe014f21628fee904c040da3c6_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:8aa7ebdea91590ecfab30e333dc62577a8e873fe014f21628fee904c040da3c6_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:8aa7ebdea91590ecfab30e333dc62577a8e873fe014f21628fee904c040da3c6_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:ab51ed9b5aea2919f8a62c0d99c6e3f7defe69056290b3062a636f4a1a8aecc2_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:ab51ed9b5aea2919f8a62c0d99c6e3f7defe69056290b3062a636f4a1a8aecc2_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:ab51ed9b5aea2919f8a62c0d99c6e3f7defe69056290b3062a636f4a1a8aecc2_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:d87a20577e08cbc139f48ab3154cc94b15597c67ff1351899fa4ca59d04bff58_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:d87a20577e08cbc139f48ab3154cc94b15597c67ff1351899fa4ca59d04bff58_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:d87a20577e08cbc139f48ab3154cc94b15597c67ff1351899fa4ca59d04bff58_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:fbfd2e7078a290dc240310e34bdf65eaf4b4fec5f6d5440e400b5481960ef448_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:fbfd2e7078a290dc240310e34bdf65eaf4b4fec5f6d5440e400b5481960ef448_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:fbfd2e7078a290dc240310e34bdf65eaf4b4fec5f6d5440e400b5481960ef448_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-operator-bundle@sha256:241f14acf737b23def38e8ad03707c575ddb20772a20995ee90b55b74c6e5557_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-operator-bundle@sha256:241f14acf737b23def38e8ad03707c575ddb20772a20995ee90b55b74c6e5557_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-operator-bundle@sha256:241f14acf737b23def38e8ad03707c575ddb20772a20995ee90b55b74c6e5557_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:360b97cfa5cc929c7fd33172eb80f7f71c298335c4271030fa124cc33a6cb1d8_s390x as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:360b97cfa5cc929c7fd33172eb80f7f71c298335c4271030fa124cc33a6cb1d8_s390x"
},
"product_reference": "registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:360b97cfa5cc929c7fd33172eb80f7f71c298335c4271030fa124cc33a6cb1d8_s390x",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:7a354b91b17b33b26c57c3b8a90747c31569bb7c40ce473534a5ba5f173d7322_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:7a354b91b17b33b26c57c3b8a90747c31569bb7c40ce473534a5ba5f173d7322_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:7a354b91b17b33b26c57c3b8a90747c31569bb7c40ce473534a5ba5f173d7322_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:88fbe21741f4052b4fb118c652e5f39ae28937e8b60fad930945be8ac3351eec_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:88fbe21741f4052b4fb118c652e5f39ae28937e8b60fad930945be8ac3351eec_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:88fbe21741f4052b4fb118c652e5f39ae28937e8b60fad930945be8ac3351eec_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:d17199ec02f3f62ed061a5d51d8a9f7497dcade091a7b3c01ad14a781f6e97df_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:d17199ec02f3f62ed061a5d51d8a9f7497dcade091a7b3c01ad14a781f6e97df_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:d17199ec02f3f62ed061a5d51d8a9f7497dcade091a7b3c01ad14a781f6e97df_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:00390c9d7dc34d84a819429e0b881e5fae11a659f2dde48689e102c8eddb3fe2_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:00390c9d7dc34d84a819429e0b881e5fae11a659f2dde48689e102c8eddb3fe2_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:00390c9d7dc34d84a819429e0b881e5fae11a659f2dde48689e102c8eddb3fe2_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:9414a3f5c38ef2fe7ed73f70bb2cf7c3f271ea75c941bce2561e74b81251c153_s390x as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:9414a3f5c38ef2fe7ed73f70bb2cf7c3f271ea75c941bce2561e74b81251c153_s390x"
},
"product_reference": "registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:9414a3f5c38ef2fe7ed73f70bb2cf7c3f271ea75c941bce2561e74b81251c153_s390x",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:c35c95fa0511503853770594040357cba04649739f4a61f862f6ac4de8b636eb_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:c35c95fa0511503853770594040357cba04649739f4a61f862f6ac4de8b636eb_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:c35c95fa0511503853770594040357cba04649739f4a61f862f6ac4de8b636eb_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:d017ace8b157f711e269dd0a1f073235eaa9f4c58a7ff8fc974ae3d05efb80a6_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:d017ace8b157f711e269dd0a1f073235eaa9f4c58a7ff8fc974ae3d05efb80a6_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:d017ace8b157f711e269dd0a1f073235eaa9f4c58a7ff8fc974ae3d05efb80a6_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-pytorch-cuda-py312-rhel9@sha256:0780f52efa6c68ea2fb6371edfbd8b703157c38911803985bb1a676c84e073b5_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-pytorch-cuda-py312-rhel9@sha256:0780f52efa6c68ea2fb6371edfbd8b703157c38911803985bb1a676c84e073b5_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-pipeline-runtime-pytorch-cuda-py312-rhel9@sha256:0780f52efa6c68ea2fb6371edfbd8b703157c38911803985bb1a676c84e073b5_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-pytorch-llmcompressor-cuda-py312-rhel9@sha256:a202c9ec6be34c4be1793e4f9f348077f345c450e0fcd04071d5092f266df9b4_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-pytorch-llmcompressor-cuda-py312-rhel9@sha256:a202c9ec6be34c4be1793e4f9f348077f345c450e0fcd04071d5092f266df9b4_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-pipeline-runtime-pytorch-llmcompressor-cuda-py312-rhel9@sha256:a202c9ec6be34c4be1793e4f9f348077f345c450e0fcd04071d5092f266df9b4_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-pytorch-rocm-py312-rhel9@sha256:e18d2d006c8cd4e3d3816540e154f421e7550a96f73901a799c15a5b4fe576db_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-pytorch-rocm-py312-rhel9@sha256:e18d2d006c8cd4e3d3816540e154f421e7550a96f73901a799c15a5b4fe576db_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-pipeline-runtime-pytorch-rocm-py312-rhel9@sha256:e18d2d006c8cd4e3d3816540e154f421e7550a96f73901a799c15a5b4fe576db_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-tensorflow-cuda-py312-rhel9@sha256:6e8f2fc28114e00d6f46450f111916b5b4efbdc1cee78596d36cd24baaea0c1c_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-tensorflow-cuda-py312-rhel9@sha256:6e8f2fc28114e00d6f46450f111916b5b4efbdc1cee78596d36cd24baaea0c1c_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-pipeline-runtime-tensorflow-cuda-py312-rhel9@sha256:6e8f2fc28114e00d6f46450f111916b5b4efbdc1cee78596d36cd24baaea0c1c_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-tensorflow-cuda-py312-rhel9@sha256:fa2b62d5001452ad077383bc63124f021bbef766fb104203a9a05bba87332d8e_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-tensorflow-cuda-py312-rhel9@sha256:fa2b62d5001452ad077383bc63124f021bbef766fb104203a9a05bba87332d8e_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-pipeline-runtime-tensorflow-cuda-py312-rhel9@sha256:fa2b62d5001452ad077383bc63124f021bbef766fb104203a9a05bba87332d8e_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-pipeline-runtime-tensorflow-rocm-py312-rhel9@sha256:3bdeae6f78230e1d966cf7a3f35ea821c808f40cc4c2abb7af9b1748f5611826_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-tensorflow-rocm-py312-rhel9@sha256:3bdeae6f78230e1d966cf7a3f35ea821c808f40cc4c2abb7af9b1748f5611826_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-pipeline-runtime-tensorflow-rocm-py312-rhel9@sha256:3bdeae6f78230e1d966cf7a3f35ea821c808f40cc4c2abb7af9b1748f5611826_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:16d6fcea2a0d24da26ee5e784d20a5d2af9db6e99e804bf2c6b8c2d88fd41485_s390x as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:16d6fcea2a0d24da26ee5e784d20a5d2af9db6e99e804bf2c6b8c2d88fd41485_s390x"
},
"product_reference": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:16d6fcea2a0d24da26ee5e784d20a5d2af9db6e99e804bf2c6b8c2d88fd41485_s390x",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:c16728de5b7bf18f51d480dec3a6b398c738c6bc6e144cb42d3c89bc6ecb9df2_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:c16728de5b7bf18f51d480dec3a6b398c738c6bc6e144cb42d3c89bc6ecb9df2_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:c16728de5b7bf18f51d480dec3a6b398c738c6bc6e144cb42d3c89bc6ecb9df2_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:e6399638e0138333e4493d200bde94039c097773b677a1d0e4d07e81cee9ef00_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:e6399638e0138333e4493d200bde94039c097773b677a1d0e4d07e81cee9ef00_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:e6399638e0138333e4493d200bde94039c097773b677a1d0e4d07e81cee9ef00_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:ef1dbf4b3d733bca3f599ef8a3a5173650ef26dd1f422e464d637b41dadb1f1d_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:ef1dbf4b3d733bca3f599ef8a3a5173650ef26dd1f422e464d637b41dadb1f1d_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-rhel9-operator@sha256:ef1dbf4b3d733bca3f599ef8a3a5173650ef26dd1f422e464d637b41dadb1f1d_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:67fce9de4e734d3e32c1cbdc60831ad54fe10d9265333535590d7b154281ead8_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:67fce9de4e734d3e32c1cbdc60831ad54fe10d9265333535590d7b154281ead8_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:67fce9de4e734d3e32c1cbdc60831ad54fe10d9265333535590d7b154281ead8_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:7a8408dd838cc49f46ddbab416ded7f0e17cdf70fd53c4989aced80735401e23_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:7a8408dd838cc49f46ddbab416ded7f0e17cdf70fd53c4989aced80735401e23_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:7a8408dd838cc49f46ddbab416ded7f0e17cdf70fd53c4989aced80735401e23_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:af384a9f034c11f7bb2a4acdf3bcd6087282c1a18b6817a82abed5b8638c6951_s390x as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:af384a9f034c11f7bb2a4acdf3bcd6087282c1a18b6817a82abed5b8638c6951_s390x"
},
"product_reference": "registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:af384a9f034c11f7bb2a4acdf3bcd6087282c1a18b6817a82abed5b8638c6951_s390x",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:fb238efd1812752a8ce8b47a9418f71c434d2560e0b06ad2cd8437d64a98498f_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:fb238efd1812752a8ce8b47a9418f71c434d2560e0b06ad2cd8437d64a98498f_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:fb238efd1812752a8ce8b47a9418f71c434d2560e0b06ad2cd8437d64a98498f_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:521682a029cda192fdd8ebde9245c7eba540c8f97bca2cbb3e84189a9897572e_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:521682a029cda192fdd8ebde9245c7eba540c8f97bca2cbb3e84189a9897572e_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:521682a029cda192fdd8ebde9245c7eba540c8f97bca2cbb3e84189a9897572e_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:616eb0426a428db355c82ef6763290c4e493be44b0b4c5411a55f57e9d0f13aa_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:616eb0426a428db355c82ef6763290c4e493be44b0b4c5411a55f57e9d0f13aa_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:616eb0426a428db355c82ef6763290c4e493be44b0b4c5411a55f57e9d0f13aa_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:8dd600e003d1b6395f1406fc31c17f7204ec6cce0e067dac8c2f3cbed4534c49_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:8dd600e003d1b6395f1406fc31c17f7204ec6cce0e067dac8c2f3cbed4534c49_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:8dd600e003d1b6395f1406fc31c17f7204ec6cce0e067dac8c2f3cbed4534c49_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:eed2ac205ef82e2534e721cb23e9e4c2e7ceb41dcd3bf98267c2cf987112db19_s390x as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:eed2ac205ef82e2534e721cb23e9e4c2e7ceb41dcd3bf98267c2cf987112db19_s390x"
},
"product_reference": "registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:eed2ac205ef82e2534e721cb23e9e4c2e7ceb41dcd3bf98267c2cf987112db19_s390x",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-training-cuda121-torch24-py311-rhel9@sha256:3a8dd739be30f5d682f3a05e4f34644039458dcb630d172548b2bb4b15877ecb_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-cuda121-torch24-py311-rhel9@sha256:3a8dd739be30f5d682f3a05e4f34644039458dcb630d172548b2bb4b15877ecb_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-training-cuda121-torch24-py311-rhel9@sha256:3a8dd739be30f5d682f3a05e4f34644039458dcb630d172548b2bb4b15877ecb_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-training-cuda124-torch25-py311-rhel9@sha256:67731cbfb492941b8711b0c602726070859222026006a43e6c2277355e7a27da_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-cuda124-torch25-py311-rhel9@sha256:67731cbfb492941b8711b0c602726070859222026006a43e6c2277355e7a27da_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-training-cuda124-torch25-py311-rhel9@sha256:67731cbfb492941b8711b0c602726070859222026006a43e6c2277355e7a27da_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:2980f5cddc9a58ad489e9e2beca20f1d8c8a75f814be7ce673db003f0e6de579_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:2980f5cddc9a58ad489e9e2beca20f1d8c8a75f814be7ce673db003f0e6de579_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:2980f5cddc9a58ad489e9e2beca20f1d8c8a75f814be7ce673db003f0e6de579_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:77a27c980f9882272734739b5f6a8635e1acd303a4ca69a5635add956a4fe89f_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:77a27c980f9882272734739b5f6a8635e1acd303a4ca69a5635add956a4fe89f_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:77a27c980f9882272734739b5f6a8635e1acd303a4ca69a5635add956a4fe89f_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:bcebd560c77cf1a02e70a26fda256d1af078d7aafe57fed52c96b699f7381876_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:bcebd560c77cf1a02e70a26fda256d1af078d7aafe57fed52c96b699f7381876_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:bcebd560c77cf1a02e70a26fda256d1af078d7aafe57fed52c96b699f7381876_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-training-rocm62-torch24-py311-rhel9@sha256:2c412361f470d93c05cb1bf0f38380b31cac8f48b21983c9709b9f6edd0ad5e1_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-rocm62-torch24-py311-rhel9@sha256:2c412361f470d93c05cb1bf0f38380b31cac8f48b21983c9709b9f6edd0ad5e1_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-training-rocm62-torch24-py311-rhel9@sha256:2c412361f470d93c05cb1bf0f38380b31cac8f48b21983c9709b9f6edd0ad5e1_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-training-rocm62-torch25-py311-rhel9@sha256:96cfb8aa1789dac69f6f6e91d66073f2757a04329c5b9ff4be6d506f370f5d5d_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-rocm62-torch25-py311-rhel9@sha256:96cfb8aa1789dac69f6f6e91d66073f2757a04329c5b9ff4be6d506f370f5d5d_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-training-rocm62-torch25-py311-rhel9@sha256:96cfb8aa1789dac69f6f6e91d66073f2757a04329c5b9ff4be6d506f370f5d5d_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:4c61c28b243a1e6d0f765fd37281f5e7abbb85fd2f09b5a1963aedf3b359fb9a_s390x as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:4c61c28b243a1e6d0f765fd37281f5e7abbb85fd2f09b5a1963aedf3b359fb9a_s390x"
},
"product_reference": "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:4c61c28b243a1e6d0f765fd37281f5e7abbb85fd2f09b5a1963aedf3b359fb9a_s390x",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:9b24fa0cbf418b4531a5c57eb302a4235bcc15008727a857b63b8a9a54315e08_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:9b24fa0cbf418b4531a5c57eb302a4235bcc15008727a857b63b8a9a54315e08_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:9b24fa0cbf418b4531a5c57eb302a4235bcc15008727a857b63b8a9a54315e08_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:c0558782a9ce1fcd3530aaa0e83f330f15c7e76f5543876fe72c420bfe970d59_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:c0558782a9ce1fcd3530aaa0e83f330f15c7e76f5543876fe72c420bfe970d59_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:c0558782a9ce1fcd3530aaa0e83f330f15c7e76f5543876fe72c420bfe970d59_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:d0549a90f03c87bb0d2e811123b56f71caee1df38ea8016a6338cba3b0a060c5_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:d0549a90f03c87bb0d2e811123b56f71caee1df38ea8016a6338cba3b0a060c5_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:d0549a90f03c87bb0d2e811123b56f71caee1df38ea8016a6338cba3b0a060c5_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:74f401ef1af1ee81c4f09de1c2874e9b1a9667c847e01a09b224f6e6628f3860_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:74f401ef1af1ee81c4f09de1c2874e9b1a9667c847e01a09b224f6e6628f3860_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:74f401ef1af1ee81c4f09de1c2874e9b1a9667c847e01a09b224f6e6628f3860_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:7ab2029ebe7ade1697ad33ab5ec7552eff355cb09d2fcbcc0fee938c39c5eb98_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:7ab2029ebe7ade1697ad33ab5ec7552eff355cb09d2fcbcc0fee938c39c5eb98_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:7ab2029ebe7ade1697ad33ab5ec7552eff355cb09d2fcbcc0fee938c39c5eb98_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:8ee4bfb7fbb1e28c1678f2471c1eec5451f4833a4c6c7c791a08c4872c330137_s390x as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:8ee4bfb7fbb1e28c1678f2471c1eec5451f4833a4c6c7c791a08c4872c330137_s390x"
},
"product_reference": "registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:8ee4bfb7fbb1e28c1678f2471c1eec5451f4833a4c6c7c791a08c4872c330137_s390x",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:a5f954cd1f5e59220266e5aad4446d5cc923253606b2c3a4ce303d74a6885604_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:a5f954cd1f5e59220266e5aad4446d5cc923253606b2c3a4ce303d74a6885604_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:a5f954cd1f5e59220266e5aad4446d5cc923253606b2c3a4ce303d74a6885604_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:5957a6eee180b64492d9203571a0466c0da23cd275f1778927dd94a54f27b93b_s390x as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:5957a6eee180b64492d9203571a0466c0da23cd275f1778927dd94a54f27b93b_s390x"
},
"product_reference": "registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:5957a6eee180b64492d9203571a0466c0da23cd275f1778927dd94a54f27b93b_s390x",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:75a6fdf619836b3da7198a2d6588cf8d8f895b8db7507318370c316d37616df8_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:75a6fdf619836b3da7198a2d6588cf8d8f895b8db7507318370c316d37616df8_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:75a6fdf619836b3da7198a2d6588cf8d8f895b8db7507318370c316d37616df8_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:90c886f732e038e7c7394d490dbb0d5e69433cdb2b020bea26d26e02fb1ea30e_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:90c886f732e038e7c7394d490dbb0d5e69433cdb2b020bea26d26e02fb1ea30e_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:90c886f732e038e7c7394d490dbb0d5e69433cdb2b020bea26d26e02fb1ea30e_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:b5fe5f528b0a9c8fb45beba3a4b4fccdf132285febc41291fdc5f9d648098b60_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:b5fe5f528b0a9c8fb45beba3a4b4fccdf132285febc41291fdc5f9d648098b60_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:b5fe5f528b0a9c8fb45beba3a4b4fccdf132285febc41291fdc5f9d648098b60_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:2e62aca12b975fa68c15bf7a4f7cde9c45f4843e2b464646832cda8e1787e952_s390x as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:2e62aca12b975fa68c15bf7a4f7cde9c45f4843e2b464646832cda8e1787e952_s390x"
},
