Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-61729 (GCVE-0-2025-61729)
Vulnerability from cvelistv5 – Published: 2025-12-02 18:54 – Updated: 2025-12-03 19:37
VLAI?
EPSS
Title
Excessive resource consumption when printing error string for host certificate validation in crypto/x509
Summary
Within HostnameError.Error(), when constructing an error string, there is no limit to the number of hosts that will be printed out. Furthermore, the error string is constructed by repeated string concatenation, leading to quadratic runtime. Therefore, a certificate provided by a malicious actor can result in excessive resource consumption.
Severity ?
7.5 (High)
CWE
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Go standard library | crypto/x509 |
Affected:
0 , < 1.24.11
(semver)
Affected: 1.25.0 , < 1.25.5 (semver) |
Credits
Philippe Antoine (Catena cyber)
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-61729",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-02T21:52:36.341575Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-02T21:52:58.224Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://pkg.go.dev",
"defaultStatus": "unaffected",
"packageName": "crypto/x509",
"product": "crypto/x509",
"programRoutines": [
{
"name": "Certificate.VerifyHostname"
},
{
"name": "Certificate.Verify"
}
],
"vendor": "Go standard library",
"versions": [
{
"lessThan": "1.24.11",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "1.25.5",
"status": "affected",
"version": "1.25.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Philippe Antoine (Catena cyber)"
}
],
"descriptions": [
{
"lang": "en",
"value": "Within HostnameError.Error(), when constructing an error string, there is no limit to the number of hosts that will be printed out. Furthermore, the error string is constructed by repeated string concatenation, leading to quadratic runtime. Therefore, a certificate provided by a malicious actor can result in excessive resource consumption."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-400: Uncontrolled Resource Consumption",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-03T19:37:14.903Z",
"orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"shortName": "Go"
},
"references": [
{
"url": "https://go.dev/cl/725920"
},
{
"url": "https://go.dev/issue/76445"
},
{
"url": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4"
},
{
"url": "https://pkg.go.dev/vuln/GO-2025-4155"
}
],
"title": "Excessive resource consumption when printing error string for host certificate validation in crypto/x509"
}
},
"cveMetadata": {
"assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"assignerShortName": "Go",
"cveId": "CVE-2025-61729",
"datePublished": "2025-12-02T18:54:10.166Z",
"dateReserved": "2025-09-30T15:05:03.605Z",
"dateUpdated": "2025-12-03T19:37:14.903Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2025-61729",
"date": "2026-05-07",
"epss": "0.00012",
"percentile": "0.01538"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2025-61729\",\"sourceIdentifier\":\"security@golang.org\",\"published\":\"2025-12-02T19:15:51.447\",\"lastModified\":\"2025-12-19T18:25:28.283\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Within HostnameError.Error(), when constructing an error string, there is no limit to the number of hosts that will be printed out. Furthermore, the error string is constructed by repeated string concatenation, leading to quadratic runtime. Therefore, a certificate provided by a malicious actor can result in excessive resource consumption.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-295\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.24.11\",\"matchCriteriaId\":\"F2E6FD2A-A487-4099-B91D-2429F286AC6D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.25.0\",\"versionEndExcluding\":\"1.25.5\",\"matchCriteriaId\":\"39C03A37-B94B-46E4-B1C2-A70A870F8E53\"}]}]}],\"references\":[{\"url\":\"https://go.dev/cl/725920\",\"source\":\"security@golang.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://go.dev/issue/76445\",\"source\":\"security@golang.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://groups.google.com/g/golang-announce/c/8FJoBkPddm4\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\",\"Release Notes\"]},{\"url\":\"https://pkg.go.dev/vuln/GO-2025-4155\",\"source\":\"security@golang.org\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-61729\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-12-02T21:52:36.341575Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-12-02T21:52:53.822Z\"}}], \"cna\": {\"title\": \"Excessive resource consumption when printing error string for host certificate validation in crypto/x509\", \"credits\": [{\"lang\": \"en\", \"value\": \"Philippe Antoine (Catena cyber)\"}], \"affected\": [{\"vendor\": \"Go standard library\", \"product\": \"crypto/x509\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"1.24.11\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"1.25.0\", \"lessThan\": \"1.25.5\", \"versionType\": \"semver\"}], \"packageName\": \"crypto/x509\", \"collectionURL\": \"https://pkg.go.dev\", \"defaultStatus\": \"unaffected\", \"programRoutines\": [{\"name\": \"Certificate.VerifyHostname\"}, {\"name\": \"Certificate.Verify\"}]}], \"references\": [{\"url\": \"https://go.dev/cl/725920\"}, {\"url\": \"https://go.dev/issue/76445\"}, {\"url\": \"https://groups.google.com/g/golang-announce/c/8FJoBkPddm4\"}, {\"url\": \"https://pkg.go.dev/vuln/GO-2025-4155\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Within HostnameError.Error(), when constructing an error string, there is no limit to the number of hosts that will be printed out. Furthermore, the error string is constructed by repeated string concatenation, leading to quadratic runtime. Therefore, a certificate provided by a malicious actor can result in excessive resource consumption.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"CWE-400: Uncontrolled Resource Consumption\"}]}], \"providerMetadata\": {\"orgId\": \"1bb62c36-49e3-4200-9d77-64a1400537cc\", \"shortName\": \"Go\", \"dateUpdated\": \"2025-12-03T19:37:14.903Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-61729\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-12-03T19:37:14.903Z\", \"dateReserved\": \"2025-09-30T15:05:03.605Z\", \"assignerOrgId\": \"1bb62c36-49e3-4200-9d77-64a1400537cc\", \"datePublished\": \"2025-12-02T18:54:10.166Z\", \"assignerShortName\": \"Go\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
cleanstart-2026-fu04414
Vulnerability from cleanstart
Published
2026-04-30 00:38
Modified
2026-04-29 09:22
Summary
Docker CLI for Windows searches for plugin binaries in C:\\ProgramData\\Docker\\cli-plugins, a directory that does not exist by default
Details
Multiple security vulnerabilities affect the tekton-pipelines-fips package. Docker CLI for Windows searches for plugin binaries in C:\ProgramData\Docker\cli-plugins, a directory that does not exist by default. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "tekton-pipelines-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.9.2-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the tekton-pipelines-fips package. Docker CLI for Windows searches for plugin binaries in C:\\\\ProgramData\\\\Docker\\\\cli-plugins, a directory that does not exist by default. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-FU04414",
"modified": "2026-04-29T09:22:25Z",
"published": "2026-04-30T00:38:58.272669Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-FU04414.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-15558"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61732"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-34986"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39882"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39883"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-78h2-9frx-2jm8"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-9h8m-3fm2-qjrq"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-f6x5-jh6r-wrfv"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-hfvc-g4fc-pqhx"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-j5w8-q4qc-rx2x"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-mh2q-q3fh-2475"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-p436-gjf2-799p"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-p77j-4mvh-x3m3"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-w8rr-5gcm-pp58"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-15558"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61732"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39882"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39883"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Docker CLI for Windows searches for plugin binaries in C:\\\\ProgramData\\\\Docker\\\\cli-plugins, a directory that does not exist by default",
"upstream": [
"CVE-2025-15558",
"CVE-2025-61727",
"CVE-2025-61729",
"CVE-2025-61732",
"CVE-2025-68121",
"CVE-2026-24051",
"CVE-2026-33186",
"CVE-2026-34986",
"CVE-2026-39882",
"CVE-2026-39883",
"ghsa-78h2-9frx-2jm8",
"ghsa-9h8m-3fm2-qjrq",
"ghsa-f6x5-jh6r-wrfv",
"ghsa-hfvc-g4fc-pqhx",
"ghsa-j5w8-q4qc-rx2x",
"ghsa-mh2q-q3fh-2475",
"ghsa-p436-gjf2-799p",
"ghsa-p77j-4mvh-x3m3",
"ghsa-w8rr-5gcm-pp58"
]
}
cleanstart-2026-gn47077
Vulnerability from cleanstart
Published
2026-01-30 14:48
Modified
2026-01-29 18:58
Summary
Within HostnameError
Details
Multiple security vulnerabilities affect the rabbitmq-messaging-topology-operator package. Within HostnameError. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "rabbitmq-messaging-topology-operator"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.15.0-r1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the rabbitmq-messaging-topology-operator package. Within HostnameError. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-GN47077",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T14:48:53.159123Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-GN47077"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-6V2P-P943-PHR9"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-C6GW-W398-HV78"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-F6X5-JH6R-WRFV"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-J5W8-Q4QC-RX2X"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-QXP5-GW88-XV66"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-V778-237X-GJRC"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-VVGC-356P-C3XW"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-61727",
"CVE-2025-61729",
"GHSA-6V2P-P943-PHR9",
"GHSA-C6GW-W398-HV78",
"GHSA-F6X5-JH6R-WRFV",
"GHSA-J5W8-Q4QC-RX2X",
"GHSA-QXP5-GW88-XV66",
"GHSA-V778-237X-GJRC",
"GHSA-VVGC-356P-C3XW"
]
}
cleanstart-2026-fz95989
Vulnerability from cleanstart
Published
2026-01-30 14:40
Modified
2026-01-29 18:58
Summary
excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Details
Multiple security vulnerabilities affect the velero-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "velero-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.16.2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the velero-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-FZ95989",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T14:40:52.734894Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-FZ95989"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-F6X5-JH6R-WRFV"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-J5W8-Q4QC-RX2X"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate",
"upstream": [
"CVE-2025-61727",
"CVE-2025-61729",
"GHSA-F6X5-JH6R-WRFV",
"GHSA-J5W8-Q4QC-RX2X"
]
}
cleanstart-2026-pc16040
Vulnerability from cleanstart
Published
2026-01-30 15:37
Modified
2026-01-29 18:58
Summary
Within HostnameError
Details
Multiple security vulnerabilities affect the harbor-registry-fips package. Within HostnameError. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "harbor-registry-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.0.0-r1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the harbor-registry-fips package. Within HostnameError. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-PC16040",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T15:37:23.991168Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-PC16040"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-29923"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-29923"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-29923",
"CVE-2025-47913",
"CVE-2025-47914",
"CVE-2025-58181",
"CVE-2025-58183",
"CVE-2025-58185",
"CVE-2025-58187",
"CVE-2025-58188",
"CVE-2025-58189",
"CVE-2025-61723",
"CVE-2025-61724",
"CVE-2025-61725",
"CVE-2025-61727",
"CVE-2025-61729"
]
}
cleanstart-2026-qk01721
Vulnerability from cleanstart
Published
2026-01-30 15:32
Modified
2026-01-29 18:58
Summary
go-redis is the official Redis client library for the Go programming language
Details
Multiple security vulnerabilities affect the harbor-registry-fips package. go-redis is the official Redis client library for the Go programming language. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "harbor-registry-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.7.1-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the harbor-registry-fips package. go-redis is the official Redis client library for the Go programming language. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-QK01721",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T15:32:54.211133Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-QK01721"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-29923"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-29923"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "go-redis is the official Redis client library for the Go programming language",
"upstream": [
"CVE-2025-29923",
"CVE-2025-61727",
"CVE-2025-61729"
]
}
cleanstart-2026-dv06422
Vulnerability from cleanstart
Published
2026-01-30 15:40
Modified
2026-01-29 18:58
Summary
excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Details
Multiple security vulnerabilities affect the consul-k8s-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "consul-k8s-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.8.6-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the consul-k8s-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-DV06422",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T15:40:54.415037Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-DV06422"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-22871"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47903"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47907"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-W4QC-356P-C3XW"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22871"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47903"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47907"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate",
"upstream": [
"CVE-2025-22871",
"CVE-2025-47903",
"CVE-2025-47907",
"CVE-2025-61727",
"CVE-2025-61729",
"GHSA-W4QC-356P-C3XW"
]
}
cleanstart-2026-xo66167
Vulnerability from cleanstart
Published
2026-01-30 14:49
Modified
2026-01-29 18:58
Summary
excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Details
Multiple security vulnerabilities affect the prometheus-operator-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "prometheus-operator-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.87.0-r1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the prometheus-operator-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-XO66167",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T14:49:52.662006Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-XO66167.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-f6x5-jh6r-wrfv"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-j5w8-q4qc-rx2x"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate",
"upstream": [
"CVE-2025-61727",
"CVE-2025-61729",
"GHSA-f6x5-jh6r-wrfv",
"GHSA-j5w8-q4qc-rx2x"
]
}
cleanstart-2026-do09088
Vulnerability from cleanstart
Published
2026-04-01 09:47
Modified
2026-03-17 07:41
Summary
Security fixes for CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-61732, CVE-2025-67721, CVE-2025-68119, CVE-2025-68121, CVE-2026-1225, CVE-2026-1605, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, ghsa-72hv-8253-57qq applied in versions: 479-r0
Details
Multiple security vulnerabilities affect the trino package. These issues are resolved in later releases. See references for individual vulnerability details.
References
| URL | Type | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "trino"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "479-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the trino package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-DO09088",
"modified": "2026-03-17T07:41:03Z",
"published": "2026-04-01T09:47:03.615107Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-DO09088.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61732"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-67721"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68119"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-1225"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-1605"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-72hv-8253-57qq"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61732"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-67721"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68119"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1225"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1605"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27142"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-61732, CVE-2025-67721, CVE-2025-68119, CVE-2025-68121, CVE-2026-1225, CVE-2026-1605, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, ghsa-72hv-8253-57qq applied in versions: 479-r0",
"upstream": [
"CVE-2025-61726",
"CVE-2025-61727",
"CVE-2025-61728",
"CVE-2025-61729",
"CVE-2025-61730",
"CVE-2025-61732",
"CVE-2025-67721",
"CVE-2025-68119",
"CVE-2025-68121",
"CVE-2026-1225",
"CVE-2026-1605",
"CVE-2026-25679",
"CVE-2026-27139",
"CVE-2026-27142",
"ghsa-72hv-8253-57qq"
]
}
cleanstart-2026-pv98664
Vulnerability from cleanstart
Published
2026-04-01 09:23
Modified
2026-03-25 04:34
Summary
Security fixes for CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-68119, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x, ghsa-m6hq-p25p-ffr2, ghsa-p77j-4mvh-x3m3, ghsa-pwhc-rpq9-4c8w applied in versions: 0.6.4-r5, 0.6.4-r6, 0.7.0-r4
Details
Multiple security vulnerabilities affect the k8ssandra-client-fips package. These issues are resolved in later releases. See references for individual vulnerability details.