"product_reference": "registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:2e62aca12b975fa68c15bf7a4f7cde9c45f4843e2b464646832cda8e1787e952_s390x",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:d2ce36d1f2d19fef64320af65a24fe313432ccd8f0fbf205f981fdba5a4e6bc3_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:d2ce36d1f2d19fef64320af65a24fe313432ccd8f0fbf205f981fdba5a4e6bc3_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:d2ce36d1f2d19fef64320af65a24fe313432ccd8f0fbf205f981fdba5a4e6bc3_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-vllm-cuda-rhel9@sha256:1e8b4f9fdc32213a45824c441171218fd4814ff5ea718b31fc0f74d9322f1a3f_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cuda-rhel9@sha256:1e8b4f9fdc32213a45824c441171218fd4814ff5ea718b31fc0f74d9322f1a3f_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-vllm-cuda-rhel9@sha256:1e8b4f9fdc32213a45824c441171218fd4814ff5ea718b31fc0f74d9322f1a3f_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-vllm-cuda-rhel9@sha256:78ccc2cef82e18943e3d9f3433597a77c3430814ab9f042c5b2a9e907049f8de_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cuda-rhel9@sha256:78ccc2cef82e18943e3d9f3433597a77c3430814ab9f042c5b2a9e907049f8de_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-vllm-cuda-rhel9@sha256:78ccc2cef82e18943e3d9f3433597a77c3430814ab9f042c5b2a9e907049f8de_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-vllm-gaudi-rhel9@sha256:a2d2b3da2877d3857b6e4dd3685ae12631b847fb4daf7a56234a4655e45cde0f_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-gaudi-rhel9@sha256:a2d2b3da2877d3857b6e4dd3685ae12631b847fb4daf7a56234a4655e45cde0f_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-vllm-gaudi-rhel9@sha256:a2d2b3da2877d3857b6e4dd3685ae12631b847fb4daf7a56234a4655e45cde0f_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-vllm-rocm-rhel9@sha256:7cf5a595faf09636baa94db52be028d4d4d1e2be0fc4748d276719387b2de3b4_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-rocm-rhel9@sha256:7cf5a595faf09636baa94db52be028d4d4d1e2be0fc4748d276719387b2de3b4_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-vllm-rocm-rhel9@sha256:7cf5a595faf09636baa94db52be028d4d4d1e2be0fc4748d276719387b2de3b4_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-workbench-codeserver-datascience-cpu-py312-rhel9@sha256:012089e186f66a139d3dbab861f2c88e18c7953b81381872fb5ccf78465ab641_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-codeserver-datascience-cpu-py312-rhel9@sha256:012089e186f66a139d3dbab861f2c88e18c7953b81381872fb5ccf78465ab641_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-workbench-codeserver-datascience-cpu-py312-rhel9@sha256:012089e186f66a139d3dbab861f2c88e18c7953b81381872fb5ccf78465ab641_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-workbench-codeserver-datascience-cpu-py312-rhel9@sha256:2b6b580b98ece481ae56d3106d1f555502482e158747dbfa696f5b8b01e69732_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-codeserver-datascience-cpu-py312-rhel9@sha256:2b6b580b98ece481ae56d3106d1f555502482e158747dbfa696f5b8b01e69732_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-workbench-codeserver-datascience-cpu-py312-rhel9@sha256:2b6b580b98ece481ae56d3106d1f555502482e158747dbfa696f5b8b01e69732_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-workbench-codeserver-datascience-cpu-py312-rhel9@sha256:b1ae091d2676b195a4fe49130d26d28bb1ecd6b346533ebfafd04e438d9787a3_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-codeserver-datascience-cpu-py312-rhel9@sha256:b1ae091d2676b195a4fe49130d26d28bb1ecd6b346533ebfafd04e438d9787a3_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-workbench-codeserver-datascience-cpu-py312-rhel9@sha256:b1ae091d2676b195a4fe49130d26d28bb1ecd6b346533ebfafd04e438d9787a3_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:6061305164604c2715095f95b8a5ffad2acebb8e7e9db1483c7f9305626f396e_s390x as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:6061305164604c2715095f95b8a5ffad2acebb8e7e9db1483c7f9305626f396e_s390x"
},
"product_reference": "registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:6061305164604c2715095f95b8a5ffad2acebb8e7e9db1483c7f9305626f396e_s390x",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:62a04dfef095c14dcf8ae37af42f49ad410d0525eb47c509d53c0469cdf09b8c_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:62a04dfef095c14dcf8ae37af42f49ad410d0525eb47c509d53c0469cdf09b8c_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:62a04dfef095c14dcf8ae37af42f49ad410d0525eb47c509d53c0469cdf09b8c_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:8f3cfa79c68587c251805f01acc84a6a24bc08505a7548a9b3aebc8f58ed8a25_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:8f3cfa79c68587c251805f01acc84a6a24bc08505a7548a9b3aebc8f58ed8a25_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:8f3cfa79c68587c251805f01acc84a6a24bc08505a7548a9b3aebc8f58ed8a25_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:b15df9b9947b193cf648102945059587d5f56353b3a2f97e148ec30c34ec3953_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:b15df9b9947b193cf648102945059587d5f56353b3a2f97e148ec30c34ec3953_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:b15df9b9947b193cf648102945059587d5f56353b3a2f97e148ec30c34ec3953_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:267b5f0d8edc1ffa3cb8f069fd83483712c17de02d0d8568cd9bda0b2389ebf0_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:267b5f0d8edc1ffa3cb8f069fd83483712c17de02d0d8568cd9bda0b2389ebf0_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:267b5f0d8edc1ffa3cb8f069fd83483712c17de02d0d8568cd9bda0b2389ebf0_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:300d59e66dee9bfc24d53cc14428c1fd95ea714e34a1b75b1317bd5a7f182150_s390x as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:300d59e66dee9bfc24d53cc14428c1fd95ea714e34a1b75b1317bd5a7f182150_s390x"
},
"product_reference": "registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:300d59e66dee9bfc24d53cc14428c1fd95ea714e34a1b75b1317bd5a7f182150_s390x",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:7ea4b2d6a2da83adf6680f65621575c4cae8ac246d52c6a59c1bebc6d7c73295_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:7ea4b2d6a2da83adf6680f65621575c4cae8ac246d52c6a59c1bebc6d7c73295_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:7ea4b2d6a2da83adf6680f65621575c4cae8ac246d52c6a59c1bebc6d7c73295_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:ccb50d7b1baa491283897be4f3c2a4bf9d8e3d2e7aa6fb3b18874abe9d43ea44_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:ccb50d7b1baa491283897be4f3c2a4bf9d8e3d2e7aa6fb3b18874abe9d43ea44_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:ccb50d7b1baa491283897be4f3c2a4bf9d8e3d2e7aa6fb3b18874abe9d43ea44_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cuda-py312-rhel9@sha256:0a10e0df52a41f7ca9053f3292befde92ab9e1c2965bc3a2bdbe51eaeb5b8e48_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cuda-py312-rhel9@sha256:0a10e0df52a41f7ca9053f3292befde92ab9e1c2965bc3a2bdbe51eaeb5b8e48_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cuda-py312-rhel9@sha256:0a10e0df52a41f7ca9053f3292befde92ab9e1c2965bc3a2bdbe51eaeb5b8e48_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cuda-py312-rhel9@sha256:47ebda63b857cae1475cb195d372db7a7a4ee729d286e1da386bdf5972d81482_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cuda-py312-rhel9@sha256:47ebda63b857cae1475cb195d372db7a7a4ee729d286e1da386bdf5972d81482_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cuda-py312-rhel9@sha256:47ebda63b857cae1475cb195d372db7a7a4ee729d286e1da386bdf5972d81482_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-rocm-py312-rhel9@sha256:158c783d59cdbdb9028c4dd760632edd7295330b5dcebbe0017bff4089635c3a_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-rocm-py312-rhel9@sha256:158c783d59cdbdb9028c4dd760632edd7295330b5dcebbe0017bff4089635c3a_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-rocm-py312-rhel9@sha256:158c783d59cdbdb9028c4dd760632edd7295330b5dcebbe0017bff4089635c3a_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-pytorch-cuda-py312-rhel9@sha256:fbe346eafcfbb867f595cbad5ea0190fabbabc61ad80a4be2265e0e2b0149f68_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-pytorch-cuda-py312-rhel9@sha256:fbe346eafcfbb867f595cbad5ea0190fabbabc61ad80a4be2265e0e2b0149f68_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-workbench-jupyter-pytorch-cuda-py312-rhel9@sha256:fbe346eafcfbb867f595cbad5ea0190fabbabc61ad80a4be2265e0e2b0149f68_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-pytorch-llmcompressor-cuda-py312-rhel9@sha256:fec8bf2d539fd00df8854a723bae98b7e173c43153c3132ba459bc0e9a86ae35_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-pytorch-llmcompressor-cuda-py312-rhel9@sha256:fec8bf2d539fd00df8854a723bae98b7e173c43153c3132ba459bc0e9a86ae35_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-workbench-jupyter-pytorch-llmcompressor-cuda-py312-rhel9@sha256:fec8bf2d539fd00df8854a723bae98b7e173c43153c3132ba459bc0e9a86ae35_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-pytorch-rocm-py312-rhel9@sha256:b19482e4008ac03a39b432fb3056bb1ab372ef1617df5bbfe784bc2910b6827a_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-pytorch-rocm-py312-rhel9@sha256:b19482e4008ac03a39b432fb3056bb1ab372ef1617df5bbfe784bc2910b6827a_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-workbench-jupyter-pytorch-rocm-py312-rhel9@sha256:b19482e4008ac03a39b432fb3056bb1ab372ef1617df5bbfe784bc2910b6827a_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-tensorflow-cuda-py312-rhel9@sha256:1213d9e9a56ec3fddb887082d95c2ac168876eee8592aba265aeadd7ffad3898_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-tensorflow-cuda-py312-rhel9@sha256:1213d9e9a56ec3fddb887082d95c2ac168876eee8592aba265aeadd7ffad3898_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-workbench-jupyter-tensorflow-cuda-py312-rhel9@sha256:1213d9e9a56ec3fddb887082d95c2ac168876eee8592aba265aeadd7ffad3898_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-tensorflow-cuda-py312-rhel9@sha256:bcb20d34a700e232c713123cc3b55ab538261d4f185f5ec532ba8c432a91676c_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-tensorflow-cuda-py312-rhel9@sha256:bcb20d34a700e232c713123cc3b55ab538261d4f185f5ec532ba8c432a91676c_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-workbench-jupyter-tensorflow-cuda-py312-rhel9@sha256:bcb20d34a700e232c713123cc3b55ab538261d4f185f5ec532ba8c432a91676c_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-tensorflow-rocm-py312-rhel9@sha256:85abac79e8d09b61a9fffb0b5d3fd2a3f9da65bad9573a72cecb878a81357dcf_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-tensorflow-rocm-py312-rhel9@sha256:85abac79e8d09b61a9fffb0b5d3fd2a3f9da65bad9573a72cecb878a81357dcf_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-workbench-jupyter-tensorflow-rocm-py312-rhel9@sha256:85abac79e8d09b61a9fffb0b5d3fd2a3f9da65bad9573a72cecb878a81357dcf_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-trustyai-cpu-py312-rhel9@sha256:992d644dbe23533126eee70cf983e9afdf31efa558b7a435cc08ad3e14923090_arm64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-trustyai-cpu-py312-rhel9@sha256:992d644dbe23533126eee70cf983e9afdf31efa558b7a435cc08ad3e14923090_arm64"
},
"product_reference": "registry.redhat.io/rhoai/odh-workbench-jupyter-trustyai-cpu-py312-rhel9@sha256:992d644dbe23533126eee70cf983e9afdf31efa558b7a435cc08ad3e14923090_arm64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-trustyai-cpu-py312-rhel9@sha256:b14e6b2a5f4b66dacfcd6c336e2a9e057b1d3ce7de902f0090d9a150a8292a84_amd64 as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-trustyai-cpu-py312-rhel9@sha256:b14e6b2a5f4b66dacfcd6c336e2a9e057b1d3ce7de902f0090d9a150a8292a84_amd64"
},
"product_reference": "registry.redhat.io/rhoai/odh-workbench-jupyter-trustyai-cpu-py312-rhel9@sha256:b14e6b2a5f4b66dacfcd6c336e2a9e057b1d3ce7de902f0090d9a150a8292a84_amd64",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhoai/odh-workbench-jupyter-trustyai-cpu-py312-rhel9@sha256:dc4a277cebbdc373534b73a432085d3a4b502e3c189fe75da8f0441ff9d3ce2c_ppc64le as a component of Red Hat OpenShift AI 2.25",
"product_id": "Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-trustyai-cpu-py312-rhel9@sha256:dc4a277cebbdc373534b73a432085d3a4b502e3c189fe75da8f0441ff9d3ce2c_ppc64le"
},
"product_reference": "registry.redhat.io/rhoai/odh-workbench-jupyter-trustyai-cpu-py312-rhel9@sha256:dc4a277cebbdc373534b73a432085d3a4b502e3c189fe75da8f0441ff9d3ce2c_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift AI 2.25"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-12805",
"cwe": {
"id": "CWE-653",
"name": "Improper Isolation or Compartmentalization"
},
"discovery_date": "2025-11-06T13:38:39.035000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:51403d59dbd78a41d75e7545b1e4aabd8d1bc0b2ccaafe529c4f48e1963a2035_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:5ad2b6d2f8d4904a0191fa5ccc18411a786e6579d188489fa12faf9fc068cc9c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:88949919f0aabc891dad1fd98ab58df3a08790765295741a8645f3b5d8a285db_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:a389155782f92006e5bba65e46a895f7cf452686543a14b7b1fa52406f9058cd_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-caikit-nlp-rhel9@sha256:11e5cb6b52e2184b332d632d8d7ad2c6976a034f270274d37b28ce712bd2cc36_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-caikit-nlp-rhel9@sha256:70a961b976ef12b9986a68034d127cb9ba998ff75b64e877f9ee3a10f06f0106_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-caikit-tgis-serving-rhel9@sha256:4c34b2d480f5ebd149fc4a0d1d6091a408cc7f1b258445805a1e4cbef3d7d0d2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-caikit-tgis-serving-rhel9@sha256:81157ed2f613acec8425198f643fc55071792deffce6d9aee3542c8ea07c4d1a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:6331e14388d919390d1af6585eeff151b65ad4c9860745134def57dba26bb97e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:66615f22e0deca10743431636bad74e3ed4fb112dee8d0c3c8f27a380e38ae70_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:24f8d43160dc19c70e41cbbba12f688e1ac84a21077bf932aae7fea2ec24afb5_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:7c4110fe722576a3e8f65c4e6ae155be27e805b43e8ac8ca7ef82f3990a99874_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:8adc9de681e4d883ee9eac8b0fdcd2f2b1a22cb92ce90f8a63d46e30a7e5f61e_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:91389e1c6b30eebfc2f4a5c48bb2d499942b33d89a5419fc1903c180f0087cee_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:873dbf82b3b38ae1518019c143e403bed9dc1ecac199f850edff82b2b0f95231_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:c8fba2ae05c577c06c90364b6d94d92d5470c3150f07c001bbdfed40707220e2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:f7933e6dc10f8169ae87369a3ff62bee34d43d8d1c838f7ae833d0908d54a45d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:36e001b965f7eebd64b872def5c57231de0819469d7a26ea86df744f28c2785a_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:81ce7ecaafd32d352a24ac27dafd6afba1f124f734df7c4fa1864b757759a6bc_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:af3fa2677f47b424b7e8712505ef30e7ead5c445c77bc32360c4ff5c2ea24b93_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:2295017f41d6d273157b8f094074690f49521d3e0680580e26e37a9ab545d6fc_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:3eb5049152b666d5cf4bce10957e8ac31bc0a2e74a846d56f9fa15196108f1c2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:4e4dc115dcb1061785653fcecbd2e81ff6089b62cf9ee0fda10eb87466047e39_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feast-operator-rhel9@sha256:14fde57a474874674cfafad3a508ac5645cd50c12c2a267d0235944a77803640_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feast-operator-rhel9@sha256:81c034b0d7ca5042b273697e7ff6a58c913cc1f9b514df46d44774b6346883a1_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feast-operator-rhel9@sha256:bf6ebf0abb38d3d5787f6e3ddf6e7ec2fd30d36c7607986cd8067b1099cbf571_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feature-server-rhel9@sha256:0ea130b6f98f7addc0128ac96e373dd685556ef1dbc8fa5400683f4b91425940_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feature-server-rhel9@sha256:1e921ff8d31f51a8cf001e62f8ec3d4b999260ac0c6eafcc601d09a4ec4bdf3a_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feature-server-rhel9@sha256:915cb9d745de85847cb147bc34a8c95453bf54cd5c3747fbaefad66bba32b9d9_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:1ac518cbe7ed66f94fa11d48c19e1fc4c4a6972d070ec2e4ce8699c0d33a7c56_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:20c912ccbfe525ee8850e818255cc46549b734b4befda1bc5876f4d46dfa36ae_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:4c5adfffb316f3dd40499fb17c38f761c5b364639cd7cd30a49d7621b4ca4c60_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:6b74c03967d50504a813c8c3c5fa48c7cb30cd09c98bb0bac0b6148d63aebcdc_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:51866ab99ca80fa1090ae4b10254f4c73362c0136187b8459e290be8392e0a1e_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:77715e48401fe876d99dbfcc4c198afdc5c290b7510960896ba1622ed6ca7f79_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:91b8c0b48fa8e0704b6d16b516e08b0fe39614b9b089e1f15102288bf5d60959_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:960ec175b82072a4c88af0ba47f2a9b2a0b15895cf2571c0bb442caee71bc221_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:3b365965099e17509fffd095610bd58e709feb1cf3e35ad118c5a8aa52ff8f12_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7293f49b5919ab43d2e8f6ff3a6dea6c88e34fdfaf2570c43ad221a94c03e8ee_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:a990326e7004c46de55e42f5944d0105b6d04da2dd1ce94d342869407bb98807_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:c73e6521aa644290a8848db4a8953192d3a527843560ca80424a1323133aaea2_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:2a9e4f6b7abbb962922ecdb473ff44902a7b6ef811bdbc08c27db2460dde515d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:a8935624aae93ce1ede521508a9148e8ed0d4ada0c8ccd36c3cfcb3971cb2b29_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:bdc7caa4dfa31d3ab73f6dab5f96af60fc47f8175066eb117bc5bfed1eb6413a_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:d88abafc4a46463442434b6622577fdb3ba938496a50c7afe3af3fbb0b2b091e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:5b2d40d8d71e583e1bb3f374b724b58ee78a04b8c15e3fc13a249adc3b4c37c0_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:8a3021116d34e958681022873a7a249f9331031df1659181a593c9abc48ca697_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:8cfd70b3f0864c54c1bcc0ae9f11337c4570aa2c6ced8140810a997b7a842c93_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:f2c8c8a8198292184c29dc3de0b0d341fca30d42191e5e86caa43eaae46eff7c_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:173c0c8ed96e35def73f92bff784eb332de45924502f04b2d9c7a191581fdbeb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:280c53068de6bd3bad6a5d32dd50f322b8d1f92615097fa15f63188bedfed00d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:584315e5697664ba0a6814033c7bc179bf400aac665627bf1291b83c527ab5d2_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:bd4d9178fa38f29972af15da5dc663f9636c033f10b7503616adbfea78f7f1ad_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:26beb55e89fe94805cad1d718d64000a61ccef6510a360d57af7f4300a25ed49_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:50731e11aab49e36bb9e5cf23b88ac8591c22df1f98a11c9e65ff0e47f8ae2f9_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:509b53d9ccd21683c81b4e42770dc0d90e9c05de5f20df7edf1fa0c7591b8ae2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:fb25360c741915fa13d4b43049d369a7de295a97417e5401382f95701f463935_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:50d35e3e4c759fc9b61934b099d412cf0dee4e491965d4db8c4589ccc68eee49_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:deb42642848d93134455de3ae6a6f3f9378076ef9c038029cb1f302fb29dda07_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:a1b8003cb89c9bf7d51c857b27b53965fa62abb0ce24fb1cda89f34a9d1c2e46_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:a7b50a2e83fb514f43e1887e965e13652396a576785964fe6173babdee638b05_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:cd682edaf2fe812615d6b3d98f6a9b4ff66d57f79169eeb192b0c9c5b05ccba1_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:e440d95feb1bd619c099d1e5460812287c7072d07d9d1e13fd9cbbbf09aceb82_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-core-rhel9@sha256:4f3e402082fd9064ef612b4306ba1da62f7b142d82b0f184b4b6ad65540927a9_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-core-rhel9@sha256:ef279e1fd560d020a552e75c43a762c9b8facc78aae067122f9f37af95652af5_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llm-d-inference-scheduler-rhel9@sha256:b491af7175d76a2633083e737142965ffa27ce91547eacaeb56412e4df811872_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llm-d-inference-scheduler-rhel9@sha256:b6da3e72cb8a8168fc0379d8af5514fac5ddf991b39486e20a700c60e23704a4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llm-d-routing-sidecar-rhel9@sha256:9908cfe2d50b00ee658382256af0a738cb0f719dfb37f5a1cdb5af1ca4500344_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llm-d-routing-sidecar-rhel9@sha256:d60a0e26725789985f6c2b5b0b68cecbe45f27089f5192a6e957caf2f6cdbdb2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:468cd1ec5882a82f2e3d7a0c5634d80bc272908703194e5950e3eebf5b2f6b54_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:80da179d8cc59245c6424ebe7bc4b25fd23bb9c83a71c1d22b3b4ee5d5a7b37a_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:be7d70ba27a9c09b4fb4e6bae222f7e58cb3c813407d5a9dd3219a4a82cb55b0_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:52f55f3225d0f4d0f7ea2017f5138344cf9f206398546ce8e1598764111935a4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:91add789382d1e87ef73f6df4275e0dea8d24330a785c99c5292832341ad5266_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:b9d03b00198d04bee1f7c5f83f90f556c7eab3a462a926d7170bedc7a22b7520_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:67deadc75f0552f04b3815ba81615edfa7909e03b1505cf74c315db6e5a8ca76_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:bef83517710b3137f5004c13870c6af61f4e6c78dc81a7f2cfe2ffa1dd46c524_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:bf7638364b0afc379e25aa8ad6a6f8cc0d6cfc7fbd597831c9537472f9925d98_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:20647b054e2518ebe50745506932e2af1cc247b5e2876e36142cf25b318980fa_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:c3e8c04fad71e76381e05f43d9277f6fd523d9aada895bd0ca20bca48944ff68_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:ebef4624564bb028554772ffafca61c2d74137d453566b7b1