References
| URL | Type | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "k8ssandra-client-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.7.0-r4"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the k8ssandra-client-fips package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-PV98664",
"modified": "2026-03-25T04:34:22Z",
"published": "2026-04-01T09:23:47.321714Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-PV98664.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68119"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-f6x5-jh6r-wrfv"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-j5w8-q4qc-rx2x"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-m6hq-p25p-ffr2"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-p77j-4mvh-x3m3"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-pwhc-rpq9-4c8w"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68119"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27142"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-68119, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x, ghsa-m6hq-p25p-ffr2, ghsa-p77j-4mvh-x3m3, ghsa-pwhc-rpq9-4c8w applied in versions: 0.6.4-r5, 0.6.4-r6, 0.7.0-r4",
"upstream": [
"CVE-2025-58183",
"CVE-2025-58185",
"CVE-2025-58187",
"CVE-2025-58188",
"CVE-2025-58189",
"CVE-2025-61723",
"CVE-2025-61724",
"CVE-2025-61725",
"CVE-2025-61726",
"CVE-2025-61727",
"CVE-2025-61728",
"CVE-2025-61729",
"CVE-2025-61730",
"CVE-2025-68119",
"CVE-2026-25679",
"CVE-2026-27139",
"CVE-2026-27142",
"ghsa-f6x5-jh6r-wrfv",
"ghsa-j5w8-q4qc-rx2x",
"ghsa-m6hq-p25p-ffr2",
"ghsa-p77j-4mvh-x3m3",
"ghsa-pwhc-rpq9-4c8w"
]
}
cleanstart-2026-hy43775
Vulnerability from cleanstart
Published
2026-01-30 14:46
Modified
2026-01-29 18:58
Summary
Within HostnameError
Details
Multiple security vulnerabilities affect the vault-k8s package. Within HostnameError. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "vault-k8s"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.7.1-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the vault-k8s package. Within HostnameError. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-HY43775",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T14:46:52.607713Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-HY43775"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-58183",
"CVE-2025-58185",
"CVE-2025-58187",
"CVE-2025-58188",
"CVE-2025-58189",
"CVE-2025-61723",
"CVE-2025-61724",
"CVE-2025-61725",
"CVE-2025-61729"
]
}
cleanstart-2026-gv85693
Vulnerability from cleanstart
Published
2026-02-13 00:40
Modified
2026-02-12 13:07
Summary
SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process
Details
Multiple security vulnerabilities affect the cloudnative-pg-fips package. SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "cloudnative-pg-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.24.4-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the cloudnative-pg-fips package. SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-GV85693",
"modified": "2026-02-12T13:07:54Z",
"published": "2026-02-13T00:40:14.240914Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-GV85693"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process",
"upstream": [
"CVE-2025-47913",
"CVE-2025-47914",
"CVE-2025-58181",
"CVE-2025-61727",
"CVE-2025-61729"
]
}
cleanstart-2026-kc83705
Vulnerability from cleanstart
Published
2026-04-15 00:53
Modified
2026-04-14 09:04
Summary
During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions
Details
Multiple security vulnerabilities affect the tempo package. During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "tempo"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.9.0-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the tempo package. During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-KC83705",
"modified": "2026-04-14T09:04:57Z",
"published": "2026-04-15T00:53:10.163760Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-KC83705.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-11065"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-22868"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68119"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-28377"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32287"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33810"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-34986"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-2464-8j7c-4cjm"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-78h2-9frx-2jm8"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-cfpf-hrx2-8rv6"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-f6x5-jh6r-wrfv"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-fv92-fjc5-jj9h"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-j5w8-q4qc-rx2x"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-p77j-4mvh-x3m3"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-11065"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68119"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-28377"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32287"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33810"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions",
"upstream": [
"CVE-2025-11065",
"CVE-2025-22868",
"CVE-2025-61726",
"CVE-2025-61727",
"CVE-2025-61728",
"CVE-2025-61729",
"CVE-2025-61730",
"CVE-2025-68119",
"CVE-2026-24051",
"CVE-2026-28377",
"CVE-2026-32280",
"CVE-2026-32281",
"CVE-2026-32282",
"CVE-2026-32283",
"CVE-2026-32287",
"CVE-2026-32289",
"CVE-2026-33186",
"CVE-2026-33810",
"CVE-2026-34986",
"ghsa-2464-8j7c-4cjm",
"ghsa-78h2-9frx-2jm8",
"ghsa-cfpf-hrx2-8rv6",
"ghsa-f6x5-jh6r-wrfv",
"ghsa-fv92-fjc5-jj9h",
"ghsa-j5w8-q4qc-rx2x",
"ghsa-p77j-4mvh-x3m3"
]
}
cleanstart-2026-bq46815
Vulnerability from cleanstart
Published
2026-01-30 15:43
Modified
2026-01-29 18:58
Summary
excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Details
Multiple security vulnerabilities affect the consul-k8s-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "consul-k8s-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.7.8-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the consul-k8s-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-BQ46815",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T15:43:24.142238Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-BQ46815"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-22871"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47903"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47907"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-W4QC-356P-C3XW"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22871"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47903"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47907"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate",
"upstream": [
"CVE-2025-22871",
"CVE-2025-47903",
"CVE-2025-47907",
"CVE-2025-61727",
"CVE-2025-61729",
"GHSA-W4QC-356P-C3XW"
]
}
cleanstart-2026-kv78041
Vulnerability from cleanstart
Published
2026-01-30 14:56
Modified
2026-01-29 18:58
Summary
processing time for parsing some invalid inputs scales non-linearly with respect to the size of the input
Details
Multiple security vulnerabilities affect the step-issuer-fips package. The processing time for parsing some invalid inputs scales non-linearly with respect to the size of the input. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "step-issuer-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.9.11-r1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the step-issuer-fips package. The processing time for parsing some invalid inputs scales non-linearly with respect to the size of the input. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-KV78041",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T14:56:23.125184Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-KV78041"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-44005"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-62820"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-66406"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-44005"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62820"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66406"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "processing time for parsing some invalid inputs scales non-linearly with respect to the size of the input",
"upstream": [
"CVE-2025-44005",
"CVE-2025-47913",
"CVE-2025-47914",
"CVE-2025-58181",
"CVE-2025-58183",
"CVE-2025-58185",
"CVE-2025-58187",
"CVE-2025-58188",
"CVE-2025-58189",
"CVE-2025-61723",
"CVE-2025-61724",
"CVE-2025-61725",
"CVE-2025-61727",
"CVE-2025-61729",
"CVE-2025-62820",
"CVE-2025-66406"
]
}
cleanstart-2026-ck35256
Vulnerability from cleanstart
Published
2026-01-30 17:21
Modified
2026-01-29 18:58
Summary
Within HostnameError
Details
Multiple security vulnerabilities affect the opentofu-fips package. Within HostnameError. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "opentofu-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.9.4-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the opentofu-fips package. Within HostnameError. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-CK35256",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T17:21:56.458213Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-CK35256"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-2464-8J7C-4CJM"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-2X5J-VHC8-9CWM"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-6V2P-P543-PHR9"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-C6GW-W398-HV78"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-FV92-FJC5-JJ9H"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-HCG3-Q754-CR77"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-JC7W-C686-C4V9"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-MH63-6H87-95CP"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-QXP5-GWG8-XV66"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-VVGC-356P-C3XW"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-WJRX-6529-HCJ3"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-47913",
"CVE-2025-47914",
"CVE-2025-58181",
"CVE-2025-61727",
"CVE-2025-61729",
"GHSA-2464-8J7C-4CJM",
"GHSA-2X5J-VHC8-9CWM",
"GHSA-6V2P-P543-PHR9",
"GHSA-C6GW-W398-HV78",
"GHSA-FV92-FJC5-JJ9H",
"GHSA-HCG3-Q754-CR77",
"GHSA-JC7W-C686-C4V9",
"GHSA-MH63-6H87-95CP",
"GHSA-QXP5-GWG8-XV66",
"GHSA-VVGC-356P-C3XW",
"GHSA-WJRX-6529-HCJ3"
]
}
cleanstart-2026-hl71566
Vulnerability from cleanstart
Published
2026-01-30 16:50
Modified
2026-01-29 18:58
Summary
excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Details
Multiple security vulnerabilities affect the docker-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "docker-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "28.4.0-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the docker-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-HL71566",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T16:50:56.129322Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-HL71566"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-13509"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2019-14271"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-13401"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-21285"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-41089"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-29526"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2023-26054"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-23650"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-23651"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-23652"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-23653"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-24557"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-41110"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-13509"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14271"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-13401"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21285"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-41089"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-29526"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-26054"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23650"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23651"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23652"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23653"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24557"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-41110"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate",
"upstream": [
"CVE-2019-13509",
"CVE-2019-14271",
"CVE-2020-13401",
"CVE-2021-21285",
"CVE-2021-41089",
"CVE-2022-29526",
"CVE-2023-26054",
"CVE-2024-23650",
"CVE-2024-23651",
"CVE-2024-23652",
"CVE-2024-23653",
"CVE-2024-24557",
"CVE-2024-41110",
"CVE-2025-61727",
"CVE-2025-61729"
]
}
cleanstart-2026-tl71584
Vulnerability from cleanstart
Published
2026-01-30 15:23
Modified
2026-01-29 18:58
Summary
excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Details
Multiple security vulnerabilities affect the helm-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "helm-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.17-4-r1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the helm-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-TL71584",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T15:23:53.438748Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-TL71584.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-265r-hfxg-fhmg"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-6v2p-p543-phr9"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-m6hq-p25p-ffr2"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-pwhc-rpq9-4c8w"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate",
"upstream": [
"CVE-2025-61727",
"CVE-2025-61729",
"GHSA-265r-hfxg-fhmg",
"GHSA-6v2p-p543-phr9",
"GHSA-m6hq-p25p-ffr2",
"GHSA-pwhc-rpq9-4c8w"
]
}
cleanstart-2026-fp29743
Vulnerability from cleanstart
Published
2026-01-30 16:37
Modified
2026-01-29 18:58
Summary
excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Details
Multiple security vulnerabilities affect the elastic-beats-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "elastic-beats-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.2.2-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the elastic-beats-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-FP29743",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T16:37:25.443687Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-FP29743"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-32FW-GQ77-F2F2"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-F6X5-JH6R-WRFV"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-J5W8-Q4QC-RX2X"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate",
"upstream": [
"CVE-2025-47913",
"CVE-2025-61727",
"CVE-2025-61729",
"GHSA-32FW-GQ77-F2F2",
"GHSA-F6X5-JH6R-WRFV",
"GHSA-J5W8-Q4QC-RX2X"
]
}
cleanstart-2026-rj88561
Vulnerability from cleanstart
Published
2026-01-30 15:03
Modified
2026-01-29 18:58
Summary
excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Details
Multiple security vulnerabilities affect the kube-state-metrics-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "kube-state-metrics-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.14.0-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the kube-state-metrics-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-RJ88561",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T15:03:53.732429Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-RJ88561.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-6v2p-p543-phr9"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-hcg3-q754-cr77"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-qxp5-gwg8-xv66"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-vvgc-356p-c3xw"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate",
"upstream": [
"CVE-2025-61727",
"CVE-2025-61729",
"GHSA-6v2p-p543-phr9",
"GHSA-hcg3-q754-cr77",
"GHSA-qxp5-gwg8-xv66",
"GHSA-vvgc-356p-c3xw"
]
}
cleanstart-2026-ck72347
Vulnerability from cleanstart
Published
2026-01-30 15:07
Modified
2026-01-29 18:58
Summary
excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Details
Multiple security vulnerabilities affect the istio-pilot-discovery-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.
Severity
9.8 (Critical)
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "istio-pilot-discovery-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.27.4-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the istio-pilot-discovery-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-CK72347",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T15:07:23.436298Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-CK72347"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate",
"upstream": [
"CVE-2025-61727",
"CVE-2025-61729"
]
}
cleanstart-2026-gv62494
Vulnerability from cleanstart
Published
2026-01-30 14:41
Modified
2026-01-29 18:58
Summary
excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Details
Multiple security vulnerabilities affect the velero package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "velero"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.17.0-r1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the velero package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-GV62494",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T14:41:53.003431Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-GV62494"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-46394"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58251"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-CGRX-MC8F-2PRM"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-PWHC-RPQ9-4C8W"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-46394"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58251"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate",
"upstream": [
"CVE-2025-46394",
"CVE-2025-58183",
"CVE-2025-58185",
"CVE-2025-58187",
"CVE-2025-58188",
"CVE-2025-58189",
"CVE-2025-58251",
"CVE-2025-61723",
"CVE-2025-61724",
"CVE-2025-61725",
"CVE-2025-61727",
"CVE-2025-61729",
"GHSA-CGRX-MC8F-2PRM",
"GHSA-PWHC-RPQ9-4C8W"
]
}
cleanstart-2026-bl06950
Vulnerability from cleanstart
Published
2026-01-30 15:08
Modified
2026-01-29 18:58
Summary
excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Details
Multiple security vulnerabilities affect the istio-pilot-discovery-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.
Severity
9.8 (Critical)
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "istio-pilot-discovery-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.26.7-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the istio-pilot-discovery-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-BL06950",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T15:08:23.121647Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-BL06950"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate",
"upstream": [
"CVE-2025-61727",
"CVE-2025-61729"
]
}
cleanstart-2025-jl63399
Vulnerability from cleanstart
Published
2026-01-16 12:00
Modified
2025-12-06 13:34
Summary
Security fixes for CVE-2025-61729 applied in versions: 0.20.2-r1
Details
Security vulnerability affects the trust-manager package. This issue is resolved in later releases. See references for CVE details.
References
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "trust-manager"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.20.2-r1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"details": "Security vulnerability affects the trust-manager package. This issue is resolved in later releases. See references for CVE details.",
"id": "CLEANSTART-2025-JL63399",
"modified": "2025-12-06T13:34:11Z",
"published": "2026-01-16T12:00:43.312220Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2025/CLEANSTART-2025-JL63399.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2025-61729 applied in versions: 0.20.2-r1",
"upstream": [
"CVE-2025-61729"
]
}
cleanstart-2026-ct39828
Vulnerability from cleanstart
Published
2026-01-30 15:31
Modified
2026-01-29 18:58
Summary
Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate
Details
Multiple security vulnerabilities affect the chartmuseum-fips package. Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "chartmuseum-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.14.0-r3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the chartmuseum-fips package. Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-CT39828",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T15:31:23.928259Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-CT39828"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-2C4M-59X9-FR2G"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-3VP4-M3RF-835H"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-4HFP-H4CW-HJ8P"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-53C4-HHMH-VW5Q"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-557J-XG8C-Q2MM"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-5XQW-8HWV-WG92"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-67FX-WX78-JX33"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-6RX9-889Q-VV2R"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-7HFP-QFW3-5JXH"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-9H84-QMV7-982P"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-F9F8-9PMF-XV68"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-MH63-6H87-95CP"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-PWCW-6F5G-GXF8"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-R53H-JV2G-VPX6"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-V53G-5GJP-272R"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate",
"upstream": [
"CVE-2025-58183",
"CVE-2025-58185",
"CVE-2025-58187",
"CVE-2025-58188",
"CVE-2025-58189",
"CVE-2025-61723",
"CVE-2025-61724",
"CVE-2025-61725",
"CVE-2025-61727",
"CVE-2025-61729",
"GHSA-2C4M-59X9-FR2G",
"GHSA-3VP4-M3RF-835H",
"GHSA-4HFP-H4CW-HJ8P",
"GHSA-53C4-HHMH-VW5Q",
"GHSA-557J-XG8C-Q2MM",
"GHSA-5XQW-8HWV-WG92",
"GHSA-67FX-WX78-JX33",
"GHSA-6RX9-889Q-VV2R",
"GHSA-7HFP-QFW3-5JXH",
"GHSA-9H84-QMV7-982P",
"GHSA-F9F8-9PMF-XV68",
"GHSA-MH63-6H87-95CP",
"GHSA-PWCW-6F5G-GXF8",
"GHSA-R53H-JV2G-VPX6",
"GHSA-V53G-5GJP-272R"
]
}
cleanstart-2026-by85815
Vulnerability from cleanstart
Published
2026-03-03 00:39
Modified
2026-03-02 17:13
Summary
OpenTelemetry-Go is the Go implementation of OpenTelemetry
Details
Multiple security vulnerabilities affect the argo-workflows package. OpenTelemetry-Go is the Go implementation of OpenTelemetry. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | |||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "argo-workflows"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.0.1-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the argo-workflows package. OpenTelemetry-Go is the Go implementation of OpenTelemetry. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-BY85815",
"modified": "2026-03-02T17:13:50Z",
"published": "2026-03-03T00:39:03.275022Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-BY85815"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25934"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-26958"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-2464-8J7C-4CJM"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-2X5J-VHC8-9CWM"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-37CX-329C-33X3"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-FV92-FJC5-JJ9H"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-FW7P-63QQ-7HPR"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25934"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26958"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "OpenTelemetry-Go is the Go implementation of OpenTelemetry",
"upstream": [
"CVE-2025-61729",
"CVE-2026-24051",
"CVE-2026-25934",
"CVE-2026-26958",
"GHSA-2464-8J7C-4CJM",
"GHSA-2X5J-VHC8-9CWM",
"GHSA-37CX-329C-33X3",
"GHSA-FV92-FJC5-JJ9H",
"GHSA-FW7P-63QQ-7HPR"
]
}
cleanstart-2026-ch38544
Vulnerability from cleanstart
Published
2026-01-30 16:19
Modified
2026-01-29 18:58
Summary
excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Details
Multiple security vulnerabilities affect the stakater-reloader-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.
Severity
9.8 (Critical)
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "stakater-reloader-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.4.10-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the stakater-reloader-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-CH38544",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T16:19:55.527550Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-CH38544"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate",
"upstream": [
"CVE-2025-61727",
"CVE-2025-61729"
]
}
cleanstart-2026-bv91860
Vulnerability from cleanstart
Published
2026-01-30 15:42
Modified
2026-01-29 18:58
Summary
Within HostnameError
Details
Security vulnerability affects the cloudnative-pg package. Within HostnameError.
Severity
9.8 (Critical)
References
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "cloudnative-pg"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.27.1-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Security vulnerability affects the cloudnative-pg package. Within HostnameError.",
"id": "CLEANSTART-2026-BV91860",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T15:42:23.881650Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-BV91860"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-61729"
]
}
cleanstart-2026-jx46109
Vulnerability from cleanstart
Published
2026-01-30 17:25
Modified
2026-01-29 18:58
Summary
Within HostnameError
Details
Multiple security vulnerabilities affect the opentofu-fips package. Within HostnameError. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "opentofu-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.9.4-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the opentofu-fips package. Within HostnameError. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-JX46109",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T17:25:26.548568Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-JX46109"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-2464-8J7C-4CJM"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-2X5J-VHC8-9CWM"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-6V2P-P543-PHR9"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-C6GW-W398-HV78"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-FV92-FJC5-JJ9H"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-HCG3-Q754-CR77"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-JC7W-C686-C4V9"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-MH63-6H87-95CP"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-QXP5-GWG8-XV66"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-VVGC-356P-C3XW"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-WJRX-6529-HCJ3"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-47913",
"CVE-2025-47914",
"CVE-2025-58181",
"CVE-2025-61727",
"CVE-2025-61729",
"GHSA-2464-8J7C-4CJM",
"GHSA-2X5J-VHC8-9CWM",
"GHSA-6V2P-P543-PHR9",
"GHSA-C6GW-W398-HV78",
"GHSA-FV92-FJC5-JJ9H",
"GHSA-HCG3-Q754-CR77",
"GHSA-JC7W-C686-C4V9",
"GHSA-MH63-6H87-95CP",
"GHSA-QXP5-GWG8-XV66",
"GHSA-VVGC-356P-C3XW",
"GHSA-WJRX-6529-HCJ3"
]
}
cleanstart-2025-ob44035
Vulnerability from cleanstart
Published
2026-01-16 11:28
Modified
2025-12-13 08:34
Summary
Security fixes for CVE-2025-61729, GHSA-f6x5-jh6r-wrfv, GHSA-j5w8-q4qc-rx2x applied in versions: 1.16.2-r2
Details
Multiple security vulnerabilities affect the velero-fips package. These issues are resolved in later releases. See references for individual CVE and GHSA details.
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "velero-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.16.2-r2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"details": "Multiple security vulnerabilities affect the velero-fips package. These issues are resolved in later releases. See references for individual CVE and GHSA details.",
"id": "CLEANSTART-2025-OB44035",
"modified": "2025-12-13T08:34:16Z",
"published": "2026-01-16T11:28:43.176297Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2025/CLEANSTART-2025-OB44035.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-f6x5-jh6r-wrfv"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-j5w8-q4qc-rx2x"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2025-61729, GHSA-f6x5-jh6r-wrfv, GHSA-j5w8-q4qc-rx2x applied in versions: 1.16.2-r2",
"upstream": [
"CVE-2025-61729",
"GHSA-f6x5-jh6r-wrfv",
"GHSA-j5w8-q4qc-rx2x"
]
}
cleanstart-2026-mq21261
Vulnerability from cleanstart
Published
2026-04-01 09:43
Modified
2026-03-19 07:05
Summary
Security fixes for CVE-2025-47911, CVE-2025-58190, CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-61732, CVE-2025-68119, CVE-2025-68121, CVE-2026-25679, CVE-2026-27139, CVE-2026-27141, CVE-2026-27142 applied in versions: 1.5.1-r0, 1.5.1-r1, 1.5.1-r2, 1.5.1-r3
Details
Multiple security vulnerabilities affect the vertical-pod-autoscaler package. These issues are resolved in later releases. See references for individual vulnerability details.
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "vertical-pod-autoscaler"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.5.1-r3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the vertical-pod-autoscaler package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-MQ21261",
"modified": "2026-03-19T07:05:59Z",
"published": "2026-04-01T09:43:56.426341Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-MQ21261.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47911"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58190"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61732"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68119"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27141"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47911"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58190"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61732"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68119"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27141"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27142"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2025-47911, CVE-2025-58190, CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-61732, CVE-2025-68119, CVE-2025-68121, CVE-2026-25679, CVE-2026-27139, CVE-2026-27141, CVE-2026-27142 applied in versions: 1.5.1-r0, 1.5.1-r1, 1.5.1-r2, 1.5.1-r3",
"upstream": [
"CVE-2025-47911",
"CVE-2025-58190",
"CVE-2025-61726",
"CVE-2025-61727",
"CVE-2025-61728",
"CVE-2025-61729",
"CVE-2025-61730",
"CVE-2025-61732",
"CVE-2025-68119",
"CVE-2025-68121",
"CVE-2026-25679",
"CVE-2026-27139",
"CVE-2026-27141",
"CVE-2026-27142"
]
}
cleanstart-2026-gy48351
Vulnerability from cleanstart
Published
2026-04-30 00:53
Modified
2026-04-29 09:10
Summary
Within HostnameError
Details
Multiple security vulnerabilities affect the opentofu-fips package. Within HostnameError. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "opentofu-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.9.4-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the opentofu-fips package. Within HostnameError. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-GY48351",
"modified": "2026-04-29T09:10:13Z",
"published": "2026-04-30T00:53:26.601522Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-GY48351.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-8912"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-10005"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-10006"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61732"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68119"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-24515"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25210"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33810"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-34986"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39882"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39883"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-2464-8j7c-4cjm"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-2x5j-vhc8-9cwm"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-6v2p-p543-phr9"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-78h2-9frx-2jm8"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-c6gw-w398-hv78"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-fv92-fjc5-jj9h"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-hcg3-q754-cr77"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-hfvc-g4fc-pqhx"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-jc7w-c686-c4v9"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-mh63-6h87-95cp"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-p77j-4mvh-x3m3"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-q9hv-hpm4-hj6x"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-qxp5-gwg8-xv66"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-vvgc-356p-c3xw"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-w8rr-5gcm-pp58"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-wjrx-6529-hcj3"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-xmrv-pmrh-hhx2"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8912"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-10005"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-10006"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61732"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68119"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24515"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25210"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33810"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39882"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39883"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2020-8912",
"CVE-2024-10005",
"CVE-2024-10006",
"CVE-2025-47913",
"CVE-2025-47914",
"CVE-2025-58181",
"CVE-2025-61726",
"CVE-2025-61727",
"CVE-2025-61728",
"CVE-2025-61729",
"CVE-2025-61730",
"CVE-2025-61732",
"CVE-2025-68119",
"CVE-2025-68121",
"CVE-2026-24051",
"CVE-2026-24515",
"CVE-2026-25210",
"CVE-2026-25679",
"CVE-2026-27139",
"CVE-2026-27142",
"CVE-2026-32280",
"CVE-2026-32281",
"CVE-2026-32282",
"CVE-2026-32283",
"CVE-2026-32289",
"CVE-2026-33186",
"CVE-2026-33810",
"CVE-2026-34986",
"CVE-2026-39882",
"CVE-2026-39883",
"ghsa-2464-8j7c-4cjm",
"ghsa-2x5j-vhc8-9cwm",
"ghsa-6v2p-p543-phr9",
"ghsa-78h2-9frx-2jm8",
"ghsa-c6gw-w398-hv78",
"ghsa-fv92-fjc5-jj9h",
"ghsa-hcg3-q754-cr77",
"ghsa-hfvc-g4fc-pqhx",
"ghsa-jc7w-c686-c4v9",
"ghsa-mh63-6h87-95cp",
"ghsa-p77j-4mvh-x3m3",
"ghsa-q9hv-hpm4-hj6x",
"ghsa-qxp5-gwg8-xv66",
"ghsa-vvgc-356p-c3xw",
"ghsa-w8rr-5gcm-pp58",
"ghsa-wjrx-6529-hcj3",
"ghsa-xmrv-pmrh-hhx2"
]
}
cleanstart-2026-ts42581
Vulnerability from cleanstart
Published
2026-01-30 15:29
Modified
2026-01-29 18:58
Summary
Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate
Details
Multiple security vulnerabilities affect the chartmuseum-fips package. Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "chartmuseum-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.15.0-r4"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the chartmuseum-fips package. Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-TS42581",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T15:29:23.600518Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-TS42581.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-2c4m-59x9-fr2g"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-3vp4-m3rf-835h"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-4hfp-h4cw-hj8p"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-53c4-hhmh-vw5q"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-557j-xg8c-q2mm"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-5xqw-8hwv-wg92"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-67fx-wx78-jx33"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-f9f8-9pmf-xv68"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-mh63-6h87-95cp"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-r53h-jv2g-vpx6"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-v53g-5gjp-272r"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate",
"upstream": [
"CVE-2025-58183",
"CVE-2025-58185",
"CVE-2025-58187",
"CVE-2025-58188",
"CVE-2025-58189",
"CVE-2025-61723",
"CVE-2025-61724",
"CVE-2025-61725",
"CVE-2025-61727",
"CVE-2025-61729",
"GHSA-2c4m-59x9-fr2g",
"GHSA-3vp4-m3rf-835h",
"GHSA-4hfp-h4cw-hj8p",
"GHSA-53c4-hhmh-vw5q",
"GHSA-557j-xg8c-q2mm",
"GHSA-5xqw-8hwv-wg92",
"GHSA-67fx-wx78-jx33",
"GHSA-f9f8-9pmf-xv68",
"GHSA-mh63-6h87-95cp",
"GHSA-r53h-jv2g-vpx6",
"GHSA-v53g-5gjp-272r"
]
}
cleanstart-2026-xo49545
Vulnerability from cleanstart
Published
2026-01-30 16:21
Modified
2026-01-29 18:58
Summary
Within HostnameError
Details
Multiple security vulnerabilities affect the spire-server-fips package. Within HostnameError. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "spire-server-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.14.1-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the spire-server-fips package. Within HostnameError. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-XO49545",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T16:21:25.500719Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-XO49545.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-4qg8-fj49-pxjh"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-whqx-f9j3-ch6m"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-61727",
"CVE-2025-61729",
"GHSA-4qg8-fj49-pxjh",
"GHSA-whqx-f9j3-ch6m"
]
}
cleanstart-2026-mf93723
Vulnerability from cleanstart
Published
2026-01-30 16:03
Modified
2026-01-29 18:58
Summary
Within HostnameError
Details
Multiple security vulnerabilities affect the argo-workflows package. Within HostnameError. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "argo-workflows"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.7.4-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the argo-workflows package. Within HostnameError. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-MF93723",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T16:03:24.521286Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-MF93723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-2464-8J7C-4CJM"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-2X5J-VHC8-9CWM"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-FV92-FJC5-JJ9H"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-61729",
"GHSA-2464-8J7C-4CJM",
"GHSA-2X5J-VHC8-9CWM",
"GHSA-FV92-FJC5-JJ9H"
]
}
cleanstart-2026-ac01087
Vulnerability from cleanstart
Published
2026-04-10 01:03
Modified
2026-04-09 09:55
Summary
During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions
Details
Multiple security vulnerabilities affect the gitness package. During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "gitness"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.3.0-r1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the gitness package. During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-AC01087",
"modified": "2026-04-09T09:55:12Z",
"published": "2026-04-10T01:03:59.042951Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-AC01087.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-22868"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-30153"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68119"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33540"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33810"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-35172"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-4vq8-7jfc-9cvp"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-f6x5-jh6r-wrfv"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-j5w8-q4qc-rx2x"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-vrw8-fxc6-2r93"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-30153"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68119"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33540"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33810"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35172"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions",
"upstream": [
"CVE-2025-22868",
"CVE-2025-30153",
"CVE-2025-61726",
"CVE-2025-61728",
"CVE-2025-61729",
"CVE-2025-61730",
"CVE-2025-68119",
"CVE-2026-32280",
"CVE-2026-32281",
"CVE-2026-32282",
"CVE-2026-32283",
"CVE-2026-32289",
"CVE-2026-33186",
"CVE-2026-33540",
"CVE-2026-33810",
"CVE-2026-35172",
"ghsa-4vq8-7jfc-9cvp",
"ghsa-f6x5-jh6r-wrfv",
"ghsa-j5w8-q4qc-rx2x",
"ghsa-vrw8-fxc6-2r93"
]
}
cleanstart-2026-lr19699
Vulnerability from cleanstart
Published
2026-02-18 00:37
Modified
2026-02-17 14:16
Summary
Within HostnameError
Details
Security vulnerability affects the kube-vip package. Within HostnameError.
Severity
9.8 (Critical)
References
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "kube-vip"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.0.1-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Security vulnerability affects the kube-vip package. Within HostnameError.",
"id": "CLEANSTART-2026-LR19699",
"modified": "2026-02-17T14:16:07Z",
"published": "2026-02-18T00:37:41.636616Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-LR19699"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-61729"
]
}
cleanstart-2026-qi35149
Vulnerability from cleanstart
Published
2026-02-13 00:39
Modified
2026-02-12 13:07
Summary
SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process
Details
Multiple security vulnerabilities affect the cloudnative-pg-fips package. SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "cloudnative-pg-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.24.4-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the cloudnative-pg-fips package. SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-QI35149",
"modified": "2026-02-12T13:07:54Z",
"published": "2026-02-13T00:39:44.259950Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-QI35149"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process",
"upstream": [
"CVE-2025-47913",
"CVE-2025-47914",
"CVE-2025-58181",
"CVE-2025-61727",
"CVE-2025-61729"
]
}
cleanstart-2026-cz07385
Vulnerability from cleanstart
Published
2026-04-30 00:39
Modified
2026-04-29 09:21
Summary
Docker CLI for Windows searches for plugin binaries in C:\\ProgramData\\Docker\\cli-plugins, a directory that does not exist by default
Details
Multiple security vulnerabilities affect the tekton-pipelines-fips package. Docker CLI for Windows searches for plugin binaries in C:\ProgramData\Docker\cli-plugins, a directory that does not exist by default. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "tekton-pipelines-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.7.0-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the tekton-pipelines-fips package. Docker CLI for Windows searches for plugin binaries in C:\\\\ProgramData\\\\Docker\\\\cli-plugins, a directory that does not exist by default. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-CZ07385",
"modified": "2026-04-29T09:21:35Z",
"published": "2026-04-30T00:39:59.023250Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-CZ07385.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-15558"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61732"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-34986"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39882"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39883"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-78h2-9frx-2jm8"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-9h8m-3fm2-qjrq"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-f6x5-jh6r-wrfv"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-hfvc-g4fc-pqhx"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-j5w8-q4qc-rx2x"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-p436-gjf2-799p"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-p77j-4mvh-x3m3"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-w8rr-5gcm-pp58"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-15558"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61732"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39882"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39883"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Docker CLI for Windows searches for plugin binaries in C:\\\\ProgramData\\\\Docker\\\\cli-plugins, a directory that does not exist by default",
"upstream": [
"CVE-2025-15558",
"CVE-2025-61727",
"CVE-2025-61729",
"CVE-2025-61732",
"CVE-2025-68121",
"CVE-2026-24051",
"CVE-2026-33186",
"CVE-2026-34986",
"CVE-2026-39882",
"CVE-2026-39883",
"ghsa-78h2-9frx-2jm8",
"ghsa-9h8m-3fm2-qjrq",
"ghsa-f6x5-jh6r-wrfv",
"ghsa-hfvc-g4fc-pqhx",
"ghsa-j5w8-q4qc-rx2x",
"ghsa-p436-gjf2-799p",
"ghsa-p77j-4mvh-x3m3",
"ghsa-w8rr-5gcm-pp58"
]
}
cleanstart-2026-bs57244
Vulnerability from cleanstart
Published
2026-02-17 00:39
Modified
2026-02-16 09:23
Summary
Within HostnameError
Details
Security vulnerability affects the external-secrets package. Within HostnameError.
Severity
9.8 (Critical)
References
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "external-secrets"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.1.0-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Security vulnerability affects the external-secrets package. Within HostnameError.",
"id": "CLEANSTART-2026-BS57244",
"modified": "2026-02-16T09:23:22Z",
"published": "2026-02-17T00:39:44.907078Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-BS57244"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-61729"
]
}
cleanstart-2026-yc48827
Vulnerability from cleanstart
Published
2026-01-30 15:56
Modified
2026-01-29 18:58
Summary
Within HostnameError
Details
Multiple security vulnerabilities affect the cert-manager-fips package. Within HostnameError. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "cert-manager-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.19.1-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the cert-manager-fips package. Within HostnameError. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-YC48827",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T15:56:24.532632Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-YC48827.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47910"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47910"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-47910",
"CVE-2025-47913",
"CVE-2025-47914",
"CVE-2025-58181",
"CVE-2025-58183",
"CVE-2025-58185",
"CVE-2025-58187",
"CVE-2025-58188",
"CVE-2025-58189",
"CVE-2025-61723",
"CVE-2025-61724",
"CVE-2025-61725",
"CVE-2025-61727",
"CVE-2025-61729"
]
}
cleanstart-2026-mi12470
Vulnerability from cleanstart
Published
2026-04-30 00:49
Modified
2026-04-29 09:05
Summary
Within HostnameError
Details
Multiple security vulnerabilities affect the opentofu-fips package. Within HostnameError. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "opentofu-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.9.4-r5"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the opentofu-fips package. Within HostnameError. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-MI12470",
"modified": "2026-04-29T09:05:33Z",
"published": "2026-04-30T00:49:56.616377Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-MI12470.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33810"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-34986"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39882"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39883"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-2464-8j7c-4cjm"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-2x5j-vhc8-9cwm"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-6v2p-p543-phr9"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-78h2-9frx-2jm8"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-9h8m-3fm2-qjrq"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-c6gw-w398-hv78"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-fv92-fjc5-jj9h"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-hcg3-q754-cr77"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-hfvc-g4fc-pqhx"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-jc7w-c686-c4v9"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-mh63-6h87-95cp"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-qxp5-gwg8-xv66"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-vvgc-356p-c3xw"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-w8rr-5gcm-pp58"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-wjrx-6529-hcj3"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-xmrv-pmrh-hhx2"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33810"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39882"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39883"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-47913",
"CVE-2025-47914",
"CVE-2025-58181",
"CVE-2025-61727",
"CVE-2025-61729",
"CVE-2026-24051",
"CVE-2026-25679",
"CVE-2026-27139",
"CVE-2026-27142",
"CVE-2026-32280",
"CVE-2026-32281",
"CVE-2026-32282",
"CVE-2026-32283",
"CVE-2026-32289",
"CVE-2026-33186",
"CVE-2026-33810",
"CVE-2026-34986",
"CVE-2026-39882",
"CVE-2026-39883",
"ghsa-2464-8j7c-4cjm",
"ghsa-2x5j-vhc8-9cwm",
"ghsa-6v2p-p543-phr9",
"ghsa-78h2-9frx-2jm8",
"ghsa-9h8m-3fm2-qjrq",
"ghsa-c6gw-w398-hv78",
"ghsa-fv92-fjc5-jj9h",
"ghsa-hcg3-q754-cr77",
"ghsa-hfvc-g4fc-pqhx",
"ghsa-jc7w-c686-c4v9",
"ghsa-mh63-6h87-95cp",
"ghsa-qxp5-gwg8-xv66",
"ghsa-vvgc-356p-c3xw",
"ghsa-w8rr-5gcm-pp58",
"ghsa-wjrx-6529-hcj3",
"ghsa-xmrv-pmrh-hhx2"
]
}
cleanstart-2026-ae87452
Vulnerability from cleanstart
Published
2026-04-01 09:19
Modified
2026-03-25 14:22
Summary
Security fixes for CVE-2025-47911, CVE-2025-58190, CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-61732, CVE-2025-68119, CVE-2025-68121, CVE-2026-25679, CVE-2026-27139, CVE-2026-27141, CVE-2026-27142, CVE-2026-33186 applied in versions: 1.20.12-r0, 1.20.12-r1, 1.20.12-r2
Details
Multiple security vulnerabilities affect the smarter-device-manager-fips package. These issues are resolved in later releases. See references for individual vulnerability details.