c04ac2e3015bb90_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:91aab4a10d8cc1340044c6297ae1bd0a5744c41164a3d83b3bf455a275f9f5cd_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:93436f429cc5fd089a464f22ed51a00505db398fe90c02565c83a6f72f265f45_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:e15c9c336a37dc83afbb1b0a69a9b5dd50ac515f0cde2560a4d00ed6bba7d244_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:ed02fb5e34ac2c6debd735b55af998d453d1cad29a108e924837bdee9b832a08_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f3fbc2fd0ac0b4677fdef170818c25235369103d2123dffb55d3d42bacd76663_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f77a24d488369ffa73ac4275f3b600c149279c0cea6304d3d4333d2d49b5baea_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:01433193ce362a8165862b72f9a095184673a77ae802f125ca18c7aa42ac9333_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:39a05ceaeecda6fa31e5bec7eb2613451db74190d9f466344f6694fa9fb02b5c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:ab93a3d6489d5f64c6193748091c7c07f75cc25ec0a83abcb0605d4919281640_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:45a875b1e295421cfce026f3f02388f0782613fcd4ffa5b3a4f143dc317739b0_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:47c2b0fddc529f3eac61fcf4fec9afe61fd63e711994c72b1d84adf8fa46986e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:21dbe80b1a0ba0f54219f6349737e9647f2f07e4d8c293b8841853ba184cf978_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:41443496092034e0591f625f6bb25fc2da592bc316878426aa286d6b9d8a5f20_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:a17ebde45f294859d21882537c89af095a5893716f965f4866ac2acb307bc4a8_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f632916f22e58f24a4e7a731f62921f13f4c1d0e946f7ac983acbfe671e390b7_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:1c985e860d986a8f7be4fe2afc7176d9a905f187252cdb61206c81cf8389aa45_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:434c592a3457d383532303e4ca608ec7a99a3ae517a00bc3af1d2d80028609fe_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:981a2ea3d88b08e312e521c87dca79497991d7cf66304a279e9ca0a50fec5774_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:d4687faf278546087f07a091d654f5a3723985b28ace8632249a8dd6b81a644f_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:189397a122e85b746a45993fc6e1a4e4f65d748fb92138d2048b88f919a6d5e4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:4eb742df1df9bb754adac6df9ea0c6150da2548d4e4f8df2841815a4ca3ff0fb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:90ea3f8de580cddc460c62e4777dfddb7ec3ec98d22ee1a2ec39766d3f323af3_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:e465a23c2107028933200f1d4286f7183a514237dfb678074f61b0c0ce3b673a_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:1eaaf44444a5c06551ab4ed08d1f63e58bbaf6f99d72cd5e6045dc0e4f784e14_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:994e2cf04a3fac9c9d3002a1e09cb1d7ddc39ace4083efcdf797ff406dbd2480_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:d4d70a9fd8dcea2315b29ea36c085b6a37bd317fb7df6688993f4e7b62a2a47e_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:eadabd1ca3be57aa8e3e92795d8dcd40985e841dc4e164d0ebc4e272b40bac3e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2c0f9298efa8fcae81f129122b8cdf2e2391a7042cf4a9b44faf125b1f0e0f73_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:49944a86d30194982f92a0bba70e02682715bc3bd8ae72fcf855b7509f993496_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:4de60e3690b5cd87a4057b7818f888e2bd97ef5b96b99c4c7dd249c1fff7ca38_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:a977560da71f539a5e7076deb6d374afba36121c877f59e85310895f2045d3ee_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:2be50d667e5c0f2e06e60e4f62d744aea9116332ae728919b7cf7a246b618664_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:419c6ec3e5fea5d957a8e4cd5510995d2f4a6b0537fe94ea82dfebab975a42a2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:723112cb61845745edf0d9ef5354c4845be6fbe5cb11ab3166c17b207130a943_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:bc3041ddf8d7b7b2289cc5e4e1220b600ee0b34a6d3d8a85b8bd3761abea7e0d_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:6c53139b9dfc9dca16c31f9fd78cbb338a79311d42a823b344f9bdefb99733e7_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:d0c2eaa242cedd58d0810f5a326b8dc4ce54a38a8579c5fdfda3bd8e30e74e75_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:c05de2381d517323b0ae164f7b3cf23d9f8c641ea47e2cd0a897224429ed5533_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:f2f82d2a1a33b36097d7bf16fa53cde6baebfcd170def12f75d3da6fe292a78c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:4fe3535468b5d6b49d08056ccd51284887baf1fc4a1cb7e7291057c2cf85f5f2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef5b9e57765b47b45c682075fcd8017f1eff985de28c1baad33617964c006a52_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:16b8ccd7cb2600a2225eee5317bf7250c37f45a7e58a43ffbdaf862e9066f0a0_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:314e3ae61356b86a365bace1060f7cd6013e46ff88dace6bb2b61c281c287827_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:6f96d9a820c7cc7aa4f4b64a6b2910fd37949c9c941620ad274ee015d8276613_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:a4e9cfc29cf740ac5914cca780fa2384646990c043048fa55151ff4f5df00fa2_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:72278a1be67fa3887019782dbbcbfe9399dbb3eb6a02ee1d55010fd7bad464f5_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:8aa7ebdea91590ecfab30e333dc62577a8e873fe014f21628fee904c040da3c6_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:ab51ed9b5aea2919f8a62c0d99c6e3f7defe69056290b3062a636f4a1a8aecc2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:d87a20577e08cbc139f48ab3154cc94b15597c67ff1351899fa4ca59d04bff58_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:fbfd2e7078a290dc240310e34bdf65eaf4b4fec5f6d5440e400b5481960ef448_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-operator-bundle@sha256:241f14acf737b23def38e8ad03707c575ddb20772a20995ee90b55b74c6e5557_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:360b97cfa5cc929c7fd33172eb80f7f71c298335c4271030fa124cc33a6cb1d8_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:7a354b91b17b33b26c57c3b8a90747c31569bb7c40ce473534a5ba5f173d7322_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:88fbe21741f4052b4fb118c652e5f39ae28937e8b60fad930945be8ac3351eec_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:d17199ec02f3f62ed061a5d51d8a9f7497dcade091a7b3c01ad14a781f6e97df_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:00390c9d7dc34d84a819429e0b881e5fae11a659f2dde48689e102c8eddb3fe2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:9414a3f5c38ef2fe7ed73f70bb2cf7c3f271ea75c941bce2561e74b81251c153_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:c35c95fa0511503853770594040357cba04649739f4a61f862f6ac4de8b636eb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:d017ace8b157f711e269dd0a1f073235eaa9f4c58a7ff8fc974ae3d05efb80a6_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-pytorch-cuda-py312-rhel9@sha256:0780f52efa6c68ea2fb6371edfbd8b703157c38911803985bb1a676c84e073b5_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-pytorch-llmcompressor-cuda-py312-rhel9@sha256:a202c9ec6be34c4be1793e4f9f348077f345c450e0fcd04071d5092f266df9b4_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-pytorch-rocm-py312-rhel9@sha256:e18d2d006c8cd4e3d3816540e154f421e7550a96f73901a799c15a5b4fe576db_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-tensorflow-cuda-py312-rhel9@sha256:6e8f2fc28114e00d6f46450f111916b5b4efbdc1cee78596d36cd24baaea0c1c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-tensorflow-cuda-py312-rhel9@sha256:fa2b62d5001452ad077383bc63124f021bbef766fb104203a9a05bba87332d8e_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-tensorflow-rocm-py312-rhel9@sha256:3bdeae6f78230e1d966cf7a3f35ea821c808f40cc4c2abb7af9b1748f5611826_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:16d6fcea2a0d24da26ee5e784d20a5d2af9db6e99e804bf2c6b8c2d88fd41485_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:c16728de5b7bf18f51d480dec3a6b398c738c6bc6e144cb42d3c89bc6ecb9df2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:e6399638e0138333e4493d200bde94039c097773b677a1d0e4d07e81cee9ef00_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:ef1dbf4b3d733bca3f599ef8a3a5173650ef26dd1f422e464d637b41dadb1f1d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:67fce9de4e734d3e32c1cbdc60831ad54fe10d9265333535590d7b154281ead8_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:7a8408dd838cc49f46ddbab416ded7f0e17cdf70fd53c4989aced80735401e23_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:af384a9f034c11f7bb2a4acdf3bcd6087282c1a18b6817a82abed5b8638c6951_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:fb238efd1812752a8ce8b47a9418f71c434d2560e0b06ad2cd8437d64a98498f_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:521682a029cda192fdd8ebde9245c7eba540c8f97bca2cbb3e84189a9897572e_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:616eb0426a428db355c82ef6763290c4e493be44b0b4c5411a55f57e9d0f13aa_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:8dd600e003d1b6395f1406fc31c17f7204ec6cce0e067dac8c2f3cbed4534c49_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:eed2ac205ef82e2534e721cb23e9e4c2e7ceb41dcd3bf98267c2cf987112db19_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-cuda121-torch24-py311-rhel9@sha256:3a8dd739be30f5d682f3a05e4f34644039458dcb630d172548b2bb4b15877ecb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-cuda124-torch25-py311-rhel9@sha256:67731cbfb492941b8711b0c602726070859222026006a43e6c2277355e7a27da_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:2980f5cddc9a58ad489e9e2beca20f1d8c8a75f814be7ce673db003f0e6de579_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:77a27c980f9882272734739b5f6a8635e1acd303a4ca69a5635add956a4fe89f_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:bcebd560c77cf1a02e70a26fda256d1af078d7aafe57fed52c96b699f7381876_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-rocm62-torch24-py311-rhel9@sha256:2c412361f470d93c05cb1bf0f38380b31cac8f48b21983c9709b9f6edd0ad5e1_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-rocm62-torch25-py311-rhel9@sha256:96cfb8aa1789dac69f6f6e91d66073f2757a04329c5b9ff4be6d506f370f5d5d_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:4c61c28b243a1e6d0f765fd37281f5e7abbb85fd2f09b5a1963aedf3b359fb9a_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:9b24fa0cbf418b4531a5c57eb302a4235bcc15008727a857b63b8a9a54315e08_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:c0558782a9ce1fcd3530aaa0e83f330f15c7e76f5543876fe72c420bfe970d59_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:d0549a90f03c87bb0d2e811123b56f71caee1df38ea8016a6338cba3b0a060c5_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:74f401ef1af1ee81c4f09de1c2874e9b1a9667c847e01a09b224f6e6628f3860_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:7ab2029ebe7ade1697ad33ab5ec7552eff355cb09d2fcbcc0fee938c39c5eb98_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:8ee4bfb7fbb1e28c1678f2471c1eec5451f4833a4c6c7c791a08c4872c330137_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:a5f954cd1f5e59220266e5aad4446d5cc923253606b2c3a4ce303d74a6885604_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:5957a6eee180b64492d9203571a0466c0da23cd275f1778927dd94a54f27b93b_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:75a6fdf619836b3da7198a2d6588cf8d8f895b8db7507318370c316d37616df8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:90c886f732e038e7c7394d490dbb0d5e69433cdb2b020bea26d26e02fb1ea30e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:b5fe5f528b0a9c8fb45beba3a4b4fccdf132285febc41291fdc5f9d648098b60_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:2e62aca12b975fa68c15bf7a4f7cde9c45f4843e2b464646832cda8e1787e952_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:d2ce36d1f2d19fef64320af65a24fe313432ccd8f0fbf205f981fdba5a4e6bc3_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cuda-rhel9@sha256:1e8b4f9fdc32213a45824c441171218fd4814ff5ea718b31fc0f74d9322f1a3f_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cuda-rhel9@sha256:78ccc2cef82e18943e3d9f3433597a77c3430814ab9f042c5b2a9e907049f8de_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-gaudi-rhel9@sha256:a2d2b3da2877d3857b6e4dd3685ae12631b847fb4daf7a56234a4655e45cde0f_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-rocm-rhel9@sha256:7cf5a595faf09636baa94db52be028d4d4d1e2be0fc4748d276719387b2de3b4_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-codeserver-datascience-cpu-py312-rhel9@sha256:012089e186f66a139d3dbab861f2c88e18c7953b81381872fb5ccf78465ab641_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-codeserver-datascience-cpu-py312-rhel9@sha256:2b6b580b98ece481ae56d3106d1f555502482e158747dbfa696f5b8b01e69732_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-codeserver-datascience-cpu-py312-rhel9@sha256:b1ae091d2676b195a4fe49130d26d28bb1ecd6b346533ebfafd04e438d9787a3_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:6061305164604c2715095f95b8a5ffad2acebb8e7e9db1483c7f9305626f396e_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:62a04dfef095c14dcf8ae37af42f49ad410d0525eb47c509d53c0469cdf09b8c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:8f3cfa79c68587c251805f01acc84a6a24bc08505a7548a9b3aebc8f58ed8a25_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:b15df9b9947b193cf648102945059587d5f56353b3a2f97e148ec30c34ec3953_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:267b5f0d8edc1ffa3cb8f069fd83483712c17de02d0d8568cd9bda0b2389ebf0_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:300d59e66dee9bfc24d53cc14428c1fd95ea714e34a1b75b1317bd5a7f182150_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:7ea4b2d6a2da83adf6680f65621575c4cae8ac246d52c6a59c1bebc6d7c73295_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:ccb50d7b1baa491283897be4f3c2a4bf9d8e3d2e7aa6fb3b18874abe9d43ea44_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cuda-py312-rhel9@sha256:0a10e0df52a41f7ca9053f3292befde92ab9e1c2965bc3a2bdbe51eaeb5b8e48_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cuda-py312-rhel9@sha256:47ebda63b857cae1475cb195d372db7a7a4ee729d286e1da386bdf5972d81482_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-rocm-py312-rhel9@sha256:158c783d59cdbdb9028c4dd760632edd7295330b5dcebbe0017bff4089635c3a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-pytorch-cuda-py312-rhel9@sha256:fbe346eafcfbb867f595cbad5ea0190fabbabc61ad80a4be2265e0e2b0149f68_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-pytorch-llmcompressor-cuda-py312-rhel9@sha256:fec8bf2d539fd00df8854a723bae98b7e173c43153c3132ba459bc0e9a86ae35_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-pytorch-rocm-py312-rhel9@sha256:b19482e4008ac03a39b432fb3056bb1ab372ef1617df5bbfe784bc2910b6827a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-tensorflow-cuda-py312-rhel9@sha256:1213d9e9a56ec3fddb887082d95c2ac168876eee8592aba265aeadd7ffad3898_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-tensorflow-cuda-py312-rhel9@sha256:bcb20d34a700e232c713123cc3b55ab538261d4f185f5ec532ba8c432a91676c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-tensorflow-rocm-py312-rhel9@sha256:85abac79e8d09b61a9fffb0b5d3fd2a3f9da65bad9573a72cecb878a81357dcf_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-trustyai-cpu-py312-rhel9@sha256:992d644dbe23533126eee70cf983e9afdf31efa558b7a435cc08ad3e14923090_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-trustyai-cpu-py312-rhel9@sha256:b14e6b2a5f4b66dacfcd6c336e2a9e057b1d3ce7de902f0090d9a150a8292a84_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-trustyai-cpu-py312-rhel9@sha256:dc4a277cebbdc373534b73a432085d3a4b502e3c189fe75da8f0441ff9d3ce2c_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2413101"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Red Hat OpenShift AI (RHOAI) llama-stack-operator. This vulnerability allows unauthorized access to Llama Stack services deployed in other namespaces via direct network requests, because no NetworkPolicy restricts access to the llama-stack service endpoint. As a result, a user in one namespace can access another user\u2019s Llama Stack instance and potentially view or manipulate sensitive data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "llama-stack-k8s-operator: Llama Stack service exposed across namespaces due to missing NetworkPolicy",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an IMPORTANT flaw in Red Hat OpenShift AI (RHOAI). The `llama-stack-operator` fails to implement a `NetworkPolicy`, enabling unauthorized access to Llama Stack services across different namespaces. This allows users to potentially view or manipulate sensitive data belonging to other users within the same RHOAI instance.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:c0d95dfbae20e87113ffb81026d379bb63ad300447df98b27d1bf9a83b084744_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:fa16b7eff701a70f7548fdcd6cfe1f691c70f61031ffd62b9af12921e21e831e_amd64"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:51403d59dbd78a41d75e7545b1e4aabd8d1bc0b2ccaafe529c4f48e1963a2035_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:5ad2b6d2f8d4904a0191fa5ccc18411a786e6579d188489fa12faf9fc068cc9c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:88949919f0aabc891dad1fd98ab58df3a08790765295741a8645f3b5d8a285db_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:a389155782f92006e5bba65e46a895f7cf452686543a14b7b1fa52406f9058cd_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-caikit-nlp-rhel9@sha256:11e5cb6b52e2184b332d632d8d7ad2c6976a034f270274d37b28ce712bd2cc36_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-caikit-nlp-rhel9@sha256:70a961b976ef12b9986a68034d127cb9ba998ff75b64e877f9ee3a10f06f0106_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-caikit-tgis-serving-rhel9@sha256:4c34b2d480f5ebd149fc4a0d1d6091a408cc7f1b258445805a1e4cbef3d7d0d2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-caikit-tgis-serving-rhel9@sha256:81157ed2f613acec8425198f643fc55071792deffce6d9aee3542c8ea07c4d1a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:6331e14388d919390d1af6585eeff151b65ad4c9860745134def57dba26bb97e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:66615f22e0deca10743431636bad74e3ed4fb112dee8d0c3c8f27a380e38ae70_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:24f8d43160dc19c70e41cbbba12f688e1ac84a21077bf932aae7fea2ec24afb5_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:7c4110fe722576a3e8f65c4e6ae155be27e805b43e8ac8ca7ef82f3990a99874_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:8adc9de681e4d883ee9eac8b0fdcd2f2b1a22cb92ce90f8a63d46e30a7e5f61e_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:91389e1c6b30eebfc2f4a5c48bb2d499942b33d89a5419fc1903c180f0087cee_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:873dbf82b3b38ae1518019c143e403bed9dc1ecac199f850edff82b2b0f95231_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:c8fba2ae05c577c06c90364b6d94d92d5470c3150f07c001bbdfed40707220e2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:f7933e6dc10f8169ae87369a3ff62bee34d43d8d1c838f7ae833d0908d54a45d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:36e001b965f7eebd64b872def5c57231de0819469d7a26ea86df744f28c2785a_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:81ce7ecaafd32d352a24ac27dafd6afba1f124f734df7c4fa1864b757759a6bc_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:af3fa2677f47b424b7e8712505ef30e7ead5c445c77bc32360c4ff5c2ea24b93_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:2295017f41d6d273157b8f094074690f49521d3e0680580e26e37a9ab545d6fc_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:3eb5049152b666d5cf4bce10957e8ac31bc0a2e74a846d56f9fa15196108f1c2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:4e4dc115dcb1061785653fcecbd2e81ff6089b62cf9ee0fda10eb87466047e39_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feast-operator-rhel9@sha256:14fde57a474874674cfafad3a508ac5645cd50c12c2a267d0235944a77803640_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feast-operator-rhel9@sha256:81c034b0d7ca5042b273697e7ff6a58c913cc1f9b514df46d44774b6346883a1_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feast-operator-rhel9@sha256:bf6ebf0abb38d3d5787f6e3ddf6e7ec2fd30d36c7607986cd8067b1099cbf571_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feature-server-rhel9@sha256:0ea130b6f98f7addc0128ac96e373dd685556ef1dbc8fa5400683f4b91425940_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feature-server-rhel9@sha256:1e921ff8d31f51a8cf001e62f8ec3d4b999260ac0c6eafcc601d09a4ec4bdf3a_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feature-server-rhel9@sha256:915cb9d745de85847cb147bc34a8c95453bf54cd5c3747fbaefad66bba32b9d9_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:1ac518cbe7ed66f94fa11d48c19e1fc4c4a6972d070ec2e4ce8699c0d33a7c56_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:20c912ccbfe525ee8850e818255cc46549b734b4befda1bc5876f4d46dfa36ae_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:4c5adfffb316f3dd40499fb17c38f761c5b364639cd7cd30a49d7621b4ca4c60_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:6b74c03967d50504a813c8c3c5fa48c7cb30cd09c98bb0bac0b6148d63aebcdc_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:51866ab99ca80fa1090ae4b10254f4c73362c0136187b8459e290be8392e0a1e_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:77715e48401fe876d99dbfcc4c198afdc5c290b7510960896ba1622ed6ca7f79_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:91b8c0b48fa8e0704b6d16b516e08b0fe39614b9b089e1f15102288bf5d60959_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:960ec175b82072a4c88af0ba47f2a9b2a0b15895cf2571c0bb442caee71bc221_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:3b365965099e17509fffd095610bd58e709feb1cf3e35ad118c5a8aa52ff8f12_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7293f49b5919ab43d2e8f6ff3a6dea6c88e34fdfaf2570c43ad221a94c03e8ee_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:a990326e7004c46de55e42f5944d0105b6d04da2dd1ce94d342869407bb98807_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:c73e6521aa644290a8848db4a8953192d3a527843560ca80424a1323133aaea2_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:2a9e4f6b7abbb962922ecdb473ff44902a7b6ef811bdbc08c27db2460dde515d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:a8935624aae93ce1ede521508a9148e8ed0d4ada0c8ccd36c3cfcb3971cb2b29_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:bdc7caa4dfa31d3ab73f6dab5f96af60fc47f8175066eb117bc5bfed1eb6413a_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:d88abafc4a46463442434b6622577fdb3ba938496a50c7afe3af3fbb0b2b091e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:5b2d40d8d71e583e1bb3f374b724b58ee78a04b8c15e3fc13a249adc3b4c37c0_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:8a3021116d34e958681022873a7a249f9331031df1659181a593c9abc48ca697_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:8cfd70b3f0864c54c1bcc0ae9f11337c4570aa2c6ced8140810a997b7a842c93_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:f2c8c8a8198292184c29dc3de0b0d341fca30d42191e5e86caa43eaae46eff7c_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:173c0c8ed96e35def73f92bff784eb332de45924502f04b2d9c7a191581fdbeb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:280c53068de6bd3bad6a5d32dd50f322b8d1f92615097fa15f63188bedfed00d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:584315e5697664ba0a6814033c7bc179bf400aac665627bf1291b83c527ab5d2_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:bd4d9178fa38f29972af15da5dc663f9636c033f10b7503616adbfea78f7f1ad_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:26beb55e89fe94805cad1d718d64000a61ccef6510a360d57af7f4300a25ed49_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:50731e11aab49e36bb9e5cf23b88ac8591c22df1f98a11c9e65ff0e47f8ae2f9_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:509b53d9ccd21683c81b4e42770dc0d90e9c05de5f20df7edf1fa0c7591b8ae2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:fb25360c741915fa13d4b43049d369a7de295a97417e5401382f95701f463935_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:50d35e3e4c759fc9b61934b099d412cf0dee4e491965d4db8c4589ccc68eee49_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:deb42642848d93134455de3ae6a6f3f9378076ef9c038029cb1f302fb29dda07_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:a1b8003cb89c9bf7d51c857b27b53965fa62abb0ce24fb1cda89f34a9d1c2e46_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:a7b50a2e83fb514f43e1887e965e13652396a576785964fe6173babdee638b05_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:cd682edaf2fe812615d6b3d98f6a9b4ff66d57f79169eeb192b0c9c5b05ccba1_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:e440d95feb1bd619c099d1e5460812287c7072d07d9d1e13fd9cbbbf09aceb82_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-core-rhel9@sha256:4f3e402082fd9064ef612b4306ba1da62f7b142d82b0f184b4b6ad65540927a9_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-core-rhel9@sha256:ef279e1fd560d020a552e75c43a762c9b8facc78aae067122f9f37af95652af5_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llm-d-inference-scheduler-rhel9@sha256:b491af7175d76a2633083e737142965ffa27ce91547eacaeb56412e4df811872_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llm-d-inference-scheduler-rhel9@sha256:b6da3e72cb8a8168fc0379d8af5514fac5ddf991b39486e20a700c60e23704a4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llm-d-routing-sidecar-rhel9@sha256:9908cfe2d50b00ee658382256af0a738cb0f719dfb37f5a1cdb5af1ca4500344_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llm-d-routing-sidecar-rhel9@sha256:d60a0e26725789985f6c2b5b0b68cecbe45f27089f5192a6e957caf2f6cdbdb2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:468cd1ec5882a82f2e3d7a0c5634d80bc272908703194e5950e3eebf5b2f6b54_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:80da179d8cc59245c6424ebe7bc4b25fd23bb9c83a71c1d22b3b4ee5d5a7b37a_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:be7d70ba27a9c09b4fb4e6bae222f7e58cb3c813407d5a9dd3219a4a82cb55b0_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:52f55f3225d0f4d0f7ea2017f5138344cf9f206398546ce8e1598764111935a4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:91add789382d1e87ef73f6df4275e0dea8d24330a785c99c5292832341ad5266_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:b9d03b00198d04bee1f7c5f83f90f556c7eab3a462a926d7170bedc7a22b7520_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:67deadc75f0552f04b3815ba81615edfa7909e03b1505cf74c315db6e5a8ca76_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:bef83517710b3137f5004c13870c6af61f4e6c78dc81a7f2cfe2ffa1dd46c524_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:bf7638364b0afc379e25aa8ad6a6f8cc0d6cfc7fbd597831c9537472f9925d98_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:20647b054e2518ebe50745506932e2af1cc247b5e2876e36142cf25b318980fa_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:c3e8c04fad71e76381e05f43d9277f6fd523d9aada895bd0ca20bca48944ff68_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:ebef4624564bb028554772ffafca61c2d74137d453566b7b1c04ac2e3015bb90_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:91aab4a10d8cc1340044c6297ae1bd0a5744c41164a3d83b3bf455a275f9f5cd_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:93436f429cc5fd089a464f22ed51a00505db398fe90c02565c83a6f72f265f45_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:e15c9c336a37dc83afbb1b0a69a9b5dd50ac515f0cde2560a4d00ed6bba7d244_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:ed02fb5e34ac2c6debd735b55af998d453d1cad29a108e924837bdee9b832a08_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f3fbc2fd0ac0b4677fdef170818c25235369103d2123dffb55d3d42bacd76663_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f77a24d488369ffa73ac4275f3b600c149279c0cea6304d3d4333d2d49b5baea_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:01433193ce362a8165862b72f9a095184673a77ae802f125ca18c7aa42ac9333_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:39a05ceaeecda6fa31e5bec7eb2613451db74190d9f466344f6694fa9fb02b5c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:ab93a3d6489d5f64c6193748091c7c07f75cc25ec0a83abcb0605d4919281640_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:45a875b1e295421cfce026f3f02388f0782613fcd4ffa5b3a4f143dc317739b0_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:47c2b0fddc529f3eac61fcf4fec9afe61fd63e711994c72b1d84adf8fa46986e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:21dbe80b1a0ba0f54219f6349737e9647f2f07e4d8c293b8841853ba184cf978_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:41443496092034e0591f625f6bb25fc2da592bc316878426aa286d6b9d8a5f20_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:a17ebde45f294859d21882537c89af095a5893716f965f4866ac2acb307bc4a8_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f632916f22e58f24a4e7a731f62921f13f4c1d0e946f7ac983acbfe671e390b7_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:1c985e860d986a8f7be4fe2afc7176d9a905f187252cdb61206c81cf8389aa45_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:434c592a3457d383532303e4ca608ec7a99a3ae517a00bc3af1d2d80028609fe_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:981a2ea3d88b08e312e521c87dca79497991d7cf66304a279e9ca0a50fec5774_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:d4687faf278546087f07a091d654f5a3723985b28ace8632249a8dd6b81a644f_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:189397a122e85b746a45993fc6e1a4e4f65d748fb92138d2048b88f919a6d5e4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:4eb742df1df9bb754adac6df9ea0c6150da2548d4e4f8df2841815a4ca3ff0fb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:90ea3f8de580cddc460c62e4777dfddb7ec3ec98d22ee1a2ec39766d3f323af3_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:e465a23c2107028933200f1d4286f7183a514237dfb678074f61b0c0ce3b673a_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:1eaaf44444a5c06551ab4ed08d1f63e58bbaf6f99d72cd5e6045dc0e4f784e14_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:994e2cf04a3fac9c9d3002a1e09cb1d7ddc39ace4083efcdf797ff406dbd2480_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:d4d70a9fd8dcea2315b29ea36c085b6a37bd317fb7df6688993f4e7b62a2a47e_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:eadabd1ca3be57aa8e3e92795d8dcd40985e841dc4e164d0ebc4e272b40bac3e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2c0f9298efa8fcae81f129122b8cdf2e2391a7042cf4a9b44faf125b1f0e0f73_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:49944a86d30194982f92a0bba70e02682715bc3bd8ae72fcf855b7509f993496_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:4de60e3690b5cd87a4057b7818f888e2bd97ef5b96b99c4c7dd249c1fff7ca38_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:a977560da71f539a5e7076deb6d374afba36121c877f59e85310895f2045d3ee_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:2be50d667e5c0f2e06e60e4f62d744aea9116332ae728919b7cf7a246b618664_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:419c6ec3e5fea5d957a8e4cd5510995d2f4a6b0537fe94ea82dfebab975a42a2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:723112cb61845745edf0d9ef5354c4845be6fbe5cb11ab3166c17b207130a943_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:bc3041ddf8d7b7b2289cc5e4e1220b600ee0b34a6d3d8a85b8bd3761abea7e0d_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:6c53139b9dfc9dca16c31f9fd78cbb338a79311d42a823b344f9bdefb99733e7_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:d0c2eaa242cedd58d0810f5a326b8dc4ce54a38a8579c5fdfda3bd8e30e74e75_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:c05de2381d517323b0ae164f7b3cf23d9f8c641ea47e2cd0a897224429ed5533_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:f2f82d2a1a33b36097d7bf16fa53cde6baebfcd170def12f75d3da6fe292a78c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:4fe3535468b5d6b49d08056ccd51284887baf1fc4a1cb7e7291057c2cf85f5f2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef5b9e57765b47b45c682075fcd8017f1eff985de28c1baad33617964c006a52_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:16b8ccd7cb2600a2225eee5317bf7250c37f45a7e58a43ffbdaf862e9066f0a0_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:314e3ae61356b86a365bace1060f7cd6013e46ff88dace6bb2b61c281c287827_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:6f96d9a820c7cc7aa4f4b64a6b2910fd37949c9c941620ad274ee015d8276613_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:a4e9cfc29cf740ac5914cca780fa2384646990c043048fa55151ff4f5df00fa2_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:72278a1be67fa3887019782dbbcbfe9399dbb3eb6a02ee1d55010fd7bad464f5_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:8aa7ebdea91590ecfab30e333dc62577a8e873fe014f21628fee904c040da3c6_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:ab51ed9b5aea2919f8a62c0d99c6e3f7defe69056290b3062a636f4a1a8aecc2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:d87a20577e08cbc139f48ab3154cc94b15597c67ff1351899fa4ca59d04bff58_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:fbfd2e7078a290dc240310e34bdf65eaf4b4fec5f6d5440e400b5481960ef448_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-operator-bundle@sha256:241f14acf737b23def38e8ad03707c575ddb20772a20995ee90b55b74c6e5557_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:360b97cfa5cc929c7fd33172eb80f7f71c298335c4271030fa124cc33a6cb1d8_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:7a354b91b17b33b26c57c3b8a90747c31569bb7c40ce473534a5ba5f173d7322_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:88fbe21741f4052b4fb118c652e5f39ae28937e8b60fad930945be8ac3351eec_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:d17199ec02f3f62ed061a5d51d8a9f7497dcade091a7b3c01ad14a781f6e97df_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:00390c9d7dc34d84a819429e0b881e5fae11a659f2dde48689e102c8eddb3fe2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:9414a3f5c38ef2fe7ed73f70bb2cf7c3f271ea75c941bce2561e74b81251c153_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:c35c95fa0511503853770594040357cba04649739f4a61f862f6ac4de8b636eb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:d017ace8b157f711e269dd0a1f073235eaa9f4c58a7ff8fc974ae3d05efb80a6_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-pytorch-cuda-py312-rhel9@sha256:0780f52efa6c68ea2fb6371edfbd8b703157c38911803985bb1a676c84e073b5_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-pytorch-llmcompressor-cuda-py312-rhel9@sha256:a202c9ec6be34c4be1793e4f9f348077f345c450e0fcd04071d5092f266df9b4_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-pytorch-rocm-py312-rhel9@sha256:e18d2d006c8cd4e3d3816540e154f421e7550a96f73901a799c15a5b4fe576db_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-tensorflow-cuda-py312-rhel9@sha256:6e8f2fc28114e00d6f46450f111916b5b4efbdc1cee78596d36cd24baaea0c1c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-tensorflow-cuda-py312-rhel9@sha256:fa2b62d5001452ad077383bc63124f021bbef766fb104203a9a05bba87332d8e_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-tensorflow-rocm-py312-rhel9@sha256:3bdeae6f78230e1d966cf7a3f35ea821c808f40cc4c2abb7af9b1748f5611826_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:16d6fcea2a0d24da26ee5e784d20a5d2af9db6e99e804bf2c6b8c2d88fd41485_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:c16728de5b7bf18f51d480dec3a6b398c738c6bc6e144cb42d3c89bc6ecb9df2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:e6399638e0138333e4493d200bde94039c097773b677a1d0e4d07e81cee9ef00_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:ef1dbf4b3d733bca3f599ef8a3a5173650ef26dd1f422e464d637b41dadb1f1d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:67fce9de4e734d3e32c1cbdc60831ad54fe10d9265333535590d7b154281ead8_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:7a8408dd838cc49f46ddbab416ded7f0e17cdf70fd53c4989aced80735401e23_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:af384a9f034c11f7bb2a4acdf3bcd6087282c1a18b6817a82abed5b8638c6951_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:fb238efd1812752a8ce8b47a9418f71c434d2560e0b06ad2cd8437d64a98498f_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:521682a029cda192fdd8ebde9245c7eba540c8f97bca2cbb3e84189a9897572e_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:616eb0426a428db355c82ef6763290c4e493be44b0b4c5411a55f57e9d0f13aa_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:8dd600e003d1b6395f1406fc31c17f7204ec6cce0e067dac8c2f3cbed4534c49_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:eed2ac205ef82e2534e721cb23e9e4c2e7ceb41dcd3bf98267c2cf987112db19_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-cuda121-torch24-py311-rhel9@sha256:3a8dd739be30f5d682f3a05e4f34644039458dcb630d172548b2bb4b15877ecb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-cuda124-torch25-py311-rhel9@sha256:67731cbfb492941b8711b0c602726070859222026006a43e6c2277355e7a27da_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:2980f5cddc9a58ad489e9e2beca20f1d8c8a75f814be7ce673db003f0e6de579_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:77a27c980f9882272734739b5f6a8635e1acd303a4ca69a5635add956a4fe89f_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:bcebd560c77cf1a02e70a26fda256d1af078d7aafe57fed52c96b699f7381876_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-rocm62-torch24-py311-rhel9@sha256:2c412361f470d93c05cb1bf0f38380b31cac8f48b21983c9709b9f6edd0ad5e1_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-rocm62-torch25-py311-rhel9@sha256:96cfb8aa1789dac69f6f6e91d66073f2757a04329c5b9ff4be6d506f370f5d5d_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:4c61c28b243a1e6d0f765fd37281f5e7abbb85fd2f09b5a1963aedf3b359fb9a_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:9b24fa0cbf418b4531a5c57eb302a4235bcc15008727a857b63b8a9a54315e08_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:c0558782a9ce1fcd3530aaa0e83f330f15c7e76f5543876fe72c420bfe970d59_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:d0549a90f03c87bb0d2e811123b56f71caee1df38ea8016a6338cba3b0a060c5_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:74f401ef1af1ee81c4f09de1c2874e9b1a9667c847e01a09b224f6e6628f3860_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:7ab2029ebe7ade1697ad33ab5ec7552eff355cb09d2fcbcc0fee938c39c5eb98_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:8ee4bfb7fbb1e28c1678f2471c1eec5451f4833a4c6c7c791a08c4872c330137_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:a5f954cd1f5e59220266e5aad4446d5cc923253606b2c3a4ce303d74a6885604_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:5957a6eee180b64492d9203571a0466c0da23cd275f1778927dd94a54f27b93b_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:75a6fdf619836b3da7198a2d6588cf8d8f895b8db7507318370c316d37616df8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:90c886f732e038e7c7394d490dbb0d5e69433cdb2b020bea26d26e02fb1ea30e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:b5fe5f528b0a9c8fb45beba3a4b4fccdf132285febc41291fdc5f9d648098b60_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:2e62aca12b975fa68c15bf7a4f7cde9c45f4843e2b464646832cda8e1787e952_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:d2ce36d1f2d19fef64320af65a24fe313432ccd8f0fbf205f981fdba5a4e6bc3_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cuda-rhel9@sha256:1e8b4f9fdc32213a45824c441171218fd4814ff5ea718b31fc0f74d9322f1a3f_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cuda-rhel9@sha256:78ccc2cef82e18943e3d9f3433597a77c3430814ab9f042c5b2a9e907049f8de_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-gaudi-rhel9@sha256:a2d2b3da2877d3857b6e4dd3685ae12631b847fb4daf7a56234a4655e45cde0f_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-rocm-rhel9@sha256:7cf5a595faf09636baa94db52be028d4d4d1e2be0fc4748d276719387b2de3b4_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-codeserver-datascience-cpu-py312-rhel9@sha256:012089e186f66a139d3dbab861f2c88e18c7953b81381872fb5ccf78465ab641_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-codeserver-datascience-cpu-py312-rhel9@sha256:2b6b580b98ece481ae56d3106d1f555502482e158747dbfa696f5b8b01e69732_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-codeserver-datascience-cpu-py312-rhel9@sha256:b1ae091d2676b195a4fe49130d26d28bb1ecd6b346533ebfafd04e438d9787a3_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:6061305164604c2715095f95b8a5ffad2acebb8e7e9db1483c7f9305626f396e_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:62a04dfef095c14dcf8ae37af42f49ad410d0525eb47c509d53c0469cdf09b8c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:8f3cfa79c68587c251805f01acc84a6a24bc08505a7548a9b3aebc8f58ed8a25_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:b15df9b9947b193cf648102945059587d5f56353b3a2f97e148ec30c34ec3953_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:267b5f0d8edc1ffa3cb8f069fd83483712c17de02d0d8568cd9bda0b2389ebf0_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:300d59e66dee9bfc24d53cc14428c1fd95ea714e34a1b75b1317bd5a7f182150_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:7ea4b2d6a2da83adf6680f65621575c4cae8ac246d52c6a59c1bebc6d7c73295_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:ccb50d7b1baa491283897be4f3c2a4bf9d8e3d2e7aa6fb3b18874abe9d43ea44_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cuda-py312-rhel9@sha256:0a10e0df52a41f7ca9053f3292befde92ab9e1c2965bc3a2bdbe51eaeb5b8e48_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cuda-py312-rhel9@sha256:47ebda63b857cae1475cb195d372db7a7a4ee729d286e1da386bdf5972d81482_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-rocm-py312-rhel9@sha256:158c783d59cdbdb9028c4dd760632edd7295330b5dcebbe0017bff4089635c3a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-pytorch-cuda-py312-rhel9@sha256:fbe346eafcfbb867f595cbad5ea0190fabbabc61ad80a4be2265e0e2b0149f68_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-pytorch-llmcompressor-cuda-py312-rhel9@sha256:fec8bf2d539fd00df8854a723bae98b7e173c43153c3132ba459bc0e9a86ae35_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-pytorch-rocm-py312-rhel9@sha256:b19482e4008ac03a39b432fb3056bb1ab372ef1617df5bbfe784bc2910b6827a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-tensorflow-cuda-py312-rhel9@sha256:1213d9e9a56ec3fddb887082d95c2ac168876eee8592aba265aeadd7ffad3898_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-tensorflow-cuda-py312-rhel9@sha256:bcb20d34a700e232c713123cc3b55ab538261d4f185f5ec532ba8c432a91676c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-tensorflow-rocm-py312-rhel9@sha256:85abac79e8d09b61a9fffb0b5d3fd2a3f9da65bad9573a72cecb878a81357dcf_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-trustyai-cpu-py312-rhel9@sha256:992d644dbe23533126eee70cf983e9afdf31efa558b7a435cc08ad3e14923090_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-trustyai-cpu-py312-rhel9@sha256:b14e6b2a5f4b66dacfcd6c336e2a9e057b1d3ce7de902f0090d9a150a8292a84_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-trustyai-cpu-py312-rhel9@sha256:dc4a277cebbdc373534b73a432085d3a4b502e3c189fe75da8f0441ff9d3ce2c_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-12805"