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "smarter-device-manager-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.20.12-r2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the smarter-device-manager-fips package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-AE87452",
"modified": "2026-03-25T14:22:43Z",
"published": "2026-04-01T09:19:15.219275Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-AE87452.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47911"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58190"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61732"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68119"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27141"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47911"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58190"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61732"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68119"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27141"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2025-47911, CVE-2025-58190, CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-61732, CVE-2025-68119, CVE-2025-68121, CVE-2026-25679, CVE-2026-27139, CVE-2026-27141, CVE-2026-27142, CVE-2026-33186 applied in versions: 1.20.12-r0, 1.20.12-r1, 1.20.12-r2",
"upstream": [
"CVE-2025-47911",
"CVE-2025-58190",
"CVE-2025-61726",
"CVE-2025-61727",
"CVE-2025-61728",
"CVE-2025-61729",
"CVE-2025-61730",
"CVE-2025-61732",
"CVE-2025-68119",
"CVE-2025-68121",
"CVE-2026-25679",
"CVE-2026-27139",
"CVE-2026-27141",
"CVE-2026-27142",
"CVE-2026-33186"
]
}
cleanstart-2026-hf45264
Vulnerability from cleanstart
Published
2026-02-27 01:03
Modified
2026-02-26 12:09
Summary
filippo
Details
Multiple security vulnerabilities affect the openbao-fips package. filippo. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "openbao-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.5.1-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the openbao-fips package. filippo. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-HF45264",
"modified": "2026-02-26T12:09:56Z",
"published": "2026-02-27T01:03:40.135210Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-HF45264"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-26958"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26958"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "filippo",
"upstream": [
"CVE-2025-61727",
"CVE-2025-61729",
"CVE-2025-68121",
"CVE-2026-26958"
]
}
cleanstart-2026-li47669
Vulnerability from cleanstart
Published
2026-04-01 09:31
Modified
2026-03-23 07:38
Summary
Security fixes for CVE-2025-47913, CVE-2025-47914, CVE-2025-58181, CVE-2025-61727, CVE-2025-61729, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-33186 applied in versions: 1.26.2-r0, 1.26.3-r0, 1.26.3-r1
Details
Multiple security vulnerabilities affect the cloudnative-pg-fips package. These issues are resolved in later releases. See references for individual vulnerability details.
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "cloudnative-pg-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.26.3-r1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the cloudnative-pg-fips package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-LI47669",
"modified": "2026-03-23T07:38:42Z",
"published": "2026-04-01T09:31:09.448053Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-LI47669.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2025-47913, CVE-2025-47914, CVE-2025-58181, CVE-2025-61727, CVE-2025-61729, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-33186 applied in versions: 1.26.2-r0, 1.26.3-r0, 1.26.3-r1",
"upstream": [
"CVE-2025-47913",
"CVE-2025-47914",
"CVE-2025-58181",
"CVE-2025-61727",
"CVE-2025-61729",
"CVE-2026-25679",
"CVE-2026-27139",
"CVE-2026-27142",
"CVE-2026-33186"
]
}
cleanstart-2026-mw73882
Vulnerability from cleanstart
Published
2026-03-03 00:39
Modified
2026-03-02 17:13
Summary
filippo
Details
Multiple security vulnerabilities affect the argo-workflows package. filippo. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "argo-workflows"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.0.1-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the argo-workflows package. filippo. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-MW73882",
"modified": "2026-03-02T17:13:50Z",
"published": "2026-03-03T00:39:03.237072Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-MW73882"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25934"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-26958"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-2464-8J7C-4CJM"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-2X5J-VHC8-9CWM"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-37CX-329C-33X3"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-FV92-FJC5-JJ9H"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-FW7P-63QQ-7HPR"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25934"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26958"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "filippo",
"upstream": [
"CVE-2025-61729",
"CVE-2026-25934",
"CVE-2026-26958",
"GHSA-2464-8J7C-4CJM",
"GHSA-2X5J-VHC8-9CWM",
"GHSA-37CX-329C-33X3",
"GHSA-FV92-FJC5-JJ9H",
"GHSA-FW7P-63QQ-7HPR"
]
}
cleanstart-2026-fk30234
Vulnerability from cleanstart
Published
2026-04-30 00:36
Modified
2026-04-29 09:20
Summary
Go JOSE provides an implementation of the Javascript Object Signing and Encryption set of standards in Go, including support for JSON Web Encryption (JWE), JSON Web Signature (JWS), and JSON Web To...
Details
Multiple security vulnerabilities affect the tekton-pipelines-fips package. Go JOSE provides an implementation of the Javascript Object Signing and Encryption set of standards in Go, including support for JSON Web Encryption (JWE), JSON Web Signature (JWS), and JSON Web Token (JWT) standards. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | |||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "tekton-pipelines-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.5.0-r1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the tekton-pipelines-fips package. Go JOSE provides an implementation of the Javascript Object Signing and Encryption set of standards in Go, including support for JSON Web Encryption (JWE), JSON Web Signature (JWS), and JSON Web Token (JWT) standards. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-FK30234",
"modified": "2026-04-29T09:20:07Z",
"published": "2026-04-30T00:36:57.018431Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-FK30234.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-15558"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61732"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-34986"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-78h2-9frx-2jm8"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-f6x5-jh6r-wrfv"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-j5w8-q4qc-rx2x"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-15558"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61732"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Go JOSE provides an implementation of the Javascript Object Signing and Encryption set of standards in Go, including support for JSON Web Encryption (JWE), JSON Web Signature (JWS), and JSON Web To...",
"upstream": [
"CVE-2025-15558",
"CVE-2025-61727",
"CVE-2025-61729",
"CVE-2025-61732",
"CVE-2025-68121",
"CVE-2026-34986",
"ghsa-78h2-9frx-2jm8",
"ghsa-f6x5-jh6r-wrfv",
"ghsa-j5w8-q4qc-rx2x"
]
}
cleanstart-2026-di05920
Vulnerability from cleanstart
Published
2026-01-30 14:41
Modified
2026-01-29 18:58
Summary
excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Details
Multiple security vulnerabilities affect the velero-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "velero-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.14.1-r1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the velero-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-DI05920",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T14:41:22.824254Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-DI05920"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-F6X5-JH6R-WRFV"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-J5W8-Q4QC-RX2X"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-MH63-6H87-95CP"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate",
"upstream": [
"CVE-2025-61727",
"CVE-2025-61729",
"GHSA-F6X5-JH6R-WRFV",
"GHSA-J5W8-Q4QC-RX2X",
"GHSA-MH63-6H87-95CP"
]
}
cleanstart-2026-rw65075
Vulnerability from cleanstart
Published
2026-01-30 15:35
Modified
2026-01-29 18:58
Summary
Within HostnameError
Details
Security vulnerability affects the cortex package. Within HostnameError.
Severity
9.8 (Critical)
References
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "cortex"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.20.0-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Security vulnerability affects the cortex package. Within HostnameError.",
"id": "CLEANSTART-2026-RW65075",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T15:35:53.815887Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-RW65075.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-61729"
]
}
cleanstart-2026-db61851
Vulnerability from cleanstart
Published
2026-04-01 09:26
Modified
2026-03-24 08:56
Summary
Security fixes for CVE-2024-10005, CVE-2024-10006, CVE-2025-47913, CVE-2025-47914, CVE-2025-58181, CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-61732, CVE-2025-68119, CVE-2025-68121, CVE-2026-24051, CVE-2026-24515, CVE-2026-25210, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-33186, ghsa-2464-8j7c-4cjm, ghsa-2x5j-vhc8-9cwm, ghsa-6v2p-p543-phr9, ghsa-c6gw-w398-hv78, ghsa-fv92-fjc5-jj9h, ghsa-hcg3-q754-cr77, ghsa-jc7w-c686-c4v9, ghsa-mh63-6h87-95cp, ghsa-p77j-4mvh-x3m3, ghsa-q9hv-hpm4-hj6x, ghsa-qxp5-gwg8-xv66, ghsa-vvgc-356p-c3xw, ghsa-wjrx-6529-hcj3 applied in versions: 1.10.7-r0, 1.8.11-r0, 1.8.11-r1, 1.8.11-r2, 1.8.11-r3, 1.9.4-r0
Details
Multiple security vulnerabilities affect the opentofu-fips package. These issues are resolved in later releases. See references for individual vulnerability details.
References
| URL | Type | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "opentofu-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.9.4-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the opentofu-fips package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-DB61851",
"modified": "2026-03-24T08:56:04Z",
"published": "2026-04-01T09:26:58.691080Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-DB61851.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-10005"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-10006"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61732"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68119"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-24515"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25210"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-2464-8j7c-4cjm"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-2x5j-vhc8-9cwm"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-6v2p-p543-phr9"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-c6gw-w398-hv78"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-fv92-fjc5-jj9h"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-hcg3-q754-cr77"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-jc7w-c686-c4v9"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-mh63-6h87-95cp"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-p77j-4mvh-x3m3"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-q9hv-hpm4-hj6x"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-qxp5-gwg8-xv66"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-vvgc-356p-c3xw"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-wjrx-6529-hcj3"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-10005"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-10006"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61732"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68119"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24515"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25210"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2024-10005, CVE-2024-10006, CVE-2025-47913, CVE-2025-47914, CVE-2025-58181, CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-61732, CVE-2025-68119, CVE-2025-68121, CVE-2026-24051, CVE-2026-24515, CVE-2026-25210, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-33186, ghsa-2464-8j7c-4cjm, ghsa-2x5j-vhc8-9cwm, ghsa-6v2p-p543-phr9, ghsa-c6gw-w398-hv78, ghsa-fv92-fjc5-jj9h, ghsa-hcg3-q754-cr77, ghsa-jc7w-c686-c4v9, ghsa-mh63-6h87-95cp, ghsa-p77j-4mvh-x3m3, ghsa-q9hv-hpm4-hj6x, ghsa-qxp5-gwg8-xv66, ghsa-vvgc-356p-c3xw, ghsa-wjrx-6529-hcj3 applied in versions: 1.10.7-r0, 1.8.11-r0, 1.8.11-r1, 1.8.11-r2, 1.8.11-r3, 1.9.4-r0",
"upstream": [
"CVE-2024-10005",
"CVE-2024-10006",
"CVE-2025-47913",
"CVE-2025-47914",
"CVE-2025-58181",
"CVE-2025-61726",
"CVE-2025-61727",
"CVE-2025-61728",
"CVE-2025-61729",
"CVE-2025-61730",
"CVE-2025-61732",
"CVE-2025-68119",
"CVE-2025-68121",
"CVE-2026-24051",
"CVE-2026-24515",
"CVE-2026-25210",
"CVE-2026-25679",
"CVE-2026-27139",
"CVE-2026-27142",
"CVE-2026-33186",
"ghsa-2464-8j7c-4cjm",
"ghsa-2x5j-vhc8-9cwm",
"ghsa-6v2p-p543-phr9",
"ghsa-c6gw-w398-hv78",
"ghsa-fv92-fjc5-jj9h",
"ghsa-hcg3-q754-cr77",
"ghsa-jc7w-c686-c4v9",
"ghsa-mh63-6h87-95cp",
"ghsa-p77j-4mvh-x3m3",
"ghsa-q9hv-hpm4-hj6x",
"ghsa-qxp5-gwg8-xv66",
"ghsa-vvgc-356p-c3xw",
"ghsa-wjrx-6529-hcj3"
]
}
cleanstart-2026-ns41924
Vulnerability from cleanstart
Published
2026-01-30 15:18
Modified
2026-01-29 18:58
Summary
Within HostnameError
Details
Multiple security vulnerabilities affect the helm-operator package. Within HostnameError. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "helm-operator"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.41.1-r1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the helm-operator package. Within HostnameError. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-NS41924",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T15:18:53.115636Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-NS41924"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-58183",
"CVE-2025-58185",
"CVE-2025-58187",
"CVE-2025-58188",
"CVE-2025-58189",
"CVE-2025-61723",
"CVE-2025-61724",
"CVE-2025-61725",
"CVE-2025-61729"
]
}
cleanstart-2026-dc63423
Vulnerability from cleanstart
Published
2026-02-26 00:40
Modified
2026-02-25 07:34
Summary
Within HostnameError
Details
Multiple security vulnerabilities affect the kubernetes package. Within HostnameError. See references for individual vulnerability details.
Severity
9.8 (Critical)
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "kubernetes"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.34.2-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the kubernetes package. Within HostnameError. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-DC63423",
"modified": "2026-02-25T07:34:17Z",
"published": "2026-02-26T00:40:26.756005Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-DC63423"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-61727",
"CVE-2025-61729"
]
}
cleanstart-2026-ru37859
Vulnerability from cleanstart
Published
2026-01-30 15:39
Modified
2026-01-29 18:58
Summary
Cancelling a query (e
Details
Multiple security vulnerabilities affect the dex-fips package. Cancelling a query (e. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "dex-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.42.1-r4"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the dex-fips package. Cancelling a query (e. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-RU37859",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T15:39:24.210234Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-RU37859.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47907"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-f6x5-jh6r-wrfv"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-j5w8-q4qc-rx2x"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47907"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Cancelling a query (e",
"upstream": [
"CVE-2025-47907",
"CVE-2025-58183",
"CVE-2025-58185",
"CVE-2025-58187",
"CVE-2025-58188",
"CVE-2025-58189",
"CVE-2025-61723",
"CVE-2025-61724",
"CVE-2025-61725",
"CVE-2025-61727",
"CVE-2025-61729",
"GHSA-f6x5-jh6r-wrfv",
"GHSA-j5w8-q4qc-rx2x"
]
}
cleanstart-2026-ez55127
Vulnerability from cleanstart
Published
2026-01-30 14:54
Modified
2026-01-29 18:58
Summary
excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Details
Multiple security vulnerabilities affect the metallb-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.
Severity
9.8 (Critical)
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "metallb-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.14.9-r1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the metallb-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-EZ55127",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T14:54:23.021613Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-EZ55127"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate",
"upstream": [
"CVE-2025-61727",
"CVE-2025-61729"
]
}
cleanstart-2026-ir69938
Vulnerability from cleanstart
Published
2026-04-01 09:37
Modified
2026-03-20 11:37
Summary
Security fixes for CVE-2025-61727, CVE-2025-61729, CVE-2025-68121, CVE-2026-1229, CVE-2026-25679, CVE-2026-26958, CVE-2026-27139, CVE-2026-27142, CVE-2026-33186 applied in versions: 2.4.4-r2, 2.5.0-r0, 2.5.1-r0, 2.5.1-r1
Details
Multiple security vulnerabilities affect the openbao-fips package. These issues are resolved in later releases. See references for individual vulnerability details.
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "openbao-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.5.1-r1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the openbao-fips package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-IR69938",
"modified": "2026-03-20T11:37:58Z",
"published": "2026-04-01T09:37:08.257134Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-IR69938.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-1229"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-26958"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1229"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26958"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2025-61727, CVE-2025-61729, CVE-2025-68121, CVE-2026-1229, CVE-2026-25679, CVE-2026-26958, CVE-2026-27139, CVE-2026-27142, CVE-2026-33186 applied in versions: 2.4.4-r2, 2.5.0-r0, 2.5.1-r0, 2.5.1-r1",
"upstream": [
"CVE-2025-61727",
"CVE-2025-61729",
"CVE-2025-68121",
"CVE-2026-1229",
"CVE-2026-25679",
"CVE-2026-26958",
"CVE-2026-27139",
"CVE-2026-27142",
"CVE-2026-33186"
]
}
cleanstart-2026-tf52804
Vulnerability from cleanstart
Published
2026-01-30 15:08
Modified
2026-01-29 18:58
Summary
excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Details
Multiple security vulnerabilities affect the istio-pilot-discovery-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.