},
{
"category": "external",
"summary": "RHBZ#2413101",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413101"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-12805",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12805"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-12805",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12805"
}
],
"release_date": "2025-12-31T23:59:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-05T13:38:32+00:00",
"details": "For Red Hat OpenShift AI 2.25.2 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.redhat.com/en/documentation/red_hat_openshift_ai/",
"product_ids": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:c0d95dfbae20e87113ffb81026d379bb63ad300447df98b27d1bf9a83b084744_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:fa16b7eff701a70f7548fdcd6cfe1f691c70f61031ffd62b9af12921e21e831e_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2106"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:51403d59dbd78a41d75e7545b1e4aabd8d1bc0b2ccaafe529c4f48e1963a2035_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:5ad2b6d2f8d4904a0191fa5ccc18411a786e6579d188489fa12faf9fc068cc9c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:88949919f0aabc891dad1fd98ab58df3a08790765295741a8645f3b5d8a285db_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:a389155782f92006e5bba65e46a895f7cf452686543a14b7b1fa52406f9058cd_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-caikit-nlp-rhel9@sha256:11e5cb6b52e2184b332d632d8d7ad2c6976a034f270274d37b28ce712bd2cc36_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-caikit-nlp-rhel9@sha256:70a961b976ef12b9986a68034d127cb9ba998ff75b64e877f9ee3a10f06f0106_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-caikit-tgis-serving-rhel9@sha256:4c34b2d480f5ebd149fc4a0d1d6091a408cc7f1b258445805a1e4cbef3d7d0d2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-caikit-tgis-serving-rhel9@sha256:81157ed2f613acec8425198f643fc55071792deffce6d9aee3542c8ea07c4d1a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:6331e14388d919390d1af6585eeff151b65ad4c9860745134def57dba26bb97e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:66615f22e0deca10743431636bad74e3ed4fb112dee8d0c3c8f27a380e38ae70_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:24f8d43160dc19c70e41cbbba12f688e1ac84a21077bf932aae7fea2ec24afb5_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:7c4110fe722576a3e8f65c4e6ae155be27e805b43e8ac8ca7ef82f3990a99874_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:8adc9de681e4d883ee9eac8b0fdcd2f2b1a22cb92ce90f8a63d46e30a7e5f61e_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:91389e1c6b30eebfc2f4a5c48bb2d499942b33d89a5419fc1903c180f0087cee_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:873dbf82b3b38ae1518019c143e403bed9dc1ecac199f850edff82b2b0f95231_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:c8fba2ae05c577c06c90364b6d94d92d5470c3150f07c001bbdfed40707220e2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:f7933e6dc10f8169ae87369a3ff62bee34d43d8d1c838f7ae833d0908d54a45d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:36e001b965f7eebd64b872def5c57231de0819469d7a26ea86df744f28c2785a_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:81ce7ecaafd32d352a24ac27dafd6afba1f124f734df7c4fa1864b757759a6bc_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:af3fa2677f47b424b7e8712505ef30e7ead5c445c77bc32360c4ff5c2ea24b93_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:2295017f41d6d273157b8f094074690f49521d3e0680580e26e37a9ab545d6fc_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:3eb5049152b666d5cf4bce10957e8ac31bc0a2e74a846d56f9fa15196108f1c2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:4e4dc115dcb1061785653fcecbd2e81ff6089b62cf9ee0fda10eb87466047e39_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feast-operator-rhel9@sha256:14fde57a474874674cfafad3a508ac5645cd50c12c2a267d0235944a77803640_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feast-operator-rhel9@sha256:81c034b0d7ca5042b273697e7ff6a58c913cc1f9b514df46d44774b6346883a1_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feast-operator-rhel9@sha256:bf6ebf0abb38d3d5787f6e3ddf6e7ec2fd30d36c7607986cd8067b1099cbf571_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feature-server-rhel9@sha256:0ea130b6f98f7addc0128ac96e373dd685556ef1dbc8fa5400683f4b91425940_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feature-server-rhel9@sha256:1e921ff8d31f51a8cf001e62f8ec3d4b999260ac0c6eafcc601d09a4ec4bdf3a_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feature-server-rhel9@sha256:915cb9d745de85847cb147bc34a8c95453bf54cd5c3747fbaefad66bba32b9d9_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:1ac518cbe7ed66f94fa11d48c19e1fc4c4a6972d070ec2e4ce8699c0d33a7c56_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:20c912ccbfe525ee8850e818255cc46549b734b4befda1bc5876f4d46dfa36ae_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:4c5adfffb316f3dd40499fb17c38f761c5b364639cd7cd30a49d7621b4ca4c60_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:6b74c03967d50504a813c8c3c5fa48c7cb30cd09c98bb0bac0b6148d63aebcdc_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:51866ab99ca80fa1090ae4b10254f4c73362c0136187b8459e290be8392e0a1e_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:77715e48401fe876d99dbfcc4c198afdc5c290b7510960896ba1622ed6ca7f79_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:91b8c0b48fa8e0704b6d16b516e08b0fe39614b9b089e1f15102288bf5d60959_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:960ec175b82072a4c88af0ba47f2a9b2a0b15895cf2571c0bb442caee71bc221_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:3b365965099e17509fffd095610bd58e709feb1cf3e35ad118c5a8aa52ff8f12_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7293f49b5919ab43d2e8f6ff3a6dea6c88e34fdfaf2570c43ad221a94c03e8ee_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:a990326e7004c46de55e42f5944d0105b6d04da2dd1ce94d342869407bb98807_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:c73e6521aa644290a8848db4a8953192d3a527843560ca80424a1323133aaea2_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:2a9e4f6b7abbb962922ecdb473ff44902a7b6ef811bdbc08c27db2460dde515d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:a8935624aae93ce1ede521508a9148e8ed0d4ada0c8ccd36c3cfcb3971cb2b29_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:bdc7caa4dfa31d3ab73f6dab5f96af60fc47f8175066eb117bc5bfed1eb6413a_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:d88abafc4a46463442434b6622577fdb3ba938496a50c7afe3af3fbb0b2b091e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:5b2d40d8d71e583e1bb3f374b724b58ee78a04b8c15e3fc13a249adc3b4c37c0_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:8a3021116d34e958681022873a7a249f9331031df1659181a593c9abc48ca697_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:8cfd70b3f0864c54c1bcc0ae9f11337c4570aa2c6ced8140810a997b7a842c93_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:f2c8c8a8198292184c29dc3de0b0d341fca30d42191e5e86caa43eaae46eff7c_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:173c0c8ed96e35def73f92bff784eb332de45924502f04b2d9c7a191581fdbeb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:280c53068de6bd3bad6a5d32dd50f322b8d1f92615097fa15f63188bedfed00d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:584315e5697664ba0a6814033c7bc179bf400aac665627bf1291b83c527ab5d2_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:bd4d9178fa38f29972af15da5dc663f9636c033f10b7503616adbfea78f7f1ad_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:26beb55e89fe94805cad1d718d64000a61ccef6510a360d57af7f4300a25ed49_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:50731e11aab49e36bb9e5cf23b88ac8591c22df1f98a11c9e65ff0e47f8ae2f9_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:509b53d9ccd21683c81b4e42770dc0d90e9c05de5f20df7edf1fa0c7591b8ae2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:fb25360c741915fa13d4b43049d369a7de295a97417e5401382f95701f463935_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:50d35e3e4c759fc9b61934b099d412cf0dee4e491965d4db8c4589ccc68eee49_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:deb42642848d93134455de3ae6a6f3f9378076ef9c038029cb1f302fb29dda07_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:a1b8003cb89c9bf7d51c857b27b53965fa62abb0ce24fb1cda89f34a9d1c2e46_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:a7b50a2e83fb514f43e1887e965e13652396a576785964fe6173babdee638b05_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:cd682edaf2fe812615d6b3d98f6a9b4ff66d57f79169eeb192b0c9c5b05ccba1_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:e440d95feb1bd619c099d1e5460812287c7072d07d9d1e13fd9cbbbf09aceb82_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-core-rhel9@sha256:4f3e402082fd9064ef612b4306ba1da62f7b142d82b0f184b4b6ad65540927a9_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-core-rhel9@sha256:ef279e1fd560d020a552e75c43a762c9b8facc78aae067122f9f37af95652af5_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:c0d95dfbae20e87113ffb81026d379bb63ad300447df98b27d1bf9a83b084744_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:fa16b7eff701a70f7548fdcd6cfe1f691c70f61031ffd62b9af12921e21e831e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llm-d-inference-scheduler-rhel9@sha256:b491af7175d76a2633083e737142965ffa27ce91547eacaeb56412e4df811872_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llm-d-inference-scheduler-rhel9@sha256:b6da3e72cb8a8168fc0379d8af5514fac5ddf991b39486e20a700c60e23704a4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llm-d-routing-sidecar-rhel9@sha256:9908cfe2d50b00ee658382256af0a738cb0f719dfb37f5a1cdb5af1ca4500344_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llm-d-routing-sidecar-rhel9@sha256:d60a0e26725789985f6c2b5b0b68cecbe45f27089f5192a6e957caf2f6cdbdb2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:468cd1ec5882a82f2e3d7a0c5634d80bc272908703194e5950e3eebf5b2f6b54_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:80da179d8cc59245c6424ebe7bc4b25fd23bb9c83a71c1d22b3b4ee5d5a7b37a_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:be7d70ba27a9c09b4fb4e6bae222f7e58cb3c813407d5a9dd3219a4a82cb55b0_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:52f55f3225d0f4d0f7ea2017f5138344cf9f206398546ce8e1598764111935a4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:91add789382d1e87ef73f6df4275e0dea8d24330a785c99c5292832341ad5266_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:b9d03b00198d04bee1f7c5f83f90f556c7eab3a462a926d7170bedc7a22b7520_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:67deadc75f0552f04b3815ba81615edfa7909e03b1505cf74c315db6e5a8ca76_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:bef83517710b3137f5004c13870c6af61f4e6c78dc81a7f2cfe2ffa1dd46c524_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:bf7638364b0afc379e25aa8ad6a6f8cc0d6cfc7fbd597831c9537472f9925d98_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:20647b054e2518ebe50745506932e2af1cc247b5e2876e36142cf25b318980fa_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:c3e8c04fad71e76381e05f43d9277f6fd523d9aada895bd0ca20bca48944ff68_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:ebef4624564bb028554772ffafca61c2d74137d453566b7b1c04ac2e3015bb90_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:91aab4a10d8cc1340044c6297ae1bd0a5744c41164a3d83b3bf455a275f9f5cd_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:93436f429cc5fd089a464f22ed51a00505db398fe90c02565c83a6f72f265f45_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:e15c9c336a37dc83afbb1b0a69a9b5dd50ac515f0cde2560a4d00ed6bba7d244_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:ed02fb5e34ac2c6debd735b55af998d453d1cad29a108e924837bdee9b832a08_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f3fbc2fd0ac0b4677fdef170818c25235369103d2123dffb55d3d42bacd76663_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f77a24d488369ffa73ac4275f3b600c149279c0cea6304d3d4333d2d49b5baea_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:01433193ce362a8165862b72f9a095184673a77ae802f125ca18c7aa42ac9333_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:39a05ceaeecda6fa31e5bec7eb2613451db74190d9f466344f6694fa9fb02b5c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:ab93a3d6489d5f64c6193748091c7c07f75cc25ec0a83abcb0605d4919281640_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:45a875b1e295421cfce026f3f02388f0782613fcd4ffa5b3a4f143dc317739b0_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:47c2b0fddc529f3eac61fcf4fec9afe61fd63e711994c72b1d84adf8fa46986e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:21dbe80b1a0ba0f54219f6349737e9647f2f07e4d8c293b8841853ba184cf978_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:41443496092034e0591f625f6bb25fc2da592bc316878426aa286d6b9d8a5f20_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:a17ebde45f294859d21882537c89af095a5893716f965f4866ac2acb307bc4a8_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f632916f22e58f24a4e7a731f62921f13f4c1d0e946f7ac983acbfe671e390b7_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:1c985e860d986a8f7be4fe2afc7176d9a905f187252cdb61206c81cf8389aa45_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:434c592a3457d383532303e4ca608ec7a99a3ae517a00bc3af1d2d80028609fe_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:981a2ea3d88b08e312e521c87dca79497991d7cf66304a279e9ca0a50fec5774_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:d4687faf278546087f07a091d654f5a3723985b28ace8632249a8dd6b81a644f_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:189397a122e85b746a45993fc6e1a4e4f65d748fb92138d2048b88f919a6d5e4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:4eb742df1df9bb754adac6df9ea0c6150da2548d4e4f8df2841815a4ca3ff0fb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:90ea3f8de580cddc460c62e4777dfddb7ec3ec98d22ee1a2ec39766d3f323af3_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:e465a23c2107028933200f1d4286f7183a514237dfb678074f61b0c0ce3b673a_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:1eaaf44444a5c06551ab4ed08d1f63e58bbaf6f99d72cd5e6045dc0e4f784e14_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:994e2cf04a3fac9c9d3002a1e09cb1d7ddc39ace4083efcdf797ff406dbd2480_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:d4d70a9fd8dcea2315b29ea36c085b6a37bd317fb7df6688993f4e7b62a2a47e_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:eadabd1ca3be57aa8e3e92795d8dcd40985e841dc4e164d0ebc4e272b40bac3e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2c0f9298efa8fcae81f129122b8cdf2e2391a7042cf4a9b44faf125b1f0e0f73_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:49944a86d30194982f92a0bba70e02682715bc3bd8ae72fcf855b7509f993496_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:4de60e3690b5cd87a4057b7818f888e2bd97ef5b96b99c4c7dd249c1fff7ca38_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:a977560da71f539a5e7076deb6d374afba36121c877f59e85310895f2045d3ee_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:2be50d667e5c0f2e06e60e4f62d744aea9116332ae728919b7cf7a246b618664_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:419c6ec3e5fea5d957a8e4cd5510995d2f4a6b0537fe94ea82dfebab975a42a2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:723112cb61845745edf0d9ef5354c4845be6fbe5cb11ab3166c17b207130a943_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:bc3041ddf8d7b7b2289cc5e4e1220b600ee0b34a6d3d8a85b8bd3761abea7e0d_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:6c53139b9dfc9dca16c31f9fd78cbb338a79311d42a823b344f9bdefb99733e7_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:d0c2eaa242cedd58d0810f5a326b8dc4ce54a38a8579c5fdfda3bd8e30e74e75_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:c05de2381d517323b0ae164f7b3cf23d9f8c641ea47e2cd0a897224429ed5533_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:f2f82d2a1a33b36097d7bf16fa53cde6baebfcd170def12f75d3da6fe292a78c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:4fe3535468b5d6b49d08056ccd51284887baf1fc4a1cb7e7291057c2cf85f5f2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef5b9e57765b47b45c682075fcd8017f1eff985de28c1baad33617964c006a52_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:16b8ccd7cb2600a2225eee5317bf7250c37f45a7e58a43ffbdaf862e9066f0a0_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:314e3ae61356b86a365bace1060f7cd6013e46ff88dace6bb2b61c281c287827_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:6f96d9a820c7cc7aa4f4b64a6b2910fd37949c9c941620ad274ee015d8276613_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:a4e9cfc29cf740ac5914cca780fa2384646990c043048fa55151ff4f5df00fa2_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:72278a1be67fa3887019782dbbcbfe9399dbb3eb6a02ee1d55010fd7bad464f5_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:8aa7ebdea91590ecfab30e333dc62577a8e873fe014f21628fee904c040da3c6_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:ab51ed9b5aea2919f8a62c0d99c6e3f7defe69056290b3062a636f4a1a8aecc2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:d87a20577e08cbc139f48ab3154cc94b15597c67ff1351899fa4ca59d04bff58_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:fbfd2e7078a290dc240310e34bdf65eaf4b4fec5f6d5440e400b5481960ef448_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-operator-bundle@sha256:241f14acf737b23def38e8ad03707c575ddb20772a20995ee90b55b74c6e5557_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:360b97cfa5cc929c7fd33172eb80f7f71c298335c4271030fa124cc33a6cb1d8_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:7a354b91b17b33b26c57c3b8a90747c31569bb7c40ce473534a5ba5f173d7322_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:88fbe21741f4052b4fb118c652e5f39ae28937e8b60fad930945be8ac3351eec_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:d17199ec02f3f62ed061a5d51d8a9f7497dcade091a7b3c01ad14a781f6e97df_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:00390c9d7dc34d84a819429e0b881e5fae11a659f2dde48689e102c8eddb3fe2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:9414a3f5c38ef2fe7ed73f70bb2cf7c3f271ea75c941bce2561e74b81251c153_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:c35c95fa0511503853770594040357cba04649739f4a61f862f6ac4de8b636eb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:d017ace8b157f711e269dd0a1f073235eaa9f4c58a7ff8fc974ae3d05efb80a6_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-pytorch-cuda-py312-rhel9@sha256:0780f52efa6c68ea2fb6371edfbd8b703157c38911803985bb1a676c84e073b5_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-pytorch-llmcompressor-cuda-py312-rhel9@sha256:a202c9ec6be34c4be1793e4f9f348077f345c450e0fcd04071d5092f266df9b4_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-pytorch-rocm-py312-rhel9@sha256:e18d2d006c8cd4e3d3816540e154f421e7550a96f73901a799c15a5b4fe576db_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-tensorflow-cuda-py312-rhel9@sha256:6e8f2fc28114e00d6f46450f111916b5b4efbdc1cee78596d36cd24baaea0c1c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-tensorflow-cuda-py312-rhel9@sha256:fa2b62d5001452ad077383bc63124f021bbef766fb104203a9a05bba87332d8e_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-tensorflow-rocm-py312-rhel9@sha256:3bdeae6f78230e1d966cf7a3f35ea821c808f40cc4c2abb7af9b1748f5611826_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:16d6fcea2a0d24da26ee5e784d20a5d2af9db6e99e804bf2c6b8c2d88fd41485_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:c16728de5b7bf18f51d480dec3a6b398c738c6bc6e144cb42d3c89bc6ecb9df2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:e6399638e0138333e4493d200bde94039c097773b677a1d0e4d07e81cee9ef00_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:ef1dbf4b3d733bca3f599ef8a3a5173650ef26dd1f422e464d637b41dadb1f1d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:67fce9de4e734d3e32c1cbdc60831ad54fe10d9265333535590d7b154281ead8_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:7a8408dd838cc49f46ddbab416ded7f0e17cdf70fd53c4989aced80735401e23_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:af384a9f034c11f7bb2a4acdf3bcd6087282c1a18b6817a82abed5b8638c6951_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:fb238efd1812752a8ce8b47a9418f71c434d2560e0b06ad2cd8437d64a98498f_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:521682a029cda192fdd8ebde9245c7eba540c8f97bca2cbb3e84189a9897572e_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:616eb0426a428db355c82ef6763290c4e493be44b0b4c5411a55f57e9d0f13aa_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:8dd600e003d1b6395f1406fc31c17f7204ec6cce0e067dac8c2f3cbed4534c49_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:eed2ac205ef82e2534e721cb23e9e4c2e7ceb41dcd3bf98267c2cf987112db19_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-cuda121-torch24-py311-rhel9@sha256:3a8dd739be30f5d682f3a05e4f34644039458dcb630d172548b2bb4b15877ecb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-cuda124-torch25-py311-rhel9@sha256:67731cbfb492941b8711b0c602726070859222026006a43e6c2277355e7a27da_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:2980f5cddc9a58ad489e9e2beca20f1d8c8a75f814be7ce673db003f0e6de579_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:77a27c980f9882272734739b5f6a8635e1acd303a4ca69a5635add956a4fe89f_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:bcebd560c77cf1a02e70a26fda256d1af078d7aafe57fed52c96b699f7381876_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-rocm62-torch24-py311-rhel9@sha256:2c412361f470d93c05cb1bf0f38380b31cac8f48b21983c9709b9f6edd0ad5e1_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-rocm62-torch25-py311-rhel9@sha256:96cfb8aa1789dac69f6f6e91d66073f2757a04329c5b9ff4be6d506f370f5d5d_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:4c61c28b243a1e6d0f765fd37281f5e7abbb85fd2f09b5a1963aedf3b359fb9a_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:9b24fa0cbf418b4531a5c57eb302a4235bcc15008727a857b63b8a9a54315e08_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:c0558782a9ce1fcd3530aaa0e83f330f15c7e76f5543876fe72c420bfe970d59_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:d0549a90f03c87bb0d2e811123b56f71caee1df38ea8016a6338cba3b0a060c5_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:74f401ef1af1ee81c4f09de1c2874e9b1a9667c847e01a09b224f6e6628f3860_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:7ab2029ebe7ade1697ad33ab5ec7552eff355cb09d2fcbcc0fee938c39c5eb98_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:8ee4bfb7fbb1e28c1678f2471c1eec5451f4833a4c6c7c791a08c4872c330137_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:a5f954cd1f5e59220266e5aad4446d5cc923253606b2c3a4ce303d74a6885604_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:5957a6eee180b64492d9203571a0466c0da23cd275f1778927dd94a54f27b93b_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:75a6fdf619836b3da7198a2d6588cf8d8f895b8db7507318370c316d37616df8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:90c886f732e038e7c7394d490dbb0d5e69433cdb2b020bea26d26e02fb1ea30e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:b5fe5f528b0a9c8fb45beba3a4b4fccdf132285febc41291fdc5f9d648098b60_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:2e62aca12b975fa68c15bf7a4f7cde9c45f4843e2b464646832cda8e1787e952_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:d2ce36d1f2d19fef64320af65a24fe313432ccd8f0fbf205f981fdba5a4e6bc3_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cuda-rhel9@sha256:1e8b4f9fdc32213a45824c441171218fd4814ff5ea718b31fc0f74d9322f1a3f_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cuda-rhel9@sha256:78ccc2cef82e18943e3d9f3433597a77c3430814ab9f042c5b2a9e907049f8de_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-gaudi-rhel9@sha256:a2d2b3da2877d3857b6e4dd3685ae12631b847fb4daf7a56234a4655e45cde0f_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-rocm-rhel9@sha256:7cf5a595faf09636baa94db52be028d4d4d1e2be0fc4748d276719387b2de3b4_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-codeserver-datascience-cpu-py312-rhel9@sha256:012089e186f66a139d3dbab861f2c88e18c7953b81381872fb5ccf78465ab641_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-codeserver-datascience-cpu-py312-rhel9@sha256:2b6b580b98ece481ae56d3106d1f555502482e158747dbfa696f5b8b01e69732_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-codeserver-datascience-cpu-py312-rhel9@sha256:b1ae091d2676b195a4fe49130d26d28bb1ecd6b346533ebfafd04e438d9787a3_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:6061305164604c2715095f95b8a5ffad2acebb8e7e9db1483c7f9305626f396e_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:62a04dfef095c14dcf8ae37af42f49ad410d0525eb47c509d53c0469cdf09b8c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:8f3cfa79c68587c251805f01acc84a6a24bc08505a7548a9b3aebc8f58ed8a25_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:b15df9b9947b193cf648102945059587d5f56353b3a2f97e148ec30c34ec3953_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:267b5f0d8edc1ffa3cb8f069fd83483712c17de02d0d8568cd9bda0b2389ebf0_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:300d59e66dee9bfc24d53cc14428c1fd95ea714e34a1b75b1317bd5a7f182150_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:7ea4b2d6a2da83adf6680f65621575c4cae8ac246d52c6a59c1bebc6d7c73295_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:ccb50d7b1baa491283897be4f3c2a4bf9d8e3d2e7aa6fb3b18874abe9d43ea44_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cuda-py312-rhel9@sha256:0a10e0df52a41f7ca9053f3292befde92ab9e1c2965bc3a2bdbe51eaeb5b8e48_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cuda-py312-rhel9@sha256:47ebda63b857cae1475cb195d372db7a7a4ee729d286e1da386bdf5972d81482_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-rocm-py312-rhel9@sha256:158c783d59cdbdb9028c4dd760632edd7295330b5dcebbe0017bff4089635c3a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-pytorch-cuda-py312-rhel9@sha256:fbe346eafcfbb867f595cbad5ea0190fabbabc61ad80a4be2265e0e2b0149f68_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-pytorch-llmcompressor-cuda-py312-rhel9@sha256:fec8bf2d539fd00df8854a723bae98b7e173c43153c3132ba459bc0e9a86ae35_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-pytorch-rocm-py312-rhel9@sha256:b19482e4008ac03a39b432fb3056bb1ab372ef1617df5bbfe784bc2910b6827a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-tensorflow-cuda-py312-rhel9@sha256:1213d9e9a56ec3fddb887082d95c2ac168876eee8592aba265aeadd7ffad3898_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-tensorflow-cuda-py312-rhel9@sha256:bcb20d34a700e232c713123cc3b55ab538261d4f185f5ec532ba8c432a91676c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-tensorflow-rocm-py312-rhel9@sha256:85abac79e8d09b61a9fffb0b5d3fd2a3f9da65bad9573a72cecb878a81357dcf_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-trustyai-cpu-py312-rhel9@sha256:992d644dbe23533126eee70cf983e9afdf31efa558b7a435cc08ad3e14923090_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-trustyai-cpu-py312-rhel9@sha256:b14e6b2a5f4b66dacfcd6c336e2a9e057b1d3ce7de902f0090d9a150a8292a84_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-trustyai-cpu-py312-rhel9@sha256:dc4a277cebbdc373534b73a432085d3a4b502e3c189fe75da8f0441ff9d3ce2c_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:51403d59dbd78a41d75e7545b1e4aabd8d1bc0b2ccaafe529c4f48e1963a2035_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:5ad2b6d2f8d4904a0191fa5ccc18411a786e6579d188489fa12faf9fc068cc9c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:88949919f0aabc891dad1fd98ab58df3a08790765295741a8645f3b5d8a285db_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:a389155782f92006e5bba65e46a895f7cf452686543a14b7b1fa52406f9058cd_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-caikit-nlp-rhel9@sha256:11e5cb6b52e2184b332d632d8d7ad2c6976a034f270274d37b28ce712bd2cc36_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-caikit-nlp-rhel9@sha256:70a961b976ef12b9986a68034d127cb9ba998ff75b64e877f9ee3a10f06f0106_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-caikit-tgis-serving-rhel9@sha256:4c34b2d480f5ebd149fc4a0d1d6091a408cc7f1b258445805a1e4cbef3d7d0d2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-caikit-tgis-serving-rhel9@sha256:81157ed2f613acec8425198f643fc55071792deffce6d9aee3542c8ea07c4d1a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:6331e14388d919390d1af6585eeff151b65ad4c9860745134def57dba26bb97e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:66615f22e0deca10743431636bad74e3ed4fb112dee8d0c3c8f27a380e38ae70_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:24f8d43160dc19c70e41cbbba12f688e1ac84a21077bf932aae7fea2ec24afb5_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:7c4110fe722576a3e8f65c4e6ae155be27e805b43e8ac8ca7ef82f3990a99874_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:8adc9de681e4d883ee9eac8b0fdcd2f2b1a22cb92ce90f8a63d46e30a7e5f61e_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:91389e1c6b30eebfc2f4a5c48bb2d499942b33d89a5419fc1903c180f0087cee_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:873dbf82b3b38ae1518019c143e403bed9dc1ecac199f850edff82b2b0f95231_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:c8fba2ae05c577c06c90364b6d94d92d5470c3150f07c001bbdfed40707220e2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:f7933e6dc10f8169ae87369a3ff62bee34d43d8d1c838f7ae833d0908d54a45d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:36e001b965f7eebd64b872def5c57231de0819469d7a26ea86df744f28c2785a_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:81ce7ecaafd32d352a24ac27dafd6afba1f124f734df7c4fa1864b757759a6bc_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:af3fa2677f47b424b7e8712505ef30e7ead5c445c77bc32360c4ff5c2ea24b93_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:2295017f41d6d273157b8f094074690f49521d3e0680580e26e37a9ab545d6fc_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:3eb5049152b666d5cf4bce10957e8ac31bc0a2e74a846d56f9fa15196108f1c2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:4e4dc115dcb1061785653fcecbd2e81ff6089b62cf9ee0fda10eb87466047e39_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feast-operator-rhel9@sha256:14fde57a474874674cfafad3a508ac5645cd50c12c2a267d0235944a77803640_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feast-operator-rhel9@sha256:81c034b0d7ca5042b273697e7ff6a58c913cc1f9b514df46d44774b6346883a1_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feast-operator-rhel9@sha256:bf6ebf0abb38d3d5787f6e3ddf6e7ec2fd30d36c7607986cd8067b1099cbf571_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feature-server-rhel9@sha256:0ea130b6f98f7addc0128ac96e373dd685556ef1dbc8fa5400683f4b91425940_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feature-server-rhel9@sha256:1e921ff8d31f51a8cf001e62f8ec3d4b999260ac0c6eafcc601d09a4ec4bdf3a_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feature-server-rhel9@sha256:915cb9d745de85847cb147bc34a8c95453bf54cd5c3747fbaefad66bba32b9d9_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:1ac518cbe7ed66f94fa11d48c19e1fc4c4a6972d070ec2e4ce8699c0d33a7c56_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:20c912ccbfe525ee8850e818255cc46549b734b4befda1bc5876f4d46dfa36ae_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:4c5adfffb316f3dd40499fb17c38f761c5b364639cd7cd30a49d7621b4ca4c60_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:6b74c03967d50504a813c8c3c5fa48c7cb30cd09c98bb0bac0b6148d63aebcdc_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:51866ab99ca80fa1090ae4b10254f4c73362c0136187b8459e290be8392e0a1e_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:77715e48401fe876d99dbfcc4c198afdc5c290b7510960896ba1622ed6ca7f79_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:91b8c0b48fa8e0704b6d16b516e08b0fe39614b9b089e1f15102288bf5d60959_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:960ec175b82072a4c88af0ba47f2a9b2a0b15895cf2571c0bb442caee71bc221_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:3b365965099e17509fffd095610bd58e709feb1cf3e35ad118c5a8aa52ff8f12_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7293f49b5919ab43d2e8f6ff3a6dea6c88e34fdfaf2570c43ad221a94c03e8ee_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:a990326e7004c46de55e42f5944d0105b6d04da2dd1ce94d342869407bb98807_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:c73e6521aa644290a8848db4a8953192d3a527843560ca80424a1323133aaea2_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:2a9e4f6b7abbb962922ecdb473ff44902a7b6ef811bdbc08c27db2460dde515d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:a8935624aae93ce1ede521508a9148e8ed0d4ada0c8ccd36c3cfcb3971cb2b29_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:bdc7caa4dfa31d3ab73f6dab5f96af60fc47f8175066eb117bc5bfed1eb6413a_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:d88abafc4a46463442434b6622577fdb3ba938496a50c7afe3af3fbb0b2b091e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:5b2d40d8d71e583e1bb3f374b724b58ee78a04b8c15e3fc13a249adc3b4c37c0_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:8a3021116d34e958681022873a7a249f9331031df1659181a593c9abc48ca697_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:8cfd70b3f0864c54c1bcc0ae9f11337c4570aa2c6ced8140810a997b7a842c93_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:f2c8c8a8198292184c29dc3de0b0d341fca30d42191e5e86caa43eaae46eff7c_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:173c0c8ed96e35def73f92bff784eb332de45924502f04b2d9c7a191581fdbeb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:280c53068de6bd3bad6a5d32dd50f322b8d1f92615097fa15f63188bedfed00d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:584315e5697664ba0a6814033c7bc179bf400aac665627bf1291b83c527ab5d2_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:bd4d9178fa38f29972af15da5dc663f9636c033f10b7503616adbfea78f7f1ad_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:26beb55e89fe94805cad1d718d64000a61ccef6510a360d57af7f4300a25ed49_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:50731e11aab49e36bb9e5cf23b88ac8591c22df1f98a11c9e65ff0e47f8ae2f9_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:509b53d9ccd21683c81b4e42770dc0d90e9c05de5f20df7edf1fa0c7591b8ae2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:fb25360c741915fa13d4b43049d369a7de295a97417e5401382f95701f463935_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:50d35e3e4c759fc9b61934b099d412cf0dee4e491965d4db8c4589ccc68eee49_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:deb42642848d93134455de3ae6a6f3f9378076ef9c038029cb1f302fb29dda07_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:a1b8003cb89c9bf7d51c857b27b53965fa62abb0ce24fb1cda89f34a9d1c2e46_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:a7b50a2e83fb514f43e1887e965e13652396a576785964fe6173babdee638b05_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:cd682edaf2fe812615d6b3d98f6a9b4ff66d57f79169eeb192b0c9c5b05ccba1_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:e440d95feb1bd619c099d1e5460812287c7072d07d9d1e13fd9cbbbf09aceb82_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-core-rhel9@sha256:4f3e402082fd9064ef612b4306ba1da62f7b142d82b0f184b4b6ad65540927a9_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-core-rhel9@sha256:ef279e1fd560d020a552e75c43a762c9b8facc78aae067122f9f37af95652af5_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:c0d95dfbae20e87113ffb81026d379bb63ad300447df98b27d1bf9a83b084744_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:fa16b7eff701a70f7548fdcd6cfe1f691c70f61031ffd62b9af12921e21e831e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llm-d-inference-scheduler-rhel9@sha256:b491af7175d76a2633083e737142965ffa27ce91547eacaeb56412e4df811872_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llm-d-inference-scheduler-rhel9@sha256:b6da3e72cb8a8168fc0379d8af5514fac5ddf991b39486e20a700c60e23704a4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llm-d-routing-sidecar-rhel9@sha256:9908cfe2d50b00ee658382256af0a738cb0f719dfb37f5a1cdb5af1ca4500344_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llm-d-routing-sidecar-rhel9@sha256:d60a0e26725789985f6c2b5b0b68cecbe45f27089f5192a6e957caf2f6cdbdb2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:468cd1ec5882a82f2e3d7a0c5634d80bc272908703194e5950e3eebf5b2f6b54_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:80da179d8cc59245c6424ebe7bc4b25fd23bb9c83a71c1d22b3b4ee5d5a7b37a_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:be7d70ba27a9c09b4fb4e6bae222f7e58cb3c813407d5a9dd3219a4a82cb55b0_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:52f55f3225d0f4d0f7ea2017f5138344cf9f206398546ce8e1598764111935a4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:91add789382d1e87ef73f6df4275e0dea8d24330a785c99c5292832341ad5266_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:b9d03b00198d04bee1f7c5f83f90f556c7eab3a462a926d7170bedc7a22b7520_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:67deadc75f0552f04b3815ba81615edfa7909e03b1505cf74c315db6e5a8ca76_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:bef83517710b3137f5004c13870c6af61f4e6c78dc81a7f2cfe2ffa1dd46c524_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:bf7638364b0afc379e25aa8ad6a6f8cc0d6cfc7fbd597831c9537472f9925d98_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:20647b054e2518ebe50745506932e2af1cc247b5e2876e36142cf25b318980fa_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:c3e8c04fad71e76381e05f43d9277f6fd523d9aada895bd0ca20bca48944ff68_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:ebef4624564bb028554772ffafca61c2d74137d453566b7b1c04ac2e3015bb90_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:91aab4a10d8cc1340044c6297ae1bd0a5744c41164a3d83b3bf455a275f9f5cd_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:93436f429cc5fd089a464f22ed51a00505db398fe90c02565c83a6f72f265f45_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:e15c9c336a37dc83afbb1b0a69a9b5dd50ac515f0cde2560a4d00ed6bba7d244_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:ed02fb5e34ac2c6debd735b55af998d453d1cad29a108e924837bdee9b832a08_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f3fbc2fd0ac0b4677fdef170818c25235369103d2123dffb55d3d42bacd76663_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f77a24d488369ffa73ac4275f3b600c149279c0cea6304d3d4333d2d49b5baea_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:01433193ce362a8165862b72f9a095184673a77ae802f125ca18c7aa42ac9333_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:39a05ceaeecda6fa31e5bec7eb2613451db74190d9f466344f6694fa9fb02b5c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:ab93a3d6489d5f64c6193748091c7c07f75cc25ec0a83abcb0605d4919281640_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:45a875b1e295421cfce026f3f02388f0782613fcd4ffa5b3a4f143dc317739b0_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:47c2b0fddc529f3eac61fcf4fec9afe61fd63e711994c72b1d84adf8fa46986e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:21dbe80b1a0ba0f54219f6349737e9647f2f07e4d8c293b8841853ba184cf978_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:41443496092034e0591f625f6bb25fc2da592bc316878426aa286d6b9d8a5f20_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:a17ebde45f294859d21882537c89af095a5893716f965f4866ac2acb307bc4a8_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f632916f22e58f24a4e7a731f62921f13f4c1d0e946f7ac983acbfe671e390b7_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:1c985e860d986a8f7be4fe2afc7176d9a905f187252cdb61206c81cf8389aa45_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:434c592a3457d383532303e4ca608ec7a99a3ae517a00bc3af1d2d80028609fe_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:981a2ea3d88b08e312e521c87dca79497991d7cf66304a279e9ca0a50fec5774_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:d4687faf278546087f07a091d654f5a3723985b28ace8632249a8dd6b81a644f_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:189397a122e85b746a45993fc6e1a4e4f65d748fb92138d2048b88f919a6d5e4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:4eb742df1df9bb754adac6df9ea0c6150da2548d4e4f8df2841815a4ca3ff0fb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:90ea3f8de580cddc460c62e4777dfddb7ec3ec98d22ee1a2ec39766d3f323af3_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:e465a23c2107028933200f1d4286f7183a514237dfb678074f61b0c0ce3b673a_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:1eaaf44444a5c06551ab4ed08d1f63e58bbaf6f99d72cd5e6045dc0e4f784e14_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:994e2cf04a3fac9c9d3002a1e09cb1d7ddc39ace4083efcdf797ff406dbd2480_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:d4d70a9fd8dcea2315b29ea36c085b6a37bd317fb7df6688993f4e7b62a2a47e_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:eadabd1ca3be57aa8e3e92795d8dcd40985e841dc4e164d0ebc4e272b40bac3e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2c0f9298efa8fcae81f129122b8cdf2e2391a7042cf4a9b44faf125b1f0e0f73_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:49944a86d30194982f92a0bba70e02682715bc3bd8ae72fcf855b7509f993496_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:4de60e3690b5cd87a4057b7818f888e2bd97ef5b96b99c4c7dd249c1fff7ca38_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:a977560da71f539a5e7076deb6d374afba36121c877f59e85310895f2045d3ee_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:2be50d667e5c0f2e06e60e4f62d744aea9116332ae728919b7cf7a246b618664_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:419c6ec3e5fea5d957a8e4cd5510995d2f4a6b0537fe94ea82dfebab975a42a2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:723112cb61845745edf0d9ef5354c4845be6fbe5cb11ab3166c17b207130a943_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:bc3041ddf8d7b7b2289cc5e4e1220b600ee0b34a6d3d8a85b8bd3761abea7e0d_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:6c53139b9dfc9dca16c31f9fd78cbb338a79311d42a823b344f9bdefb99733e7_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:d0c2eaa242cedd58d0810f5a326b8dc4ce54a38a8579c5fdfda3bd8e30e74e75_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:c05de2381d517323b0ae164f7b3cf23d9f8c641ea47e2cd0a897224429ed5533_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:f2f82d2a1a33b36097d7