Severity
9.8 (Critical)
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "istio-pilot-discovery-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.25.5-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the istio-pilot-discovery-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-TF52804",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T15:08:23.107112Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-TF52804.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate",
"upstream": [
"CVE-2025-61727",
"CVE-2025-61729"
]
}
cleanstart-2026-zd89666
Vulnerability from cleanstart
Published
2026-01-30 17:26
Modified
2026-01-29 18:58
Summary
Within HostnameError
Details
Multiple security vulnerabilities affect the opentofu-fips package. Within HostnameError. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "opentofu-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.9.4-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the opentofu-fips package. Within HostnameError. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-ZD89666",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T17:26:56.612763Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-ZD89666.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-2464-8j7c-4cjm"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-2x5j-vhc8-9cwm"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-6v2p-p543-phr9"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-c6gw-w398-hv78"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-fv92-fjc5-jj9h"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-hcg3-q754-cr77"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-jc7w-c686-c4v9"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-mh63-6h87-95cp"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-qxp5-gwg8-xv66"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-vvgc-356p-c3xw"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-wjrx-6529-hcj3"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-47913",
"CVE-2025-47914",
"CVE-2025-58181",
"CVE-2025-61727",
"CVE-2025-61729",
"GHSA-2464-8j7c-4cjm",
"GHSA-2x5j-vhc8-9cwm",
"GHSA-6v2p-p543-phr9",
"GHSA-c6gw-w398-hv78",
"GHSA-fv92-fjc5-jj9h",
"GHSA-hcg3-q754-cr77",
"GHSA-jc7w-c686-c4v9",
"GHSA-mh63-6h87-95cp",
"GHSA-qxp5-gwg8-xv66",
"GHSA-vvgc-356p-c3xw",
"GHSA-wjrx-6529-hcj3"
]
}
cleanstart-2026-kk99760
Vulnerability from cleanstart
Published
2026-02-26 00:41
Modified
2026-02-25 07:34
Summary
excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Details
Multiple security vulnerabilities affect the consul-k8s-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "consul-k8s-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.7.8-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the consul-k8s-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-KK99760",
"modified": "2026-02-25T07:34:17Z",
"published": "2026-02-26T00:41:27.004859Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-KK99760"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-22871"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47903"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47907"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-W4QC-356P-C3XW"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22871"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47903"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47907"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate",
"upstream": [
"CVE-2025-22871",
"CVE-2025-47903",
"CVE-2025-47907",
"CVE-2025-61727",
"CVE-2025-61729",
"GHSA-W4QC-356P-C3XW"
]
}
cleanstart-2026-rq53330
Vulnerability from cleanstart
Published
2026-01-30 15:17
Modified
2026-01-29 18:58
Summary
Within HostnameError
Details
Multiple security vulnerabilities affect the helm package. Within HostnameError. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "helm"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.0.1-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the helm package. Within HostnameError. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-RQ53330",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T15:17:53.658995Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-RQ53330.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-58183",
"CVE-2025-58185",
"CVE-2025-58187",
"CVE-2025-58188",
"CVE-2025-58189",
"CVE-2025-61723",
"CVE-2025-61724",
"CVE-2025-61725",
"CVE-2025-61729"
]
}
cleanstart-2026-zm84646
Vulnerability from cleanstart
Published
2026-01-30 16:20
Modified
2026-01-29 18:58
Summary
Within HostnameError
Details
Multiple security vulnerabilities affect the stakater-reloader package. Within HostnameError. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "stakater-reloader"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.4.8-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the stakater-reloader package. Within HostnameError. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-ZM84646",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T16:20:55.488130Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-ZM84646.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-58183",
"CVE-2025-58185",
"CVE-2025-58187",
"CVE-2025-58188",
"CVE-2025-58189",
"CVE-2025-61723",
"CVE-2025-61724",
"CVE-2025-61725",
"CVE-2025-61729"
]
}
cleanstart-2026-jz91219
Vulnerability from cleanstart
Published
2026-03-10 00:59
Modified
2026-03-09 13:15
Summary
Within HostnameError
Details
Security vulnerability affects the prometheus-redis-exporter package. Within HostnameError.
Severity
9.8 (Critical)
References
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "prometheus-redis-exporter"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.80.1-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Security vulnerability affects the prometheus-redis-exporter package. Within HostnameError.",
"id": "CLEANSTART-2026-JZ91219",
"modified": "2026-03-09T13:15:34Z",
"published": "2026-03-10T00:59:35.590693Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-JZ91219"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-61729"
]
}
cleanstart-2026-oj21550
Vulnerability from cleanstart
Published
2026-04-01 09:12
Modified
2026-03-28 09:40
Summary
Security fixes for CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-68119, CVE-2026-24051, CVE-2026-33186, ghsa-9h8m-3fm2-qjrq, ghsa-p77j-4mvh-x3m3 applied in versions: 1.34.2-r0, 1.35.0-r0, 1.35.3-r0
Details
Multiple security vulnerabilities affect the kubernetes package. These issues are resolved in later releases. See references for individual vulnerability details.
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "kubernetes"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.35.3-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the kubernetes package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-OJ21550",
"modified": "2026-03-28T09:40:45Z",
"published": "2026-04-01T09:12:23.484446Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-OJ21550.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68119"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-9h8m-3fm2-qjrq"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-p77j-4mvh-x3m3"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68119"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-68119, CVE-2026-24051, CVE-2026-33186, ghsa-9h8m-3fm2-qjrq, ghsa-p77j-4mvh-x3m3 applied in versions: 1.34.2-r0, 1.35.0-r0, 1.35.3-r0",
"upstream": [
"CVE-2025-61726",
"CVE-2025-61727",
"CVE-2025-61728",
"CVE-2025-61729",
"CVE-2025-61730",
"CVE-2025-68119",
"CVE-2026-24051",
"CVE-2026-33186",
"ghsa-9h8m-3fm2-qjrq",
"ghsa-p77j-4mvh-x3m3"
]
}
cleanstart-2026-au31441
Vulnerability from cleanstart
Published
2026-01-30 16:29
Modified
2026-01-29 18:58
Summary
excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Details
Multiple security vulnerabilities affect the metrics-server-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "metrics-server-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.7.2-r3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the metrics-server-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-AU31441",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T16:29:25.997506Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-AU31441"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-6V2P-P543-PHR9"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate",
"upstream": [
"CVE-2025-61727",
"CVE-2025-61729",
"GHSA-6V2P-P543-PHR9"
]
}
cleanstart-2026-cb01846
Vulnerability from cleanstart
Published
2026-04-01 09:10
Modified
2026-03-28 10:13
Summary
Security fixes for CVE-2025-0913, CVE-2025-4673, CVE-2025-47907, CVE-2025-47911, CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-58190, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-61732, CVE-2025-68121, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142 applied in versions: 2.6.1-r0, 2.6.1-r1, 2.6.1-r7
Details
Multiple security vulnerabilities affect the opensearch-k8s-operator-fips package. These issues are resolved in later releases. See references for individual vulnerability details.
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "opensearch-k8s-operator-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.6.1-r7"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the opensearch-k8s-operator-fips package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-CB01846",
"modified": "2026-03-28T10:13:21Z",
"published": "2026-04-01T09:10:27.866703Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-CB01846.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-0913"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-4673"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47907"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47911"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58190"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61732"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-0913"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4673"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47907"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47911"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58190"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61732"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27142"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2025-0913, CVE-2025-4673, CVE-2025-47907, CVE-2025-47911, CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-58190, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-61732, CVE-2025-68121, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142 applied in versions: 2.6.1-r0, 2.6.1-r1, 2.6.1-r7",
"upstream": [
"CVE-2025-0913",
"CVE-2025-4673",
"CVE-2025-47907",
"CVE-2025-47911",
"CVE-2025-58183",
"CVE-2025-58185",
"CVE-2025-58187",
"CVE-2025-58188",
"CVE-2025-58189",
"CVE-2025-58190",
"CVE-2025-61723",
"CVE-2025-61724",
"CVE-2025-61725",
"CVE-2025-61726",
"CVE-2025-61727",
"CVE-2025-61728",
"CVE-2025-61729",
"CVE-2025-61730",
"CVE-2025-61732",
"CVE-2025-68121",
"CVE-2026-25679",
"CVE-2026-27139",
"CVE-2026-27142"
]
}
cleanstart-2026-ng75665
Vulnerability from cleanstart
Published
2026-04-10 00:56
Modified
2026-04-09 11:53
Summary
During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions
Details
Multiple security vulnerabilities affect the kube-state-metrics package. During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "kube-state-metrics"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.16.0-r3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the kube-state-metrics package. During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-NG75665",
"modified": "2026-04-09T11:53:35Z",
"published": "2026-04-10T00:56:28.527348Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-NG75665.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47911"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58190"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47911"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58190"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions",
"upstream": [
"CVE-2025-47911",
"CVE-2025-47913",
"CVE-2025-47914",
"CVE-2025-58181",
"CVE-2025-58183",
"CVE-2025-58185",
"CVE-2025-58187",
"CVE-2025-58188",
"CVE-2025-58189",
"CVE-2025-58190",
"CVE-2025-61723",
"CVE-2025-61724",
"CVE-2025-61725",
"CVE-2025-61726",
"CVE-2025-61727",
"CVE-2025-61728",
"CVE-2025-61729",
"CVE-2025-61730",
"CVE-2025-68121",
"CVE-2026-24051",
"CVE-2026-25679",
"CVE-2026-27139",
"CVE-2026-27142",
"CVE-2026-32280",
"CVE-2026-32281",
"CVE-2026-32282",
"CVE-2026-32283",
"CVE-2026-32289",
"CVE-2026-33186"
]
}
cleanstart-2026-dp35743
Vulnerability from cleanstart
Published
2026-04-01 09:38
Modified
2026-03-20 04:50
Summary
Security fixes for CVE-2024-10005, CVE-2024-10006, CVE-2025-47913, CVE-2025-47914, CVE-2025-58181, CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-61732, CVE-2025-68119, CVE-2025-68121, CVE-2026-24051, CVE-2026-24515, CVE-2026-25210, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-33186, ghsa-2464-8j7c-4cjm, ghsa-2x5j-vhc8-9cwm, ghsa-6v2p-p543-phr9, ghsa-c6gw-w398-hv78, ghsa-fv92-fjc5-jj9h, ghsa-hcg3-q754-cr77, ghsa-jc7w-c686-c4v9, ghsa-mh63-6h87-95cp, ghsa-p77j-4mvh-x3m3, ghsa-q9hv-hpm4-hj6x, ghsa-qxp5-gwg8-xv66, ghsa-vvgc-356p-c3xw, ghsa-wjrx-6529-hcj3 applied in versions: 1.10.7-r0, 1.7.10-r0, 1.7.10-r1, 1.7.10-r2, 1.7.10-r3, 1.9.4-r0
Details
Multiple security vulnerabilities affect the opentofu-fips package. These issues are resolved in later releases. See references for individual vulnerability details.
References
| URL | Type | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "opentofu-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.9.4-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the opentofu-fips package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-DP35743",
"modified": "2026-03-20T04:50:14Z",
"published": "2026-04-01T09:38:30.680533Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-DP35743.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-10005"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-10006"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61732"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68119"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-24515"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25210"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-2464-8j7c-4cjm"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-2x5j-vhc8-9cwm"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-6v2p-p543-phr9"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-c6gw-w398-hv78"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-fv92-fjc5-jj9h"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-hcg3-q754-cr77"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-jc7w-c686-c4v9"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-mh63-6h87-95cp"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-p77j-4mvh-x3m3"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-q9hv-hpm4-hj6x"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-qxp5-gwg8-xv66"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-vvgc-356p-c3xw"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-wjrx-6529-hcj3"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-10005"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-10006"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61732"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68119"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24515"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25210"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2024-10005, CVE-2024-10006, CVE-2025-47913, CVE-2025-47914, CVE-2025-58181, CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-61732, CVE-2025-68119, CVE-2025-68121, CVE-2026-24051, CVE-2026-24515, CVE-2026-25210, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-33186, ghsa-2464-8j7c-4cjm, ghsa-2x5j-vhc8-9cwm, ghsa-6v2p-p543-phr9, ghsa-c6gw-w398-hv78, ghsa-fv92-fjc5-jj9h, ghsa-hcg3-q754-cr77, ghsa-jc7w-c686-c4v9, ghsa-mh63-6h87-95cp, ghsa-p77j-4mvh-x3m3, ghsa-q9hv-hpm4-hj6x, ghsa-qxp5-gwg8-xv66, ghsa-vvgc-356p-c3xw, ghsa-wjrx-6529-hcj3 applied in versions: 1.10.7-r0, 1.7.10-r0, 1.7.10-r1, 1.7.10-r2, 1.7.10-r3, 1.9.4-r0",
"upstream": [
"CVE-2024-10005",
"CVE-2024-10006",
"CVE-2025-47913",
"CVE-2025-47914",
"CVE-2025-58181",
"CVE-2025-61726",
"CVE-2025-61727",
"CVE-2025-61728",
"CVE-2025-61729",
"CVE-2025-61730",
"CVE-2025-61732",
"CVE-2025-68119",
"CVE-2025-68121",
"CVE-2026-24051",
"CVE-2026-24515",
"CVE-2026-25210",
"CVE-2026-25679",
"CVE-2026-27139",
"CVE-2026-27142",
"CVE-2026-33186",
"ghsa-2464-8j7c-4cjm",
"ghsa-2x5j-vhc8-9cwm",
"ghsa-6v2p-p543-phr9",
"ghsa-c6gw-w398-hv78",
"ghsa-fv92-fjc5-jj9h",
"ghsa-hcg3-q754-cr77",
"ghsa-jc7w-c686-c4v9",
"ghsa-mh63-6h87-95cp",
"ghsa-p77j-4mvh-x3m3",
"ghsa-q9hv-hpm4-hj6x",
"ghsa-qxp5-gwg8-xv66",
"ghsa-vvgc-356p-c3xw",
"ghsa-wjrx-6529-hcj3"
]
}
cleanstart-2026-kf66928
Vulnerability from cleanstart
Published
2026-01-30 14:53
Modified
2026-01-29 18:58
Summary
Within HostnameError
Details
Multiple security vulnerabilities affect the openbao-fips package. Within HostnameError. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "openbao-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.2.2-r4"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the openbao-fips package. Within HostnameError. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-KF66928",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T14:53:23.030035Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-KF66928"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-2X5J-VHC8-9CWM"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-F6X5-JH6R-WRFV"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-J5W8-Q4QC-RX2X"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-61727",
"CVE-2025-61729",
"GHSA-2X5J-VHC8-9CWM",
"GHSA-F6X5-JH6R-WRFV",
"GHSA-J5W8-Q4QC-RX2X"
]
}
cleanstart-2026-xz04425
Vulnerability from cleanstart
Published
2026-02-27 00:43
Modified
2026-02-26 12:09
Summary
excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Details
Multiple security vulnerabilities affect the prometheus-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.
Severity
9.8 (Critical)
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "prometheus-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.9.0-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the prometheus-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-XZ04425",
"modified": "2026-02-26T12:09:56Z",
"published": "2026-02-27T00:43:38.553069Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-XZ04425.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate",
"upstream": [
"CVE-2025-61727",
"CVE-2025-61729"
]
}
cleanstart-2026-vu62737
Vulnerability from cleanstart
Published
2026-02-26 00:41
Modified
2026-02-25 07:34
Summary
excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Details
Multiple security vulnerabilities affect the consul-k8s-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "consul-k8s-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.7.8-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the consul-k8s-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-VU62737",
"modified": "2026-02-25T07:34:17Z",
"published": "2026-02-26T00:41:56.473097Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-VU62737.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-22871"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47903"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47907"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-w4qc-356p-c3xw"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22871"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47903"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47907"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate",
"upstream": [
"CVE-2025-22871",
"CVE-2025-47903",
"CVE-2025-47907",
"CVE-2025-61727",
"CVE-2025-61729",
"GHSA-w4qc-356p-c3xw"
]
}
cleanstart-2026-bj28314
Vulnerability from cleanstart
Published
2026-01-30 15:00
Modified
2026-01-29 18:58
Summary
Within HostnameError
Details
Multiple security vulnerabilities affect the metallb package. Within HostnameError. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "metallb"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.15.2-r1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the metallb package. Within HostnameError. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-BJ28314",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T15:00:22.906070Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-BJ28314"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-58183",
"CVE-2025-58185",
"CVE-2025-58187",
"CVE-2025-58188",
"CVE-2025-58189",
"CVE-2025-61723",
"CVE-2025-61724",
"CVE-2025-61725",
"CVE-2025-61729"
]
}
cleanstart-2026-kt25851
Vulnerability from cleanstart
Published
2026-04-06 02:44
Modified
2026-04-03 08:04
Summary
Security fixes for CVE-2025-61727, CVE-2025-61729, CVE-2025-61732, CVE-2025-68121, ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x applied in versions: 0.87.0-r0, 0.87.0-r1, 0.88.0-r1
Details
Multiple security vulnerabilities affect the prometheus-operator-fips package. These issues are resolved in later releases. See references for individual vulnerability details.
References
| URL | Type | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "prometheus-operator-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.88.0-r1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the prometheus-operator-fips package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-KT25851",
"modified": "2026-04-03T08:04:33Z",
"published": "2026-04-06T02:44:54.790204Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-KT25851.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61732"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-f6x5-jh6r-wrfv"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-j5w8-q4qc-rx2x"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61732"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2025-61727, CVE-2025-61729, CVE-2025-61732, CVE-2025-68121, ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x applied in versions: 0.87.0-r0, 0.87.0-r1, 0.88.0-r1",
"upstream": [
"CVE-2025-61727",
"CVE-2025-61729",
"CVE-2025-61732",
"CVE-2025-68121",
"ghsa-f6x5-jh6r-wrfv",
"ghsa-j5w8-q4qc-rx2x"
]
}
cleanstart-2026-pw02676
Vulnerability from cleanstart
Published
2026-01-30 16:35
Modified
2026-01-29 18:58
Summary
Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate
Details
Multiple security vulnerabilities affect the k8ssandra-client-fips package. Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "k8ssandra-client-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.7.0-r4"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the k8ssandra-client-fips package. Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-PW02676",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T16:35:26.383203Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-PW02676"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-F6X5-JH6R-WRFV"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-J5W8-Q4QC-RX2X"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-M6HQ-P25P-FFR2"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-PWHC-RPQ9-4C8W"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate",
"upstream": [
"CVE-2025-58183",
"CVE-2025-58185",
"CVE-2025-58187",
"CVE-2025-58188",
"CVE-2025-58189",
"CVE-2025-61723",
"CVE-2025-61724",
"CVE-2025-61725",
"CVE-2025-61727",
"CVE-2025-61729",
"GHSA-F6X5-JH6R-WRFV",
"GHSA-J5W8-Q4QC-RX2X",
"GHSA-M6HQ-P25P-FFR2",
"GHSA-PWHC-RPQ9-4C8W"
]
}
cleanstart-2026-ls08172
Vulnerability from cleanstart
Published
2026-02-11 00:41
Modified
2026-02-10 22:11
Summary
Within HostnameError
Details
Multiple security vulnerabilities affect the prometheus-fips package. Within HostnameError. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "prometheus-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.5.0-r5"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the prometheus-fips package. Within HostnameError. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-LS08172",
"modified": "2026-02-10T22:11:02Z",
"published": "2026-02-11T00:41:59.030674Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-LS08172"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-8912"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8912"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2020-8912",
"CVE-2025-47914",
"CVE-2025-58181",
"CVE-2025-61727",
"CVE-2025-61729"
]
}
cleanstart-2026-cy45415
Vulnerability from cleanstart
Published
2026-04-01 10:06
Modified
2026-03-06 11:37
Summary
Security fixes for CVE-2025-15558, CVE-2025-61729, CVE-2025-68121, CVE-2026-1229, CVE-2026-24051, CVE-2026-25934, CVE-2026-26958, ghsa-2464-8j7c-4cjm, ghsa-2x5j-vhc8-9cwm, ghsa-fv92-fjc5-jj9h applied in versions: 3.6.16-r0, 3.7.4-r0, 3.7.7-r0
Details
Multiple security vulnerabilities affect the argo-workflows package. These issues are resolved in later releases. See references for individual vulnerability details.
References
| URL | Type | |||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "argo-workflows"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.7.7-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the argo-workflows package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-CY45415",
"modified": "2026-03-06T11:37:07Z",
"published": "2026-04-01T10:06:30.444629Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-CY45415.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-15558"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-1229"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25934"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-26958"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-2464-8j7c-4cjm"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-2x5j-vhc8-9cwm"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-fv92-fjc5-jj9h"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-15558"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1229"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25934"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26958"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2025-15558, CVE-2025-61729, CVE-2025-68121, CVE-2026-1229, CVE-2026-24051, CVE-2026-25934, CVE-2026-26958, ghsa-2464-8j7c-4cjm, ghsa-2x5j-vhc8-9cwm, ghsa-fv92-fjc5-jj9h applied in versions: 3.6.16-r0, 3.7.4-r0, 3.7.7-r0",
"upstream": [
"CVE-2025-15558",
"CVE-2025-61729",
"CVE-2025-68121",
"CVE-2026-1229",
"CVE-2026-24051",
"CVE-2026-25934",
"CVE-2026-26958",
"ghsa-2464-8j7c-4cjm",
"ghsa-2x5j-vhc8-9cwm",
"ghsa-fv92-fjc5-jj9h"
]
}
cleanstart-2026-tk38210
Vulnerability from cleanstart
Published
2026-01-30 16:46
Modified
2026-01-29 18:58
Summary
Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate
Details
Multiple security vulnerabilities affect the druid-exporter-fips package. Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "druid-exporter-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.11-r2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the druid-exporter-fips package. Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-TK38210",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T16:46:25.995358Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-TK38210.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-29526"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47907"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-4f99-4q7p-p3gh"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-29526"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47907"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate",
"upstream": [
"CVE-2022-29526",
"CVE-2025-47907",
"CVE-2025-58183",
"CVE-2025-58185",
"CVE-2025-58187",
"CVE-2025-58188",
"CVE-2025-58189",
"CVE-2025-61723",
"CVE-2025-61724",
"CVE-2025-61725",
"CVE-2025-61727",
"CVE-2025-61729",
"GHSA-4f99-4q7p-p3gh"
]
}
cleanstart-2026-vf66781
Vulnerability from cleanstart
Published
2026-01-30 14:57
Modified
2026-01-29 18:58
Summary
Within HostnameError
Details
Multiple security vulnerabilities affect the metallb package. Within HostnameError. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "metallb"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.15.2-r1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the metallb package. Within HostnameError. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-VF66781",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T14:57:22.763452Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-VF66781.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-58183",
"CVE-2025-58185",
"CVE-2025-58187",
"CVE-2025-58188",
"CVE-2025-58189",
"CVE-2025-61723",
"CVE-2025-61724",
"CVE-2025-61725",
"CVE-2025-61729"
]
}
cleanstart-2026-lo42921
Vulnerability from cleanstart
Published
2026-02-25 00:42
Modified
2026-02-24 09:23
Summary
Within HostnameError
Details
Multiple security vulnerabilities affect the kyverno package. Within HostnameError. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "kyverno"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.16.0-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the kyverno package. Within HostnameError. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-LO42921",
"modified": "2026-02-24T09:23:19Z",
"published": "2026-02-25T00:42:42.699243Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-LO42921"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-58183",
"CVE-2025-58185",
"CVE-2025-58187",
"CVE-2025-58188",
"CVE-2025-58189",
"CVE-2025-61723",
"CVE-2025-61724",
"CVE-2025-61725",
"CVE-2025-61729"
]
}
cleanstart-2026-cq38405
Vulnerability from cleanstart
Published
2026-01-30 16:23
Modified
2026-01-29 18:58
Summary
excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Details
Multiple security vulnerabilities affect the prometheus-node-exporter-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "prometheus-node-exporter-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.9.1-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the prometheus-node-exporter-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-CQ38405",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T16:23:55.161893Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-CQ38405"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-6V2P-P543-PHR9"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-8R3F-844C-MC37"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-CGRX-MC8F-2PRM"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-F6X5-JH6R-WRFV"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-J5W8-Q4QC-RX2X"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-VVGC-356P-C3XW"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate",
"upstream": [
"CVE-2025-61727",
"CVE-2025-61729",
"GHSA-6V2P-P543-PHR9",
"GHSA-8R3F-844C-MC37",
"GHSA-CGRX-MC8F-2PRM",
"GHSA-F6X5-JH6R-WRFV",
"GHSA-J5W8-Q4QC-RX2X",
"GHSA-VVGC-356P-C3XW"
]
}
cleanstart-2026-dp30290
Vulnerability from cleanstart
Published
2026-01-30 15:52
Modified
2026-01-29 18:58
Summary
processing time for parsing some invalid inputs scales non-linearly with respect to the size of the input
Details
Multiple security vulnerabilities affect the cert-manager-fips package. The processing time for parsing some invalid inputs scales non-linearly with respect to the size of the input. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "cert-manager-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.18.2-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the cert-manager-fips package. The processing time for parsing some invalid inputs scales non-linearly with respect to the size of the input. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-DP30290",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T15:52:54.729374Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-DP30290"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-F6X5-JH6R-WRFV"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-J5W8-Q4QC-RX2X"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "processing time for parsing some invalid inputs scales non-linearly with respect to the size of the input",
"upstream": [
"CVE-2025-58183",
"CVE-2025-58185",
"CVE-2025-58187",
"CVE-2025-58188",
"CVE-2025-58189",
"CVE-2025-61723",
"CVE-2025-61724",
"CVE-2025-61725",
"CVE-2025-61727",
"CVE-2025-61729",
"GHSA-F6X5-JH6R-WRFV",
"GHSA-J5W8-Q4QC-RX2X"
]
}
cleanstart-2026-uu56048
Vulnerability from cleanstart
Published
2026-01-30 15:16
Modified
2026-01-29 18:58
Summary
Within HostnameError
Details
Multiple security vulnerabilities affect the helm package. Within HostnameError. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "helm"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.0.1-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the helm package. Within HostnameError. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-UU56048",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T15:16:53.077326Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-UU56048.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-58183",
"CVE-2025-58185",
"CVE-2025-58187",
"CVE-2025-58188",
"CVE-2025-58189",
"CVE-2025-61723",
"CVE-2025-61724",
"CVE-2025-61725",
"CVE-2025-61729"
]
}
cleanstart-2026-sy95837
Vulnerability from cleanstart
Published
2026-01-30 15:28
Modified
2026-01-29 18:58
Summary
Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate
Details
Multiple security vulnerabilities affect the chartmuseum-fips package. Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "chartmuseum-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.16.3-r3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the chartmuseum-fips package. Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-SY95837",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T15:28:53.594094Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-SY95837.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-2c4m-59x9-fr2g"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-3vp4-m3rf-835h"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-53c4-hhmh-vw5q"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-67fx-wx78-jx33"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-7hfp-qfw3-5jxh"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-9h84-qmv7-982p"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-f9f8-9pmf-xv68"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-mh63-6h87-95cp"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-pwcw-6f5g-gxf8"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-v53g-5gjp-272r"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-wf43-55jj-vwq8"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate",
"upstream": [
"CVE-2025-58183",
"CVE-2025-58185",
"CVE-2025-58187",
"CVE-2025-58188",
"CVE-2025-58189",
"CVE-2025-61723",
"CVE-2025-61724",
"CVE-2025-61725",
"CVE-2025-61727",
"CVE-2025-61729",
"GHSA-2c4m-59x9-fr2g",
"GHSA-3vp4-m3rf-835h",
"GHSA-53c4-hhmh-vw5q",
"GHSA-67fx-wx78-jx33",
"GHSA-7hfp-qfw3-5jxh",
"GHSA-9h84-qmv7-982p",
"GHSA-f9f8-9pmf-xv68",
"GHSA-mh63-6h87-95cp",
"GHSA-pwcw-6f5g-gxf8",
"GHSA-v53g-5gjp-272r",
"GHSA-wf43-55jj-vwq8"
]
}
cleanstart-2026-pd99018
Vulnerability from cleanstart
Published
2026-01-30 14:02
Modified
2026-01-29 18:58
Summary
Within HostnameError
Details
Multiple security vulnerabilities affect the kubernetes package. Within HostnameError. See references for individual vulnerability details.
Severity
9.8 (Critical)
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "kubernetes"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.34.2-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the kubernetes package. Within HostnameError. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-PD99018",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T14:02:50.913977Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-PD99018"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-61727",
"CVE-2025-61729"
]
}
cleanstart-2026-am88528
Vulnerability from cleanstart
Published
2026-04-01 09:27
Modified
2026-03-23 14:25
Summary
Security fixes for CVE-2025-15558, CVE-2025-61729, CVE-2026-24051, CVE-2026-25679, CVE-2026-25934, CVE-2026-26958, CVE-2026-27139, CVE-2026-27142, CVE-2026-33186, ghsa-2464-8j7c-4cjm, ghsa-2x5j-vhc8-9cwm, ghsa-37cx-329c-33x3, ghsa-fv92-fjc5-jj9h, ghsa-fw7p-63qq-7hpr, ghsa-p436-gjf2-799p, ghsa-p77j-4mvh-x3m3 applied in versions: 3.6.16-r0, 3.6.18-r0, 3.6.19-r0, 3.6.19-r1, 3.6.19-r2, 3.6.19-r3, 3.7.4-r0
Details
Multiple security vulnerabilities affect the argo-workflows package. These issues are resolved in later releases. See references for individual vulnerability details.
References
| URL | Type | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "argo-workflows"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.7.4-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the argo-workflows package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-AM88528",
"modified": "2026-03-23T14:25:49Z",
"published": "2026-04-01T09:27:52.956018Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-AM88528.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-15558"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25934"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-26958"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-2464-8j7c-4cjm"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-2x5j-vhc8-9cwm"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-37cx-329c-33x3"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-fv92-fjc5-jj9h"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-fw7p-63qq-7hpr"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-p436-gjf2-799p"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-p77j-4mvh-x3m3"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-15558"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25934"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26958"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2025-15558, CVE-2025-61729, CVE-2026-24051, CVE-2026-25679, CVE-2026-25934, CVE-2026-26958, CVE-2026-27139, CVE-2026-27142, CVE-2026-33186, ghsa-2464-8j7c-4cjm, ghsa-2x5j-vhc8-9cwm, ghsa-37cx-329c-33x3, ghsa-fv92-fjc5-jj9h, ghsa-fw7p-63qq-7hpr, ghsa-p436-gjf2-799p, ghsa-p77j-4mvh-x3m3 applied in versions: 3.6.16-r0, 3.6.18-r0, 3.6.19-r0, 3.6.19-r1, 3.6.19-r2, 3.6.19-r3, 3.7.4-r0",
"upstream": [
"CVE-2025-15558",
"CVE-2025-61729",
"CVE-2026-24051",
"CVE-2026-25679",
"CVE-2026-25934",
"CVE-2026-26958",
"CVE-2026-27139",
"CVE-2026-27142",
"CVE-2026-33186",
"ghsa-2464-8j7c-4cjm",
"ghsa-2x5j-vhc8-9cwm",
"ghsa-37cx-329c-33x3",
"ghsa-fv92-fjc5-jj9h",
"ghsa-fw7p-63qq-7hpr",
"ghsa-p436-gjf2-799p",
"ghsa-p77j-4mvh-x3m3"
]
}
cleanstart-2026-ts12850
Vulnerability from cleanstart
Published
2026-01-30 15:17
Modified
2026-01-29 18:58
Summary
excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Details
Multiple security vulnerabilities affect the helm-operator-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "helm-operator-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.41.1-r1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the helm-operator-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-TS12850",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T15:17:53.937628Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-TS12850.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-9h84-gmv7-982p"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-mf38-5pwr-xv68"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-x4rx-4gw5-53pq"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate",
"upstream": [
"CVE-2025-61727",
"CVE-2025-61729",
"GHSA-9h84-gmv7-982p",
"GHSA-mf38-5pwr-xv68",
"GHSA-x4rx-4gw5-53pq"
]
}
cleanstart-2026-gs02052
Vulnerability from cleanstart
Published
2026-01-30 15:22
Modified
2026-01-29 18:58
Summary
excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Details
Multiple security vulnerabilities affect the helm-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "helm-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.0.1-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the helm-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-GS02052",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T15:22:23.453780Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-GS02052"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate",
"upstream": [
"CVE-2025-58183",
"CVE-2025-58185",
"CVE-2025-58187",
"CVE-2025-58188",
"CVE-2025-58189",
"CVE-2025-61723",
"CVE-2025-61724",
"CVE-2025-61725",
"CVE-2025-61727",
"CVE-2025-61729"
]
}
cleanstart-2026-bp32212
Vulnerability from cleanstart
Published
2026-04-01 09:58
Modified
2026-03-11 10:14
Summary
Security fixes for CVE-2025-61727, CVE-2025-61729, CVE-2025-61732, CVE-2025-68121, ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x applied in versions: 0.87.0-r0, 0.87.0-r1, 0.88.0-r0
Details
Multiple security vulnerabilities affect the prometheus-operator-fips package. These issues are resolved in later releases. See references for individual vulnerability details.
References
| URL | Type | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "prometheus-operator-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.88.0-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the prometheus-operator-fips package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-BP32212",
"modified": "2026-03-11T10:14:30Z",
"published": "2026-04-01T09:58:48.421220Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-BP32212.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61732"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-f6x5-jh6r-wrfv"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-j5w8-q4qc-rx2x"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61732"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2025-61727, CVE-2025-61729, CVE-2025-61732, CVE-2025-68121, ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x applied in versions: 0.87.0-r0, 0.87.0-r1, 0.88.0-r0",
"upstream": [
"CVE-2025-61727",
"CVE-2025-61729",
"CVE-2025-61732",
"CVE-2025-68121",
"ghsa-f6x5-jh6r-wrfv",
"ghsa-j5w8-q4qc-rx2x"
]
}
cleanstart-2026-ui65993
Vulnerability from cleanstart
Published
2026-01-30 16:21
Modified
2026-01-29 18:58
Summary
Within HostnameError
Details
Multiple security vulnerabilities affect the spire-server-fips package. Within HostnameError. See references for individual vulnerability details.
Severity
9.8 (Critical)
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "spire-server-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.13.3-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the spire-server-fips package. Within HostnameError. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-UI65993",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T16:21:25.457624Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-UI65993.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-61727",
"CVE-2025-61729"
]
}
cleanstart-2026-pv93827
Vulnerability from cleanstart
Published
2026-04-01 09:31
Modified
2026-03-23 07:38
Summary
Security fixes for CVE-2025-47913, CVE-2025-47914, CVE-2025-58181, CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-61732, CVE-2025-68119, CVE-2025-68121, CVE-2026-24515, CVE-2026-25210, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-33186 applied in versions: 1.25.4-r0, 1.25.4-r1, 1.25.4-r2
Details
Multiple security vulnerabilities affect the cloudnative-pg-fips package. These issues are resolved in later releases. See references for individual vulnerability details.