bf16fa53cde6baebfcd170def12f75d3da6fe292a78c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:4fe3535468b5d6b49d08056ccd51284887baf1fc4a1cb7e7291057c2cf85f5f2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef5b9e57765b47b45c682075fcd8017f1eff985de28c1baad33617964c006a52_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:16b8ccd7cb2600a2225eee5317bf7250c37f45a7e58a43ffbdaf862e9066f0a0_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:314e3ae61356b86a365bace1060f7cd6013e46ff88dace6bb2b61c281c287827_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:6f96d9a820c7cc7aa4f4b64a6b2910fd37949c9c941620ad274ee015d8276613_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:a4e9cfc29cf740ac5914cca780fa2384646990c043048fa55151ff4f5df00fa2_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:72278a1be67fa3887019782dbbcbfe9399dbb3eb6a02ee1d55010fd7bad464f5_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:8aa7ebdea91590ecfab30e333dc62577a8e873fe014f21628fee904c040da3c6_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:ab51ed9b5aea2919f8a62c0d99c6e3f7defe69056290b3062a636f4a1a8aecc2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:d87a20577e08cbc139f48ab3154cc94b15597c67ff1351899fa4ca59d04bff58_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:fbfd2e7078a290dc240310e34bdf65eaf4b4fec5f6d5440e400b5481960ef448_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-operator-bundle@sha256:241f14acf737b23def38e8ad03707c575ddb20772a20995ee90b55b74c6e5557_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:360b97cfa5cc929c7fd33172eb80f7f71c298335c4271030fa124cc33a6cb1d8_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:7a354b91b17b33b26c57c3b8a90747c31569bb7c40ce473534a5ba5f173d7322_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:88fbe21741f4052b4fb118c652e5f39ae28937e8b60fad930945be8ac3351eec_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:d17199ec02f3f62ed061a5d51d8a9f7497dcade091a7b3c01ad14a781f6e97df_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:00390c9d7dc34d84a819429e0b881e5fae11a659f2dde48689e102c8eddb3fe2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:9414a3f5c38ef2fe7ed73f70bb2cf7c3f271ea75c941bce2561e74b81251c153_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:c35c95fa0511503853770594040357cba04649739f4a61f862f6ac4de8b636eb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:d017ace8b157f711e269dd0a1f073235eaa9f4c58a7ff8fc974ae3d05efb80a6_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-pytorch-cuda-py312-rhel9@sha256:0780f52efa6c68ea2fb6371edfbd8b703157c38911803985bb1a676c84e073b5_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-pytorch-llmcompressor-cuda-py312-rhel9@sha256:a202c9ec6be34c4be1793e4f9f348077f345c450e0fcd04071d5092f266df9b4_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-pytorch-rocm-py312-rhel9@sha256:e18d2d006c8cd4e3d3816540e154f421e7550a96f73901a799c15a5b4fe576db_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-tensorflow-cuda-py312-rhel9@sha256:6e8f2fc28114e00d6f46450f111916b5b4efbdc1cee78596d36cd24baaea0c1c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-tensorflow-cuda-py312-rhel9@sha256:fa2b62d5001452ad077383bc63124f021bbef766fb104203a9a05bba87332d8e_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-tensorflow-rocm-py312-rhel9@sha256:3bdeae6f78230e1d966cf7a3f35ea821c808f40cc4c2abb7af9b1748f5611826_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:16d6fcea2a0d24da26ee5e784d20a5d2af9db6e99e804bf2c6b8c2d88fd41485_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:c16728de5b7bf18f51d480dec3a6b398c738c6bc6e144cb42d3c89bc6ecb9df2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:e6399638e0138333e4493d200bde94039c097773b677a1d0e4d07e81cee9ef00_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:ef1dbf4b3d733bca3f599ef8a3a5173650ef26dd1f422e464d637b41dadb1f1d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:67fce9de4e734d3e32c1cbdc60831ad54fe10d9265333535590d7b154281ead8_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:7a8408dd838cc49f46ddbab416ded7f0e17cdf70fd53c4989aced80735401e23_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:af384a9f034c11f7bb2a4acdf3bcd6087282c1a18b6817a82abed5b8638c6951_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:fb238efd1812752a8ce8b47a9418f71c434d2560e0b06ad2cd8437d64a98498f_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:521682a029cda192fdd8ebde9245c7eba540c8f97bca2cbb3e84189a9897572e_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:616eb0426a428db355c82ef6763290c4e493be44b0b4c5411a55f57e9d0f13aa_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:8dd600e003d1b6395f1406fc31c17f7204ec6cce0e067dac8c2f3cbed4534c49_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:eed2ac205ef82e2534e721cb23e9e4c2e7ceb41dcd3bf98267c2cf987112db19_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-cuda121-torch24-py311-rhel9@sha256:3a8dd739be30f5d682f3a05e4f34644039458dcb630d172548b2bb4b15877ecb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-cuda124-torch25-py311-rhel9@sha256:67731cbfb492941b8711b0c602726070859222026006a43e6c2277355e7a27da_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:2980f5cddc9a58ad489e9e2beca20f1d8c8a75f814be7ce673db003f0e6de579_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:77a27c980f9882272734739b5f6a8635e1acd303a4ca69a5635add956a4fe89f_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:bcebd560c77cf1a02e70a26fda256d1af078d7aafe57fed52c96b699f7381876_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-rocm62-torch24-py311-rhel9@sha256:2c412361f470d93c05cb1bf0f38380b31cac8f48b21983c9709b9f6edd0ad5e1_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-rocm62-torch25-py311-rhel9@sha256:96cfb8aa1789dac69f6f6e91d66073f2757a04329c5b9ff4be6d506f370f5d5d_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:4c61c28b243a1e6d0f765fd37281f5e7abbb85fd2f09b5a1963aedf3b359fb9a_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:9b24fa0cbf418b4531a5c57eb302a4235bcc15008727a857b63b8a9a54315e08_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:c0558782a9ce1fcd3530aaa0e83f330f15c7e76f5543876fe72c420bfe970d59_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:d0549a90f03c87bb0d2e811123b56f71caee1df38ea8016a6338cba3b0a060c5_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:74f401ef1af1ee81c4f09de1c2874e9b1a9667c847e01a09b224f6e6628f3860_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:7ab2029ebe7ade1697ad33ab5ec7552eff355cb09d2fcbcc0fee938c39c5eb98_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:8ee4bfb7fbb1e28c1678f2471c1eec5451f4833a4c6c7c791a08c4872c330137_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:a5f954cd1f5e59220266e5aad4446d5cc923253606b2c3a4ce303d74a6885604_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:5957a6eee180b64492d9203571a0466c0da23cd275f1778927dd94a54f27b93b_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:75a6fdf619836b3da7198a2d6588cf8d8f895b8db7507318370c316d37616df8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:90c886f732e038e7c7394d490dbb0d5e69433cdb2b020bea26d26e02fb1ea30e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:b5fe5f528b0a9c8fb45beba3a4b4fccdf132285febc41291fdc5f9d648098b60_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:2e62aca12b975fa68c15bf7a4f7cde9c45f4843e2b464646832cda8e1787e952_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:d2ce36d1f2d19fef64320af65a24fe313432ccd8f0fbf205f981fdba5a4e6bc3_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cuda-rhel9@sha256:1e8b4f9fdc32213a45824c441171218fd4814ff5ea718b31fc0f74d9322f1a3f_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cuda-rhel9@sha256:78ccc2cef82e18943e3d9f3433597a77c3430814ab9f042c5b2a9e907049f8de_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-gaudi-rhel9@sha256:a2d2b3da2877d3857b6e4dd3685ae12631b847fb4daf7a56234a4655e45cde0f_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-rocm-rhel9@sha256:7cf5a595faf09636baa94db52be028d4d4d1e2be0fc4748d276719387b2de3b4_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-codeserver-datascience-cpu-py312-rhel9@sha256:012089e186f66a139d3dbab861f2c88e18c7953b81381872fb5ccf78465ab641_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-codeserver-datascience-cpu-py312-rhel9@sha256:2b6b580b98ece481ae56d3106d1f555502482e158747dbfa696f5b8b01e69732_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-codeserver-datascience-cpu-py312-rhel9@sha256:b1ae091d2676b195a4fe49130d26d28bb1ecd6b346533ebfafd04e438d9787a3_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:6061305164604c2715095f95b8a5ffad2acebb8e7e9db1483c7f9305626f396e_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:62a04dfef095c14dcf8ae37af42f49ad410d0525eb47c509d53c0469cdf09b8c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:8f3cfa79c68587c251805f01acc84a6a24bc08505a7548a9b3aebc8f58ed8a25_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:b15df9b9947b193cf648102945059587d5f56353b3a2f97e148ec30c34ec3953_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:267b5f0d8edc1ffa3cb8f069fd83483712c17de02d0d8568cd9bda0b2389ebf0_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:300d59e66dee9bfc24d53cc14428c1fd95ea714e34a1b75b1317bd5a7f182150_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:7ea4b2d6a2da83adf6680f65621575c4cae8ac246d52c6a59c1bebc6d7c73295_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:ccb50d7b1baa491283897be4f3c2a4bf9d8e3d2e7aa6fb3b18874abe9d43ea44_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cuda-py312-rhel9@sha256:0a10e0df52a41f7ca9053f3292befde92ab9e1c2965bc3a2bdbe51eaeb5b8e48_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cuda-py312-rhel9@sha256:47ebda63b857cae1475cb195d372db7a7a4ee729d286e1da386bdf5972d81482_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-rocm-py312-rhel9@sha256:158c783d59cdbdb9028c4dd760632edd7295330b5dcebbe0017bff4089635c3a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-pytorch-cuda-py312-rhel9@sha256:fbe346eafcfbb867f595cbad5ea0190fabbabc61ad80a4be2265e0e2b0149f68_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-pytorch-llmcompressor-cuda-py312-rhel9@sha256:fec8bf2d539fd00df8854a723bae98b7e173c43153c3132ba459bc0e9a86ae35_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-pytorch-rocm-py312-rhel9@sha256:b19482e4008ac03a39b432fb3056bb1ab372ef1617df5bbfe784bc2910b6827a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-tensorflow-cuda-py312-rhel9@sha256:1213d9e9a56ec3fddb887082d95c2ac168876eee8592aba265aeadd7ffad3898_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-tensorflow-cuda-py312-rhel9@sha256:bcb20d34a700e232c713123cc3b55ab538261d4f185f5ec532ba8c432a91676c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-tensorflow-rocm-py312-rhel9@sha256:85abac79e8d09b61a9fffb0b5d3fd2a3f9da65bad9573a72cecb878a81357dcf_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-trustyai-cpu-py312-rhel9@sha256:992d644dbe23533126eee70cf983e9afdf31efa558b7a435cc08ad3e14923090_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-trustyai-cpu-py312-rhel9@sha256:b14e6b2a5f4b66dacfcd6c336e2a9e057b1d3ce7de902f0090d9a150a8292a84_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-trustyai-cpu-py312-rhel9@sha256:dc4a277cebbdc373534b73a432085d3a4b502e3c189fe75da8f0441ff9d3ce2c_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "llama-stack-k8s-operator: Llama Stack service exposed across namespaces due to missing NetworkPolicy"
},
{
"cve": "CVE-2025-12816",
"cwe": {
"id": "CWE-179",
"name": "Incorrect Behavior Order: Early Validation"
},
"discovery_date": "2025-11-25T20:01:05.875196+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:51403d59dbd78a41d75e7545b1e4aabd8d1bc0b2ccaafe529c4f48e1963a2035_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:5ad2b6d2f8d4904a0191fa5ccc18411a786e6579d188489fa12faf9fc068cc9c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:88949919f0aabc891dad1fd98ab58df3a08790765295741a8645f3b5d8a285db_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:a389155782f92006e5bba65e46a895f7cf452686543a14b7b1fa52406f9058cd_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-caikit-nlp-rhel9@sha256:11e5cb6b52e2184b332d632d8d7ad2c6976a034f270274d37b28ce712bd2cc36_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-caikit-nlp-rhel9@sha256:70a961b976ef12b9986a68034d127cb9ba998ff75b64e877f9ee3a10f06f0106_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-caikit-tgis-serving-rhel9@sha256:4c34b2d480f5ebd149fc4a0d1d6091a408cc7f1b258445805a1e4cbef3d7d0d2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-caikit-tgis-serving-rhel9@sha256:81157ed2f613acec8425198f643fc55071792deffce6d9aee3542c8ea07c4d1a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:6331e14388d919390d1af6585eeff151b65ad4c9860745134def57dba26bb97e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:66615f22e0deca10743431636bad74e3ed4fb112dee8d0c3c8f27a380e38ae70_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:873dbf82b3b38ae1518019c143e403bed9dc1ecac199f850edff82b2b0f95231_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:c8fba2ae05c577c06c90364b6d94d92d5470c3150f07c001bbdfed40707220e2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:f7933e6dc10f8169ae87369a3ff62bee34d43d8d1c838f7ae833d0908d54a45d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:36e001b965f7eebd64b872def5c57231de0819469d7a26ea86df744f28c2785a_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:81ce7ecaafd32d352a24ac27dafd6afba1f124f734df7c4fa1864b757759a6bc_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:af3fa2677f47b424b7e8712505ef30e7ead5c445c77bc32360c4ff5c2ea24b93_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:2295017f41d6d273157b8f094074690f49521d3e0680580e26e37a9ab545d6fc_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:3eb5049152b666d5cf4bce10957e8ac31bc0a2e74a846d56f9fa15196108f1c2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:4e4dc115dcb1061785653fcecbd2e81ff6089b62cf9ee0fda10eb87466047e39_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feast-operator-rhel9@sha256:14fde57a474874674cfafad3a508ac5645cd50c12c2a267d0235944a77803640_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feast-operator-rhel9@sha256:81c034b0d7ca5042b273697e7ff6a58c913cc1f9b514df46d44774b6346883a1_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feast-operator-rhel9@sha256:bf6ebf0abb38d3d5787f6e3ddf6e7ec2fd30d36c7607986cd8067b1099cbf571_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feature-server-rhel9@sha256:0ea130b6f98f7addc0128ac96e373dd685556ef1dbc8fa5400683f4b91425940_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feature-server-rhel9@sha256:1e921ff8d31f51a8cf001e62f8ec3d4b999260ac0c6eafcc601d09a4ec4bdf3a_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feature-server-rhel9@sha256:915cb9d745de85847cb147bc34a8c95453bf54cd5c3747fbaefad66bba32b9d9_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:1ac518cbe7ed66f94fa11d48c19e1fc4c4a6972d070ec2e4ce8699c0d33a7c56_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:20c912ccbfe525ee8850e818255cc46549b734b4befda1bc5876f4d46dfa36ae_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:4c5adfffb316f3dd40499fb17c38f761c5b364639cd7cd30a49d7621b4ca4c60_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-fms-guardrails-orchestrator-rhel9@sha256:6b74c03967d50504a813c8c3c5fa48c7cb30cd09c98bb0bac0b6148d63aebcdc_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:51866ab99ca80fa1090ae4b10254f4c73362c0136187b8459e290be8392e0a1e_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:77715e48401fe876d99dbfcc4c198afdc5c290b7510960896ba1622ed6ca7f79_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:91b8c0b48fa8e0704b6d16b516e08b0fe39614b9b089e1f15102288bf5d60959_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:960ec175b82072a4c88af0ba47f2a9b2a0b15895cf2571c0bb442caee71bc221_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:3b365965099e17509fffd095610bd58e709feb1cf3e35ad118c5a8aa52ff8f12_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:7293f49b5919ab43d2e8f6ff3a6dea6c88e34fdfaf2570c43ad221a94c03e8ee_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:a990326e7004c46de55e42f5944d0105b6d04da2dd1ce94d342869407bb98807_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kf-notebook-controller-rhel9@sha256:c73e6521aa644290a8848db4a8953192d3a527843560ca80424a1323133aaea2_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:2a9e4f6b7abbb962922ecdb473ff44902a7b6ef811bdbc08c27db2460dde515d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:a8935624aae93ce1ede521508a9148e8ed0d4ada0c8ccd36c3cfcb3971cb2b29_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:bdc7caa4dfa31d3ab73f6dab5f96af60fc47f8175066eb117bc5bfed1eb6413a_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-agent-rhel9@sha256:d88abafc4a46463442434b6622577fdb3ba938496a50c7afe3af3fbb0b2b091e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:5b2d40d8d71e583e1bb3f374b724b58ee78a04b8c15e3fc13a249adc3b4c37c0_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:8a3021116d34e958681022873a7a249f9331031df1659181a593c9abc48ca697_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:8cfd70b3f0864c54c1bcc0ae9f11337c4570aa2c6ced8140810a997b7a842c93_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-controller-rhel9@sha256:f2c8c8a8198292184c29dc3de0b0d341fca30d42191e5e86caa43eaae46eff7c_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:173c0c8ed96e35def73f92bff784eb332de45924502f04b2d9c7a191581fdbeb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:280c53068de6bd3bad6a5d32dd50f322b8d1f92615097fa15f63188bedfed00d_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:584315e5697664ba0a6814033c7bc179bf400aac665627bf1291b83c527ab5d2_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-router-rhel9@sha256:bd4d9178fa38f29972af15da5dc663f9636c033f10b7503616adbfea78f7f1ad_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:26beb55e89fe94805cad1d718d64000a61ccef6510a360d57af7f4300a25ed49_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:50731e11aab49e36bb9e5cf23b88ac8591c22df1f98a11c9e65ff0e47f8ae2f9_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:509b53d9ccd21683c81b4e42770dc0d90e9c05de5f20df7edf1fa0c7591b8ae2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kserve-storage-initializer-rhel9@sha256:fb25360c741915fa13d4b43049d369a7de295a97417e5401382f95701f463935_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:50d35e3e4c759fc9b61934b099d412cf0dee4e491965d4db8c4589ccc68eee49_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kuberay-operator-controller-rhel9@sha256:deb42642848d93134455de3ae6a6f3f9378076ef9c038029cb1f302fb29dda07_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:a1b8003cb89c9bf7d51c857b27b53965fa62abb0ce24fb1cda89f34a9d1c2e46_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:a7b50a2e83fb514f43e1887e965e13652396a576785964fe6173babdee638b05_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:cd682edaf2fe812615d6b3d98f6a9b4ff66d57f79169eeb192b0c9c5b05ccba1_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-kueue-controller-rhel9@sha256:e440d95feb1bd619c099d1e5460812287c7072d07d9d1e13fd9cbbbf09aceb82_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-core-rhel9@sha256:4f3e402082fd9064ef612b4306ba1da62f7b142d82b0f184b4b6ad65540927a9_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-core-rhel9@sha256:ef279e1fd560d020a552e75c43a762c9b8facc78aae067122f9f37af95652af5_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:c0d95dfbae20e87113ffb81026d379bb63ad300447df98b27d1bf9a83b084744_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:fa16b7eff701a70f7548fdcd6cfe1f691c70f61031ffd62b9af12921e21e831e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llm-d-inference-scheduler-rhel9@sha256:b491af7175d76a2633083e737142965ffa27ce91547eacaeb56412e4df811872_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llm-d-inference-scheduler-rhel9@sha256:b6da3e72cb8a8168fc0379d8af5514fac5ddf991b39486e20a700c60e23704a4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llm-d-routing-sidecar-rhel9@sha256:9908cfe2d50b00ee658382256af0a738cb0f719dfb37f5a1cdb5af1ca4500344_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-llm-d-routing-sidecar-rhel9@sha256:d60a0e26725789985f6c2b5b0b68cecbe45f27089f5192a6e957caf2f6cdbdb2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:468cd1ec5882a82f2e3d7a0c5634d80bc272908703194e5950e3eebf5b2f6b54_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:80da179d8cc59245c6424ebe7bc4b25fd23bb9c83a71c1d22b3b4ee5d5a7b37a_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-api-server-v2-rhel9@sha256:be7d70ba27a9c09b4fb4e6bae222f7e58cb3c813407d5a9dd3219a4a82cb55b0_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:52f55f3225d0f4d0f7ea2017f5138344cf9f206398546ce8e1598764111935a4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:91add789382d1e87ef73f6df4275e0dea8d24330a785c99c5292832341ad5266_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-driver-rhel9@sha256:b9d03b00198d04bee1f7c5f83f90f556c7eab3a462a926d7170bedc7a22b7520_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:67deadc75f0552f04b3815ba81615edfa7909e03b1505cf74c315db6e5a8ca76_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:bef83517710b3137f5004c13870c6af61f4e6c78dc81a7f2cfe2ffa1dd46c524_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