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "cloudnative-pg-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.25.4-r2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the cloudnative-pg-fips package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-PV93827",
"modified": "2026-03-23T07:38:20Z",
"published": "2026-04-01T09:31:37.416388Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-PV93827.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61732"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68119"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-24515"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25210"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61732"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68119"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24515"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25210"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2025-47913, CVE-2025-47914, CVE-2025-58181, CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-61732, CVE-2025-68119, CVE-2025-68121, CVE-2026-24515, CVE-2026-25210, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-33186 applied in versions: 1.25.4-r0, 1.25.4-r1, 1.25.4-r2",
"upstream": [
"CVE-2025-47913",
"CVE-2025-47914",
"CVE-2025-58181",
"CVE-2025-61726",
"CVE-2025-61727",
"CVE-2025-61728",
"CVE-2025-61729",
"CVE-2025-61730",
"CVE-2025-61732",
"CVE-2025-68119",
"CVE-2025-68121",
"CVE-2026-24515",
"CVE-2026-25210",
"CVE-2026-25679",
"CVE-2026-27139",
"CVE-2026-27142",
"CVE-2026-33186"
]
}
cleanstart-2026-jx43631
Vulnerability from cleanstart
Published
2026-01-30 15:06
Modified
2026-01-29 18:58
Summary
Within HostnameError
Details
Multiple security vulnerabilities affect the k8ssandra-operator-fips package. Within HostnameError. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "k8ssandra-operator-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.28.0-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the k8ssandra-operator-fips package. Within HostnameError. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-JX43631",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T15:06:23.337190Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-JX43631"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-0913"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-4673"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47907"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-0913"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4673"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47907"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-0913",
"CVE-2025-4673",
"CVE-2025-47907",
"CVE-2025-61727",
"CVE-2025-61729"
]
}
cleanstart-2026-mx45462
Vulnerability from cleanstart
Published
2026-04-01 09:18
Modified
2026-03-25 14:24
Summary
Security fixes for CVE-2025-61729 applied in versions: 1.1.0-r0
Details
Security vulnerability affects the external-secrets package. This issue is resolved in later releases. See references for vulnerability details.
References
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "external-secrets"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.1.0-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Security vulnerability affects the external-secrets package. This issue is resolved in later releases. See references for vulnerability details.",
"id": "CLEANSTART-2026-MX45462",
"modified": "2026-03-25T14:24:33Z",
"published": "2026-04-01T09:18:16.445023Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-MX45462.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2025-61729 applied in versions: 1.1.0-r0",
"upstream": [
"CVE-2025-61729"
]
}
cleanstart-2026-ek72220
Vulnerability from cleanstart
Published
2026-01-30 16:24
Modified
2026-01-29 18:58
Summary
excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Details
Multiple security vulnerabilities affect the prometheus-node-exporter-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "prometheus-node-exporter-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.9.1-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the prometheus-node-exporter-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-EK72220",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T16:24:55.137022Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-EK72220"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-CGRX-MC8F-2PRM"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-F6X5-JH6R-WRFV"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-J5W8-Q4QC-RX2X"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-VVGC-356P-C3XW"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate",
"upstream": [
"CVE-2025-61727",
"CVE-2025-61729",
"GHSA-CGRX-MC8F-2PRM",
"GHSA-F6X5-JH6R-WRFV",
"GHSA-J5W8-Q4QC-RX2X",
"GHSA-VVGC-356P-C3XW"
]
}
cleanstart-2026-lz54652
Vulnerability from cleanstart
Published
2026-04-01 10:00
Modified
2026-03-11 07:18
Summary
Security fixes for CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61729 applied in versions: 1.7.0-r0, 1.7.1-r0
Details
Multiple security vulnerabilities affect the vault-k8s package. These issues are resolved in later releases. See references for individual vulnerability details.
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "vault-k8s"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.7.1-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the vault-k8s package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-LZ54652",
"modified": "2026-03-11T07:18:17Z",
"published": "2026-04-01T10:00:12.081449Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-LZ54652.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61729 applied in versions: 1.7.0-r0, 1.7.1-r0",
"upstream": [
"CVE-2025-58183",
"CVE-2025-58185",
"CVE-2025-58187",
"CVE-2025-58188",
"CVE-2025-58189",
"CVE-2025-61723",
"CVE-2025-61724",
"CVE-2025-61725",
"CVE-2025-61729"
]
}
cleanstart-2026-yk54840
Vulnerability from cleanstart
Published
2026-01-30 16:30
Modified
2026-01-29 18:58
Summary
Within HostnameError
Details
Multiple security vulnerabilities affect the kubernetes-fips package. Within HostnameError. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "kubernetes-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.32.2-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the kubernetes-fips package. Within HostnameError. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-YK54840",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T16:30:55.324232Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-YK54840.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-7598"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-7598"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2024-7598",
"CVE-2025-61727",
"CVE-2025-61729"
]
}
cleanstart-2026-bm53321
Vulnerability from cleanstart
Published
2026-04-10 00:51
Modified
2026-04-09 11:53
Summary
attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing
Details
Multiple security vulnerabilities affect the kube-state-metrics package. An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "kube-state-metrics"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.16.0-r3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the kube-state-metrics package. An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-BM53321",
"modified": "2026-04-09T11:53:35Z",
"published": "2026-04-10T00:51:58.426076Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-BM53321.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-22868"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47911"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58190"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47911"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58190"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing",
"upstream": [
"CVE-2025-22868",
"CVE-2025-47911",
"CVE-2025-47913",
"CVE-2025-47914",
"CVE-2025-58181",
"CVE-2025-58183",
"CVE-2025-58185",
"CVE-2025-58187",
"CVE-2025-58188",
"CVE-2025-58189",
"CVE-2025-58190",
"CVE-2025-61723",
"CVE-2025-61724",
"CVE-2025-61725",
"CVE-2025-61726",
"CVE-2025-61727",
"CVE-2025-61728",
"CVE-2025-61729",
"CVE-2025-61730",
"CVE-2025-68121",
"CVE-2026-24051",
"CVE-2026-25679",
"CVE-2026-27139",
"CVE-2026-27142",
"CVE-2026-32280",
"CVE-2026-32281",
"CVE-2026-32282",
"CVE-2026-32283",
"CVE-2026-32289",
"CVE-2026-33186"
]
}
cleanstart-2026-ol17158
Vulnerability from cleanstart
Published
2026-04-01 09:23
Modified
2026-03-25 04:38
Summary
Security fixes for CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-68119, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x, ghsa-m6hq-p25p-ffr2, ghsa-p77j-4mvh-x3m3, ghsa-pwhc-rpq9-4c8w applied in versions: 0.7.0-r2, 0.7.0-r3, 0.7.0-r4
Details
Multiple security vulnerabilities affect the k8ssandra-client-fips package. These issues are resolved in later releases. See references for individual vulnerability details.
References
| URL | Type | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "k8ssandra-client-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.7.0-r4"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the k8ssandra-client-fips package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-OL17158",
"modified": "2026-03-25T04:38:39Z",
"published": "2026-04-01T09:23:46.993269Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-OL17158.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68119"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-f6x5-jh6r-wrfv"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-j5w8-q4qc-rx2x"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-m6hq-p25p-ffr2"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-p77j-4mvh-x3m3"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-pwhc-rpq9-4c8w"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68119"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27142"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-68119, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x, ghsa-m6hq-p25p-ffr2, ghsa-p77j-4mvh-x3m3, ghsa-pwhc-rpq9-4c8w applied in versions: 0.7.0-r2, 0.7.0-r3, 0.7.0-r4",
"upstream": [
"CVE-2025-58183",
"CVE-2025-58185",
"CVE-2025-58187",
"CVE-2025-58188",
"CVE-2025-58189",
"CVE-2025-61723",
"CVE-2025-61724",
"CVE-2025-61725",
"CVE-2025-61726",
"CVE-2025-61727",
"CVE-2025-61728",
"CVE-2025-61729",
"CVE-2025-61730",
"CVE-2025-68119",
"CVE-2026-25679",
"CVE-2026-27139",
"CVE-2026-27142",
"ghsa-f6x5-jh6r-wrfv",
"ghsa-j5w8-q4qc-rx2x",
"ghsa-m6hq-p25p-ffr2",
"ghsa-p77j-4mvh-x3m3",
"ghsa-pwhc-rpq9-4c8w"
]
}
cleanstart-2026-mj51212
Vulnerability from cleanstart
Published
2026-01-30 15:40
Modified
2026-01-29 18:58
Summary
Cancelling a query (e
Details
Multiple security vulnerabilities affect the dex-fips package. Cancelling a query (e. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "dex-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.41.1-r4"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the dex-fips package. Cancelling a query (e. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-MJ51212",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T15:40:23.782215Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-MJ51212"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47907"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-F6X5-JH6R-WRFV"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-J5W8-Q4QC-RX2X"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47907"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Cancelling a query (e",
"upstream": [
"CVE-2025-47907",
"CVE-2025-58183",
"CVE-2025-58185",
"CVE-2025-58187",
"CVE-2025-58188",
"CVE-2025-58189",
"CVE-2025-61723",
"CVE-2025-61724",
"CVE-2025-61725",
"CVE-2025-61727",
"CVE-2025-61729",
"GHSA-F6X5-JH6R-WRFV",
"GHSA-J5W8-Q4QC-RX2X"
]
}
cleanstart-2026-on62368
Vulnerability from cleanstart
Published
2026-04-01 09:32
Modified
2026-03-23 07:09
Summary
Security fixes for CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61729, CVE-2026-25679, CVE-2026-27137, CVE-2026-27138, CVE-2026-27139, CVE-2026-27142 applied in versions: 0.10.0-r0, 0.10.0-r1, 0.11.0-r0, 1.13.1-r0
Details
Multiple security vulnerabilities affect the wave package. These issues are resolved in later releases. See references for individual vulnerability details.
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "wave"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.13.1-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the wave package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-ON62368",
"modified": "2026-03-23T07:09:26Z",
"published": "2026-04-01T09:32:49.419019Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-ON62368.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27137"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27138"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27137"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27138"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27142"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61729, CVE-2026-25679, CVE-2026-27137, CVE-2026-27138, CVE-2026-27139, CVE-2026-27142 applied in versions: 0.10.0-r0, 0.10.0-r1, 0.11.0-r0, 1.13.1-r0",
"upstream": [
"CVE-2025-58183",
"CVE-2025-58185",
"CVE-2025-58187",
"CVE-2025-58188",
"CVE-2025-58189",
"CVE-2025-61723",
"CVE-2025-61724",
"CVE-2025-61725",
"CVE-2025-61729",
"CVE-2026-25679",
"CVE-2026-27137",
"CVE-2026-27138",
"CVE-2026-27139",
"CVE-2026-27142"
]
}
cleanstart-2026-pi00621
Vulnerability from cleanstart
Published
2026-01-30 15:03
Modified
2026-01-29 18:58
Summary
excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Details
Multiple security vulnerabilities affect the kube-state-metrics-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "kube-state-metrics-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.17.0-r1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the kube-state-metrics-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-PI00621",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T15:03:52.974587Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-PI00621"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-F6X5-JH6R-WRFV"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-J5W8-Q4QC-RX2X"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate",
"upstream": [
"CVE-2025-61727",
"CVE-2025-61729",
"GHSA-F6X5-JH6R-WRFV",
"GHSA-J5W8-Q4QC-RX2X"
]
}
cleanstart-2026-ol25917
Vulnerability from cleanstart
Published
2026-01-30 14:44
Modified
2026-01-29 18:58
Summary
excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Details
Multiple security vulnerabilities affect the velero package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "velero"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.17.0-r1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the velero package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-OL25917",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T14:44:22.881508Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-OL25917"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-46394"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58251"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-CGRX-MC8F-2PRM"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-M6HQ-P25P-FFR2"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-PWHC-RPQ9-4C8W"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-46394"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58251"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate",
"upstream": [
"CVE-2025-46394",
"CVE-2025-58183",
"CVE-2025-58185",
"CVE-2025-58187",
"CVE-2025-58188",
"CVE-2025-58189",
"CVE-2025-58251",
"CVE-2025-61723",
"CVE-2025-61724",
"CVE-2025-61725",
"CVE-2025-61727",
"CVE-2025-61729",
"GHSA-CGRX-MC8F-2PRM",
"GHSA-M6HQ-P25P-FFR2",
"GHSA-PWHC-RPQ9-4C8W"
]
}
cleanstart-2026-qv26039
Vulnerability from cleanstart
Published
2026-01-30 16:03
Modified
2026-01-29 18:58
Summary
Within HostnameError
Details
Security vulnerability affects the argo-workflows package. Within HostnameError.
Severity
9.8 (Critical)
References
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "argo-workflows"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.7.4-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Security vulnerability affects the argo-workflows package. Within HostnameError.",
"id": "CLEANSTART-2026-QV26039",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T16:03:24.653963Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-QV26039"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-61729"
]
}
cleanstart-2026-rr78450
Vulnerability from cleanstart
Published
2026-02-06 00:39
Modified
2026-02-05 12:20
Summary
Within HostnameError
Details
Multiple security vulnerabilities affect the argo-workflows package. Within HostnameError. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "argo-workflows"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.7.4-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the argo-workflows package. Within HostnameError. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-RR78450",
"modified": "2026-02-05T12:20:16Z",
"published": "2026-02-06T00:39:29.463576Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-RR78450.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-2464-8j7c-4cjm"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-2x5j-vhc8-9cwm"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-fv92-fjc5-jj9h"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-61729",
"GHSA-2464-8j7c-4cjm",
"GHSA-2x5j-vhc8-9cwm",
"GHSA-fv92-fjc5-jj9h"
]
}
cleanstart-2026-cn84623
Vulnerability from cleanstart
Published
2026-04-30 00:53
Modified
2026-04-29 09:12
Summary
Within HostnameError
Details
Multiple security vulnerabilities affect the opentofu-fips package. Within HostnameError. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "opentofu-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.9.4-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the opentofu-fips package. Within HostnameError. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-CN84623",
"modified": "2026-04-29T09:12:44Z",
"published": "2026-04-30T00:53:26.653377Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-CN84623.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2020-8912"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-10005"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-10006"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61732"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68119"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-24515"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25210"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33810"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-34986"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39882"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39883"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-2464-8j7c-4cjm"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-2x5j-vhc8-9cwm"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-6v2p-p543-phr9"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-78h2-9frx-2jm8"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-c6gw-w398-hv78"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-fv92-fjc5-jj9h"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-hcg3-q754-cr77"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-hfvc-g4fc-pqhx"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-jc7w-c686-c4v9"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-mh63-6h87-95cp"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-p77j-4mvh-x3m3"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-q9hv-hpm4-hj6x"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-qxp5-gwg8-xv66"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-vvgc-356p-c3xw"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-w8rr-5gcm-pp58"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-wjrx-6529-hcj3"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-xmrv-pmrh-hhx2"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8912"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-10005"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-10006"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61732"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68119"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24515"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25210"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33810"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39882"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39883"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2020-8912",
"CVE-2024-10005",
"CVE-2024-10006",
"CVE-2025-47913",
"CVE-2025-47914",
"CVE-2025-58181",
"CVE-2025-61726",
"CVE-2025-61727",
"CVE-2025-61728",
"CVE-2025-61729",
"CVE-2025-61730",
"CVE-2025-61732",
"CVE-2025-68119",
"CVE-2025-68121",
"CVE-2026-24051",
"CVE-2026-24515",
"CVE-2026-25210",
"CVE-2026-25679",
"CVE-2026-27139",
"CVE-2026-27142",
"CVE-2026-32280",
"CVE-2026-32281",
"CVE-2026-32282",
"CVE-2026-32283",
"CVE-2026-32289",
"CVE-2026-33186",
"CVE-2026-33810",
"CVE-2026-34986",
"CVE-2026-39882",
"CVE-2026-39883",
"ghsa-2464-8j7c-4cjm",
"ghsa-2x5j-vhc8-9cwm",
"ghsa-6v2p-p543-phr9",
"ghsa-78h2-9frx-2jm8",
"ghsa-c6gw-w398-hv78",
"ghsa-fv92-fjc5-jj9h",
"ghsa-hcg3-q754-cr77",
"ghsa-hfvc-g4fc-pqhx",
"ghsa-jc7w-c686-c4v9",
"ghsa-mh63-6h87-95cp",
"ghsa-p77j-4mvh-x3m3",
"ghsa-q9hv-hpm4-hj6x",
"ghsa-qxp5-gwg8-xv66",
"ghsa-vvgc-356p-c3xw",
"ghsa-w8rr-5gcm-pp58",
"ghsa-wjrx-6529-hcj3",
"ghsa-xmrv-pmrh-hhx2"
]
}
cleanstart-2026-ot07577
Vulnerability from cleanstart
Published
2026-04-01 09:24
Modified
2026-03-24 13:01
Summary
Security fixes for CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61727, CVE-2025-61729, CVE-2026-1229 applied in versions: 3.19.0-r0, 4.0.1-r0, 4.1.0-r0
Details
Multiple security vulnerabilities affect the helm-fips package. These issues are resolved in later releases. See references for individual vulnerability details.
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "helm-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.1.0-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the helm-fips package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-OT07577",
"modified": "2026-03-24T13:01:13Z",
"published": "2026-04-01T09:24:34.526263Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-OT07577.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-1229"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1229"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61727, CVE-2025-61729, CVE-2026-1229 applied in versions: 3.19.0-r0, 4.0.1-r0, 4.1.0-r0",
"upstream": [
"CVE-2025-58183",
"CVE-2025-58185",
"CVE-2025-58187",
"CVE-2025-58188",
"CVE-2025-58189",
"CVE-2025-61723",
"CVE-2025-61724",
"CVE-2025-61725",
"CVE-2025-61727",
"CVE-2025-61729",
"CVE-2026-1229"
]
}
cleanstart-2026-fm65506
Vulnerability from cleanstart
Published
2026-02-25 00:49
Modified
2026-02-24 09:23
Summary
html
Details
Multiple security vulnerabilities affect the stakater-reloader package. The html. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "stakater-reloader"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.4.8-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the stakater-reloader package. The html. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-FM65506",
"modified": "2026-02-24T09:23:19Z",
"published": "2026-02-25T00:49:12.988018Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-FM65506"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47911"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58190"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47911"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58190"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "html",
"upstream": [
"CVE-2025-47911",
"CVE-2025-58183",
"CVE-2025-58185",
"CVE-2025-58187",
"CVE-2025-58188",
"CVE-2025-58189",
"CVE-2025-58190",
"CVE-2025-61723",
"CVE-2025-61724",
"CVE-2025-61725",
"CVE-2025-61729"
]
}
cleanstart-2026-jm36781
Vulnerability from cleanstart
Published
2026-01-30 14:37
Modified
2026-01-29 18:58
Summary
Within HostnameError
Details
Security vulnerability affects the velero-plugin-for-aws package. Within HostnameError.