-launcher-rhel9@sha256:bf7638364b0afc379e25aa8ad6a6f8cc0d6cfc7fbd597831c9537472f9925d98_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:20647b054e2518ebe50745506932e2af1cc247b5e2876e36142cf25b318980fa_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:c3e8c04fad71e76381e05f43d9277f6fd523d9aada895bd0ca20bca48944ff68_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-persistenceagent-v2-rhel9@sha256:ebef4624564bb028554772ffafca61c2d74137d453566b7b1c04ac2e3015bb90_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:91aab4a10d8cc1340044c6297ae1bd0a5744c41164a3d83b3bf455a275f9f5cd_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:93436f429cc5fd089a464f22ed51a00505db398fe90c02565c83a6f72f265f45_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-runtime-generic-rhel9@sha256:e15c9c336a37dc83afbb1b0a69a9b5dd50ac515f0cde2560a4d00ed6bba7d244_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:ed02fb5e34ac2c6debd735b55af998d453d1cad29a108e924837bdee9b832a08_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f3fbc2fd0ac0b4677fdef170818c25235369103d2123dffb55d3d42bacd76663_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ml-pipelines-scheduledworkflow-v2-rhel9@sha256:f77a24d488369ffa73ac4275f3b600c149279c0cea6304d3d4333d2d49b5baea_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:01433193ce362a8165862b72f9a095184673a77ae802f125ca18c7aa42ac9333_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:39a05ceaeecda6fa31e5bec7eb2613451db74190d9f466344f6694fa9fb02b5c_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mlmd-grpc-server-rhel9@sha256:ab93a3d6489d5f64c6193748091c7c07f75cc25ec0a83abcb0605d4919281640_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:45a875b1e295421cfce026f3f02388f0782613fcd4ffa5b3a4f143dc317739b0_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mm-rest-proxy-rhel9@sha256:47c2b0fddc529f3eac61fcf4fec9afe61fd63e711994c72b1d84adf8fa46986e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:1c985e860d986a8f7be4fe2afc7176d9a905f187252cdb61206c81cf8389aa45_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:434c592a3457d383532303e4ca608ec7a99a3ae517a00bc3af1d2d80028609fe_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:981a2ea3d88b08e312e521c87dca79497991d7cf66304a279e9ca0a50fec5774_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:d4687faf278546087f07a091d654f5a3723985b28ace8632249a8dd6b81a644f_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:189397a122e85b746a45993fc6e1a4e4f65d748fb92138d2048b88f919a6d5e4_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:4eb742df1df9bb754adac6df9ea0c6150da2548d4e4f8df2841815a4ca3ff0fb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:90ea3f8de580cddc460c62e4777dfddb7ec3ec98d22ee1a2ec39766d3f323af3_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-metadata-collection-rhel9@sha256:e465a23c2107028933200f1d4286f7183a514237dfb678074f61b0c0ce3b673a_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:1eaaf44444a5c06551ab4ed08d1f63e58bbaf6f99d72cd5e6045dc0e4f784e14_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:994e2cf04a3fac9c9d3002a1e09cb1d7ddc39ace4083efcdf797ff406dbd2480_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:d4d70a9fd8dcea2315b29ea36c085b6a37bd317fb7df6688993f4e7b62a2a47e_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-job-async-upload-rhel9@sha256:eadabd1ca3be57aa8e3e92795d8dcd40985e841dc4e164d0ebc4e272b40bac3e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:2c0f9298efa8fcae81f129122b8cdf2e2391a7042cf4a9b44faf125b1f0e0f73_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:49944a86d30194982f92a0bba70e02682715bc3bd8ae72fcf855b7509f993496_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:4de60e3690b5cd87a4057b7818f888e2bd97ef5b96b99c4c7dd249c1fff7ca38_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:a977560da71f539a5e7076deb6d374afba36121c877f59e85310895f2045d3ee_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:2be50d667e5c0f2e06e60e4f62d744aea9116332ae728919b7cf7a246b618664_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:419c6ec3e5fea5d957a8e4cd5510995d2f4a6b0537fe94ea82dfebab975a42a2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:723112cb61845745edf0d9ef5354c4845be6fbe5cb11ab3166c17b207130a943_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-model-registry-rhel9@sha256:bc3041ddf8d7b7b2289cc5e4e1220b600ee0b34a6d3d8a85b8bd3761abea7e0d_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:6c53139b9dfc9dca16c31f9fd78cbb338a79311d42a823b344f9bdefb99733e7_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-rhel9@sha256:d0c2eaa242cedd58d0810f5a326b8dc4ce54a38a8579c5fdfda3bd8e30e74e75_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:c05de2381d517323b0ae164f7b3cf23d9f8c641ea47e2cd0a897224429ed5533_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-runtime-adapter-rhel9@sha256:f2f82d2a1a33b36097d7bf16fa53cde6baebfcd170def12f75d3da6fe292a78c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:4fe3535468b5d6b49d08056ccd51284887baf1fc4a1cb7e7291057c2cf85f5f2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:ef5b9e57765b47b45c682075fcd8017f1eff985de28c1baad33617964c006a52_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:16b8ccd7cb2600a2225eee5317bf7250c37f45a7e58a43ffbdaf862e9066f0a0_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:314e3ae61356b86a365bace1060f7cd6013e46ff88dace6bb2b61c281c287827_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:6f96d9a820c7cc7aa4f4b64a6b2910fd37949c9c941620ad274ee015d8276613_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-must-gather-rhel9@sha256:a4e9cfc29cf740ac5914cca780fa2384646990c043048fa55151ff4f5df00fa2_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:72278a1be67fa3887019782dbbcbfe9399dbb3eb6a02ee1d55010fd7bad464f5_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:8aa7ebdea91590ecfab30e333dc62577a8e873fe014f21628fee904c040da3c6_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:ab51ed9b5aea2919f8a62c0d99c6e3f7defe69056290b3062a636f4a1a8aecc2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:d87a20577e08cbc139f48ab3154cc94b15597c67ff1351899fa4ca59d04bff58_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-openvino-model-server-rhel9@sha256:fbfd2e7078a290dc240310e34bdf65eaf4b4fec5f6d5440e400b5481960ef448_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-operator-bundle@sha256:241f14acf737b23def38e8ad03707c575ddb20772a20995ee90b55b74c6e5557_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:16d6fcea2a0d24da26ee5e784d20a5d2af9db6e99e804bf2c6b8c2d88fd41485_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:c16728de5b7bf18f51d480dec3a6b398c738c6bc6e144cb42d3c89bc6ecb9df2_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:e6399638e0138333e4493d200bde94039c097773b677a1d0e4d07e81cee9ef00_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-rhel9-operator@sha256:ef1dbf4b3d733bca3f599ef8a3a5173650ef26dd1f422e464d637b41dadb1f1d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:67fce9de4e734d3e32c1cbdc60831ad54fe10d9265333535590d7b154281ead8_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:7a8408dd838cc49f46ddbab416ded7f0e17cdf70fd53c4989aced80735401e23_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:af384a9f034c11f7bb2a4acdf3bcd6087282c1a18b6817a82abed5b8638c6951_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-driver-rhel9@sha256:fb238efd1812752a8ce8b47a9418f71c434d2560e0b06ad2cd8437d64a98498f_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:521682a029cda192fdd8ebde9245c7eba540c8f97bca2cbb3e84189a9897572e_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:616eb0426a428db355c82ef6763290c4e493be44b0b4c5411a55f57e9d0f13aa_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:8dd600e003d1b6395f1406fc31c17f7204ec6cce0e067dac8c2f3cbed4534c49_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-ta-lmes-job-rhel9@sha256:eed2ac205ef82e2534e721cb23e9e4c2e7ceb41dcd3bf98267c2cf987112db19_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-cuda121-torch24-py311-rhel9@sha256:3a8dd739be30f5d682f3a05e4f34644039458dcb630d172548b2bb4b15877ecb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-cuda124-torch25-py311-rhel9@sha256:67731cbfb492941b8711b0c602726070859222026006a43e6c2277355e7a27da_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:2980f5cddc9a58ad489e9e2beca20f1d8c8a75f814be7ce673db003f0e6de579_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:77a27c980f9882272734739b5f6a8635e1acd303a4ca69a5635add956a4fe89f_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-operator-rhel9@sha256:bcebd560c77cf1a02e70a26fda256d1af078d7aafe57fed52c96b699f7381876_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-rocm62-torch24-py311-rhel9@sha256:2c412361f470d93c05cb1bf0f38380b31cac8f48b21983c9709b9f6edd0ad5e1_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-training-rocm62-torch25-py311-rhel9@sha256:96cfb8aa1789dac69f6f6e91d66073f2757a04329c5b9ff4be6d506f370f5d5d_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:4c61c28b243a1e6d0f765fd37281f5e7abbb85fd2f09b5a1963aedf3b359fb9a_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:9b24fa0cbf418b4531a5c57eb302a4235bcc15008727a857b63b8a9a54315e08_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:c0558782a9ce1fcd3530aaa0e83f330f15c7e76f5543876fe72c420bfe970d59_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:d0549a90f03c87bb0d2e811123b56f71caee1df38ea8016a6338cba3b0a060c5_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:74f401ef1af1ee81c4f09de1c2874e9b1a9667c847e01a09b224f6e6628f3860_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:7ab2029ebe7ade1697ad33ab5ec7552eff355cb09d2fcbcc0fee938c39c5eb98_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:8ee4bfb7fbb1e28c1678f2471c1eec5451f4833a4c6c7c791a08c4872c330137_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-service-rhel9@sha256:a5f954cd1f5e59220266e5aad4446d5cc923253606b2c3a4ce303d74a6885604_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:5957a6eee180b64492d9203571a0466c0da23cd275f1778927dd94a54f27b93b_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:75a6fdf619836b3da7198a2d6588cf8d8f895b8db7507318370c316d37616df8_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:90c886f732e038e7c7394d490dbb0d5e69433cdb2b020bea26d26e02fb1ea30e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-trustyai-vllm-orchestrator-gateway-rhel9@sha256:b5fe5f528b0a9c8fb45beba3a4b4fccdf132285febc41291fdc5f9d648098b60_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:2e62aca12b975fa68c15bf7a4f7cde9c45f4843e2b464646832cda8e1787e952_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cpu-rhel9@sha256:d2ce36d1f2d19fef64320af65a24fe313432ccd8f0fbf205f981fdba5a4e6bc3_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cuda-rhel9@sha256:1e8b4f9fdc32213a45824c441171218fd4814ff5ea718b31fc0f74d9322f1a3f_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-cuda-rhel9@sha256:78ccc2cef82e18943e3d9f3433597a77c3430814ab9f042c5b2a9e907049f8de_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-gaudi-rhel9@sha256:a2d2b3da2877d3857b6e4dd3685ae12631b847fb4daf7a56234a4655e45cde0f_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-vllm-rocm-rhel9@sha256:7cf5a595faf09636baa94db52be028d4d4d1e2be0fc4748d276719387b2de3b4_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2417097"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in node-forge. This vulnerability allows unauthenticated attackers to bypass downstream cryptographic verifications and security decisions via crafting ASN.1 (Abstract Syntax Notation One) structures to desynchronize schema validations, yielding a semantic divergence.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: node-forge: Interpretation conflict vulnerability allows bypassing cryptographic verifications",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products due to an interpretation conflict in the node-forge library. An unauthenticated attacker could exploit this flaw by crafting malicious ASN.1 structures, leading to a bypass of cryptographic verifications and security decisions in affected applications. This impacts various Red Hat products that utilize node-forge for cryptographic operations.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:24f8d43160dc19c70e41cbbba12f688e1ac84a21077bf932aae7fea2ec24afb5_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:7c4110fe722576a3e8f65c4e6ae155be27e805b43e8ac8ca7ef82f3990a99874_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:8adc9de681e4d883ee9eac8b0fdcd2f2b1a22cb92ce90f8a63d46e30a7e5f61e_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-dashboard-rhel9@sha256:91389e1c6b30eebfc2f4a5c48bb2d499942b33d89a5419fc1903c180f0087cee_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:21dbe80b1a0ba0f54219f6349737e9647f2f07e4d8c293b8841853ba184cf978_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:41443496092034e0591f625f6bb25fc2da592bc316878426aa286d6b9d8a5f20_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:a17ebde45f294859d21882537c89af095a5893716f965f4866ac2acb307bc4a8_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:f632916f22e58f24a4e7a731f62921f13f4c1d0e946f7ac983acbfe671e390b7_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:360b97cfa5cc929c7fd33172eb80f7f71c298335c4271030fa124cc33a6cb1d8_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:7a354b91b17b33b26c57c3b8a90747c31569bb7c40ce473534a5ba5f173d7322_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:88fbe21741f4052b4fb118c652e5f39ae28937e8b60fad930945be8ac3351eec_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-datascience-cpu-py312-rhel9@sha256:d17199ec02f3f62ed061a5d51d8a9f7497dcade091a7b3c01ad14a781f6e97df_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:00390c9d7dc34d84a819429e0b881e5fae11a659f2dde48689e102c8eddb3fe2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:9414a3f5c38ef2fe7ed73f70bb2cf7c3f271ea75c941bce2561e74b81251c153_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:c35c95fa0511503853770594040357cba04649739f4a61f862f6ac4de8b636eb_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-minimal-cpu-py312-rhel9@sha256:d017ace8b157f711e269dd0a1f073235eaa9f4c58a7ff8fc974ae3d05efb80a6_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-pytorch-cuda-py312-rhel9@sha256:0780f52efa6c68ea2fb6371edfbd8b703157c38911803985bb1a676c84e073b5_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-pytorch-llmcompressor-cuda-py312-rhel9@sha256:a202c9ec6be34c4be1793e4f9f348077f345c450e0fcd04071d5092f266df9b4_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-pytorch-rocm-py312-rhel9@sha256:e18d2d006c8cd4e3d3816540e154f421e7550a96f73901a799c15a5b4fe576db_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-tensorflow-cuda-py312-rhel9@sha256:6e8f2fc28114e00d6f46450f111916b5b4efbdc1cee78596d36cd24baaea0c1c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-tensorflow-cuda-py312-rhel9@sha256:fa2b62d5001452ad077383bc63124f021bbef766fb104203a9a05bba87332d8e_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-pipeline-runtime-tensorflow-rocm-py312-rhel9@sha256:3bdeae6f78230e1d966cf7a3f35ea821c808f40cc4c2abb7af9b1748f5611826_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-codeserver-datascience-cpu-py312-rhel9@sha256:012089e186f66a139d3dbab861f2c88e18c7953b81381872fb5ccf78465ab641_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-codeserver-datascience-cpu-py312-rhel9@sha256:2b6b580b98ece481ae56d3106d1f555502482e158747dbfa696f5b8b01e69732_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-codeserver-datascience-cpu-py312-rhel9@sha256:b1ae091d2676b195a4fe49130d26d28bb1ecd6b346533ebfafd04e438d9787a3_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:6061305164604c2715095f95b8a5ffad2acebb8e7e9db1483c7f9305626f396e_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:62a04dfef095c14dcf8ae37af42f49ad410d0525eb47c509d53c0469cdf09b8c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:8f3cfa79c68587c251805f01acc84a6a24bc08505a7548a9b3aebc8f58ed8a25_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-datascience-cpu-py312-rhel9@sha256:b15df9b9947b193cf648102945059587d5f56353b3a2f97e148ec30c34ec3953_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:267b5f0d8edc1ffa3cb8f069fd83483712c17de02d0d8568cd9bda0b2389ebf0_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:300d59e66dee9bfc24d53cc14428c1fd95ea714e34a1b75b1317bd5a7f182150_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:7ea4b2d6a2da83adf6680f65621575c4cae8ac246d52c6a59c1bebc6d7c73295_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cpu-py312-rhel9@sha256:ccb50d7b1baa491283897be4f3c2a4bf9d8e3d2e7aa6fb3b18874abe9d43ea44_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cuda-py312-rhel9@sha256:0a10e0df52a41f7ca9053f3292befde92ab9e1c2965bc3a2bdbe51eaeb5b8e48_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-cuda-py312-rhel9@sha256:47ebda63b857cae1475cb195d372db7a7a4ee729d286e1da386bdf5972d81482_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-minimal-rocm-py312-rhel9@sha256:158c783d59cdbdb9028c4dd760632edd7295330b5dcebbe0017bff4089635c3a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-pytorch-cuda-py312-rhel9@sha256:fbe346eafcfbb867f595cbad5ea0190fabbabc61ad80a4be2265e0e2b0149f68_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-pytorch-llmcompressor-cuda-py312-rhel9@sha256:fec8bf2d539fd00df8854a723bae98b7e173c43153c3132ba459bc0e9a86ae35_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-pytorch-rocm-py312-rhel9@sha256:b19482e4008ac03a39b432fb3056bb1ab372ef1617df5bbfe784bc2910b6827a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-tensorflow-cuda-py312-rhel9@sha256:1213d9e9a56ec3fddb887082d95c2ac168876eee8592aba265aeadd7ffad3898_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-tensorflow-cuda-py312-rhel9@sha256:bcb20d34a700e232c713123cc3b55ab538261d4f185f5ec532ba8c432a91676c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-tensorflow-rocm-py312-rhel9@sha256:85abac79e8d09b61a9fffb0b5d3fd2a3f9da65bad9573a72cecb878a81357dcf_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-trustyai-cpu-py312-rhel9@sha256:992d644dbe23533126eee70cf983e9afdf31efa558b7a435cc08ad3e14923090_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-trustyai-cpu-py312-rhel9@sha256:b14e6b2a5f4b66dacfcd6c336e2a9e057b1d3ce7de902f0090d9a150a8292a84_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-workbench-jupyter-trustyai-cpu-py312-rhel9@sha256:dc4a277cebbdc373534b73a432085d3a4b502e3c189fe75da8f0441ff9d3ce2c_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:51403d59dbd78a41d75e7545b1e4aabd8d1bc0b2ccaafe529c4f48e1963a2035_s390x",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:5ad2b6d2f8d4904a0191fa5ccc18411a786e6579d188489fa12faf9fc068cc9c_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:88949919f0aabc891dad1fd98ab58df3a08790765295741a8645f3b5d8a285db_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-built-in-detector-rhel9@sha256:a389155782f92006e5bba65e46a895f7cf452686543a14b7b1fa52406f9058cd_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-caikit-nlp-rhel9@sha256:11e5cb6b52e2184b332d632d8d7ad2c6976a034f270274d37b28ce712bd2cc36_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-caikit-nlp-rhel9@sha256:70a961b976ef12b9986a68034d127cb9ba998ff75b64e877f9ee3a10f06f0106_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-caikit-tgis-serving-rhel9@sha256:4c34b2d480f5ebd149fc4a0d1d6091a408cc7f1b258445805a1e4cbef3d7d0d2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-caikit-tgis-serving-rhel9@sha256:81157ed2f613acec8425198f643fc55071792deffce6d9aee3542c8ea07c4d1a_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:6331e14388d919390d1af6585eeff151b65ad4c9860745134def57dba26bb97e_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:66615f22e0deca10743431636bad74e3ed4fb112dee8d0c3c8f27a380e38ae70_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:873dbf82b3b38ae1518019c143e403bed9dc1ecac199f850edff82b2b0f95231_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:c8fba2ae05c577c06c90364b6d94d92d5470c3150f07c001bbdfed40707220e2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:f7933e6dc10f8169ae87369a3ff62bee34d43d8d1c838f7ae833d0908d54a45d_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:36e001b965f7eebd64b872def5c57231de0819469d7a26ea86df744f28c2785a_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:81ce7ecaafd32d352a24ac27dafd6afba1f124f734df7c4fa1864b757759a6bc_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel9@sha256:af3fa2677f47b424b7e8712505ef30e7ead5c445c77bc32360c4ff5c2ea24b93_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:2295017f41d6d273157b8f094074690f49521d3e0680580e26e37a9ab545d6fc_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:3eb5049152b666d5cf4bce10957e8ac31bc0a2e74a846d56f9fa15196108f1c2_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-data-science-pipelines-operator-controller-rhel9@sha256:4e4dc115dcb1061785653fcecbd2e81ff6089b62cf9ee0fda10eb87466047e39_amd64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feast-operator-rhel9@sha256:14fde57a474874674cfafad3a508ac5645cd50c12c2a267d0235944a77803640_arm64",
"Red Hat OpenShift AI 2.25:registry.redhat.io/rhoai/odh-feast-operator-rhel9@sha256:81c034b0d7ca5042b273697e7ff6a58c913cc1f9b514df46d44774b6346883a1_ppc64le",
"Red Hat OpenShift AI 2.25:registry.redhat.i