Severity
9.8 (Critical)
References
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "velero-plugin-for-aws"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.13.1-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Security vulnerability affects the velero-plugin-for-aws package. Within HostnameError.",
"id": "CLEANSTART-2026-JM36781",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T14:37:22.513933Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-JM36781"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-61729"
]
}
cleanstart-2026-cv29689
Vulnerability from cleanstart
Published
2026-04-01 09:24
Modified
2026-03-24 13:01
Summary
Security fixes for CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61729, CVE-2025-62820, CVE-2026-25793, CVE-2026-30836 applied in versions: 0.10.2-r0, 0.9.10-r0, 0.9.9-r0, 0.9.9-r1
Details
Multiple security vulnerabilities affect the step-issuer package. These issues are resolved in later releases. See references for individual vulnerability details.
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "step-issuer"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.9.9-r1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the step-issuer package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-CV29689",
"modified": "2026-03-24T13:01:13Z",
"published": "2026-04-01T09:24:13.195625Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-CV29689.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-62820"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25793"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-30836"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62820"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25793"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-30836"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61729, CVE-2025-62820, CVE-2026-25793, CVE-2026-30836 applied in versions: 0.10.2-r0, 0.9.10-r0, 0.9.9-r0, 0.9.9-r1",
"upstream": [
"CVE-2025-58183",
"CVE-2025-58185",
"CVE-2025-58187",
"CVE-2025-58188",
"CVE-2025-58189",
"CVE-2025-61723",
"CVE-2025-61724",
"CVE-2025-61725",
"CVE-2025-61729",
"CVE-2025-62820",
"CVE-2026-25793",
"CVE-2026-30836"
]
}
cleanstart-2026-xb70091
Vulnerability from cleanstart
Published
2026-01-30 14:03
Modified
2026-01-29 18:58
Summary
Within HostnameError
Details
Multiple security vulnerabilities affect the kubernetes package. Within HostnameError. See references for individual vulnerability details.
Severity
9.8 (Critical)
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "kubernetes"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.34.2-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the kubernetes package. Within HostnameError. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-XB70091",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T14:03:50.560679Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-XB70091.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-61727",
"CVE-2025-61729"
]
}
cleanstart-2026-yg94604
Vulnerability from cleanstart
Published
2026-01-30 17:24
Modified
2026-01-29 18:58
Summary
Within HostnameError
Details
Multiple security vulnerabilities affect the opentofu-fips package. Within HostnameError. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "opentofu-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.9.4-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the opentofu-fips package. Within HostnameError. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-YG94604",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T17:24:56.864393Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-YG94604.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-2464-8j7c-4cjm"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-2x5j-vhc8-9cwm"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-6v2p-p543-phr9"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-c6gw-w398-hv78"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-fv92-fjc5-jj9h"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-hcg3-q754-cr77"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-jc7w-c686-c4v9"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-mh63-6h87-95cp"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-qxp5-gwg8-xv66"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-vvgc-356p-c3xw"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-wjrx-6529-hcj3"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-47913",
"CVE-2025-47914",
"CVE-2025-58181",
"CVE-2025-61727",
"CVE-2025-61729",
"GHSA-2464-8j7c-4cjm",
"GHSA-2x5j-vhc8-9cwm",
"GHSA-6v2p-p543-phr9",
"GHSA-c6gw-w398-hv78",
"GHSA-fv92-fjc5-jj9h",
"GHSA-hcg3-q754-cr77",
"GHSA-jc7w-c686-c4v9",
"GHSA-mh63-6h87-95cp",
"GHSA-qxp5-gwg8-xv66",
"GHSA-vvgc-356p-c3xw",
"GHSA-wjrx-6529-hcj3"
]
}
cleanstart-2026-bz58799
Vulnerability from cleanstart
Published
2026-02-06 00:39
Modified
2026-02-05 12:20
Summary
Within HostnameError
Details
Multiple security vulnerabilities affect the argo-workflows package. Within HostnameError. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "argo-workflows"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.7.4-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the argo-workflows package. Within HostnameError. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-BZ58799",
"modified": "2026-02-05T12:20:16Z",
"published": "2026-02-06T00:39:29.590361Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-BZ58799"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-2464-8J7C-4CJM"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-2X5J-VHC8-9CWM"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-FV92-FJC5-JJ9H"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-61729",
"GHSA-2464-8J7C-4CJM",
"GHSA-2X5J-VHC8-9CWM",
"GHSA-FV92-FJC5-JJ9H"
]
}
cleanstart-2026-im73098
Vulnerability from cleanstart
Published
2026-02-11 00:40
Modified
2026-02-10 22:11
Summary
excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Details
Multiple security vulnerabilities affect the istio-pilot-discovery package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.
Severity
9.8 (Critical)
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "istio-pilot-discovery"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.28.1-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the istio-pilot-discovery package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-IM73098",
"modified": "2026-02-10T22:11:02Z",
"published": "2026-02-11T00:40:59.052841Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-IM73098"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate",
"upstream": [
"CVE-2025-61727",
"CVE-2025-61729"
]
}
cleanstart-2026-ol60454
Vulnerability from cleanstart
Published
2026-01-30 14:52
Modified
2026-01-29 18:58
Summary
Within HostnameError
Details
Multiple security vulnerabilities affect the step-issuer package. Within HostnameError. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "step-issuer"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.9.9-r1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the step-issuer package. Within HostnameError. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-OL60454",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T14:52:23.086717Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-OL60454"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-62820"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62820"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-58183",
"CVE-2025-58185",
"CVE-2025-58187",
"CVE-2025-58188",
"CVE-2025-58189",
"CVE-2025-61723",
"CVE-2025-61724",
"CVE-2025-61725",
"CVE-2025-61729",
"CVE-2025-62820"
]
}
cleanstart-2026-hq88036
Vulnerability from cleanstart
Published
2026-04-30 01:00
Modified
2026-04-29 07:41
Summary
During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions
Details
Multiple security vulnerabilities affect the terragrunt-fips package. During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "terragrunt-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.96.1-r4"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the terragrunt-fips package. During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-HQ88036",
"modified": "2026-04-29T07:41:49Z",
"published": "2026-04-30T01:00:58.604637Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-HQ88036.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-1229"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-26958"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32285"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33810"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-34986"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39882"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-4660"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-3xc5-wrhm-f963"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-6g7g-w4f8-9c9x"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-78h2-9frx-2jm8"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-92mm-2pjq-r785"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-9h8m-3fm2-qjrq"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-fw7p-63qq-7hpr"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-q9hv-hpm4-hj6x"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-w8rr-5gcm-pp58"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-xmrv-pmrh-hhx2"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1229"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26958"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32285"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33810"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39882"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4660"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions",
"upstream": [
"CVE-2025-47913",
"CVE-2025-47914",
"CVE-2025-58181",
"CVE-2025-61727",
"CVE-2025-61729",
"CVE-2026-1229",
"CVE-2026-24051",
"CVE-2026-25679",
"CVE-2026-26958",
"CVE-2026-27139",
"CVE-2026-27142",
"CVE-2026-32280",
"CVE-2026-32281",
"CVE-2026-32282",
"CVE-2026-32283",
"CVE-2026-32285",
"CVE-2026-32289",
"CVE-2026-33186",
"CVE-2026-33810",
"CVE-2026-34986",
"CVE-2026-39882",
"CVE-2026-4660",
"ghsa-3xc5-wrhm-f963",
"ghsa-6g7g-w4f8-9c9x",
"ghsa-78h2-9frx-2jm8",
"ghsa-92mm-2pjq-r785",
"ghsa-9h8m-3fm2-qjrq",
"ghsa-fw7p-63qq-7hpr",
"ghsa-q9hv-hpm4-hj6x",
"ghsa-w8rr-5gcm-pp58",
"ghsa-xmrv-pmrh-hhx2"
]
}
cleanstart-2026-ml51665
Vulnerability from cleanstart
Published
2026-01-30 16:20
Modified
2026-01-29 18:58
Summary
excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Details
Multiple security vulnerabilities affect the stakater-reloader-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.
Severity
9.8 (Critical)
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "stakater-reloader-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.2.1-r1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the stakater-reloader-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-ML51665",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T16:20:55.711028Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-ML51665"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate",
"upstream": [
"CVE-2025-61727",
"CVE-2025-61729"
]
}
cleanstart-2026-dn37053
Vulnerability from cleanstart
Published
2026-01-30 16:30
Modified
2026-01-29 18:58
Summary
Within HostnameError
Details
Multiple security vulnerabilities affect the kubernetes-fips package. Within HostnameError. See references for individual vulnerability details.
Severity
9.8 (Critical)
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "kubernetes-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.31.14-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the kubernetes-fips package. Within HostnameError. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-DN37053",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T16:30:25.711037Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-DN37053"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-61727",
"CVE-2025-61729"
]
}
cleanstart-2026-ee52954
Vulnerability from cleanstart
Published
2026-04-01 09:36
Modified
2026-03-22 07:36
Summary
Security fixes for CVE-2021-3538, CVE-2025-22871, CVE-2025-29923, CVE-2025-4673, CVE-2025-47907, CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61727, CVE-2025-61729, CVE-2025-68121, CVE-2026-24051, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-33186, ghsa-f6x5-jh6r-wrfv, ghsa-hcg3-q754-cr77, ghsa-j5w8-q4qc-rx2x, ghsa-mh63-6h87-95cp, ghsa-qxp5-gwg8-xv66, ghsa-vvgc-356p-c3xw applied in versions: 3.0.0.1-r2, 3.0.0.1-r3, 3.0.0.1-r4
Details
Multiple security vulnerabilities affect the harbor-registry package. These issues are resolved in later releases. See references for individual vulnerability details.
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "harbor-registry"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.0.0.1-r4"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the harbor-registry package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-EE52954",
"modified": "2026-03-22T07:36:37Z",
"published": "2026-04-01T09:36:34.270182Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-EE52954.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2021-3538"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-22871"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-29923"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-4673"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47907"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-f6x5-jh6r-wrfv"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-hcg3-q754-cr77"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-j5w8-q4qc-rx2x"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-mh63-6h87-95cp"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-qxp5-gwg8-xv66"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-vvgc-356p-c3xw"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3538"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22871"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-29923"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4673"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47907"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2021-3538, CVE-2025-22871, CVE-2025-29923, CVE-2025-4673, CVE-2025-47907, CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61727, CVE-2025-61729, CVE-2025-68121, CVE-2026-24051, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-33186, ghsa-f6x5-jh6r-wrfv, ghsa-hcg3-q754-cr77, ghsa-j5w8-q4qc-rx2x, ghsa-mh63-6h87-95cp, ghsa-qxp5-gwg8-xv66, ghsa-vvgc-356p-c3xw applied in versions: 3.0.0.1-r2, 3.0.0.1-r3, 3.0.0.1-r4",
"upstream": [
"CVE-2021-3538",
"CVE-2025-22871",
"CVE-2025-29923",
"CVE-2025-4673",
"CVE-2025-47907",
"CVE-2025-58183",
"CVE-2025-58185",
"CVE-2025-58187",
"CVE-2025-58188",
"CVE-2025-58189",
"CVE-2025-61723",
"CVE-2025-61724",
"CVE-2025-61725",
"CVE-2025-61727",
"CVE-2025-61729",
"CVE-2025-68121",
"CVE-2026-24051",
"CVE-2026-25679",
"CVE-2026-27139",
"CVE-2026-27142",
"CVE-2026-33186",
"ghsa-f6x5-jh6r-wrfv",
"ghsa-hcg3-q754-cr77",
"ghsa-j5w8-q4qc-rx2x",
"ghsa-mh63-6h87-95cp",
"ghsa-qxp5-gwg8-xv66",
"ghsa-vvgc-356p-c3xw"
]
}
cleanstart-2026-rb28539
Vulnerability from cleanstart
Published
2026-01-30 14:43
Modified
2026-01-29 18:58
Summary
Within HostnameError
Details
Security vulnerability affects the tigera-operator package. Within HostnameError.
Severity
9.8 (Critical)
References
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "tigera-operator"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.40.2-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Security vulnerability affects the tigera-operator package. Within HostnameError.",
"id": "CLEANSTART-2026-RB28539",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T14:43:52.571458Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-RB28539"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-61729"
]
}
cleanstart-2026-mo83449
Vulnerability from cleanstart
Published
2026-03-10 00:59
Modified
2026-03-09 13:15
Summary
Within HostnameError
Details
Security vulnerability affects the trust-manager package. Within HostnameError.
Severity
9.8 (Critical)
References
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "trust-manager"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.20.2-r1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Security vulnerability affects the trust-manager package. Within HostnameError.",
"id": "CLEANSTART-2026-MO83449",
"modified": "2026-03-09T13:15:34Z",
"published": "2026-03-10T00:59:35.550450Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-MO83449"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-61729"
]
}
cleanstart-2026-pg91940
Vulnerability from cleanstart
Published
2026-01-30 15:31
Modified
2026-01-29 18:58
Summary
net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines
Details
Multiple security vulnerabilities affect the harbor-registry package. The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "harbor-registry"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.0.0.1-r2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the harbor-registry package. The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-PG91940",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T15:31:24.365282Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-PG91940"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-22871"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-4673"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47907"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-F6X5-JH6R-WRFV"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-HCG3-Q754-CR77"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-J5W8-Q4QC-RX2X"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-MH63-6H87-95CP"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-QXP5-GWG8-XV66"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-VVGC-356P-C3XW"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22871"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4673"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47907"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines",
"upstream": [
"CVE-2025-22871",
"CVE-2025-4673",
"CVE-2025-47907",
"CVE-2025-58183",
"CVE-2025-58185",
"CVE-2025-58187",
"CVE-2025-58188",
"CVE-2025-58189",
"CVE-2025-61723",
"CVE-2025-61724",
"CVE-2025-61725",
"CVE-2025-61727",
"CVE-2025-61729",
"GHSA-F6X5-JH6R-WRFV",
"GHSA-HCG3-Q754-CR77",
"GHSA-J5W8-Q4QC-RX2X",
"GHSA-MH63-6H87-95CP",
"GHSA-QXP5-GWG8-XV66",
"GHSA-VVGC-356P-C3XW"
]
}
cleanstart-2026-mk01488
Vulnerability from cleanstart
Published
2026-04-01 10:00
Modified
2026-03-10 12:46
Summary
Security fixes for CVE-2025-15558, CVE-2025-61729, CVE-2026-24051, CVE-2026-25934, CVE-2026-26958, CVE-2026-27141, ghsa-2464-8j7c-4cjm, ghsa-2x5j-vhc8-9cwm, ghsa-37cx-329c-33x3, ghsa-9h8m-3fm2-qjrq, ghsa-fv92-fjc5-jj9h, ghsa-fw7p-63qq-7hpr, ghsa-p436-gjf2-799p applied in versions: 3.6.16-r0, 3.7.10-r0, 3.7.10-r1, 3.7.10-r2, 3.7.10-r3, 3.7.10-r4, 3.7.4-r0, 3.7.9-r0
Details
Multiple security vulnerabilities affect the argo-workflows package. These issues are resolved in later releases. See references for individual vulnerability details.
References
| URL | Type | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "argo-workflows"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.7.9-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the argo-workflows package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-MK01488",
"modified": "2026-03-10T12:46:44Z",
"published": "2026-04-01T10:00:43.919294Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-MK01488.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-15558"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25934"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-26958"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27141"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-2464-8j7c-4cjm"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-2x5j-vhc8-9cwm"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-37cx-329c-33x3"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-9h8m-3fm2-qjrq"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-fv92-fjc5-jj9h"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-fw7p-63qq-7hpr"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-p436-gjf2-799p"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-15558"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25934"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26958"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27141"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2025-15558, CVE-2025-61729, CVE-2026-24051, CVE-2026-25934, CVE-2026-26958, CVE-2026-27141, ghsa-2464-8j7c-4cjm, ghsa-2x5j-vhc8-9cwm, ghsa-37cx-329c-33x3, ghsa-9h8m-3fm2-qjrq, ghsa-fv92-fjc5-jj9h, ghsa-fw7p-63qq-7hpr, ghsa-p436-gjf2-799p applied in versions: 3.6.16-r0, 3.7.10-r0, 3.7.10-r1, 3.7.10-r2, 3.7.10-r3, 3.7.10-r4, 3.7.4-r0, 3.7.9-r0",
"upstream": [
"CVE-2025-15558",
"CVE-2025-61729",
"CVE-2026-24051",
"CVE-2026-25934",
"CVE-2026-26958",
"CVE-2026-27141",
"ghsa-2464-8j7c-4cjm",
"ghsa-2x5j-vhc8-9cwm",
"ghsa-37cx-329c-33x3",
"ghsa-9h8m-3fm2-qjrq",
"ghsa-fv92-fjc5-jj9h",
"ghsa-fw7p-63qq-7hpr",
"ghsa-p436-gjf2-799p"
]
}
cleanstart-2026-ad71344
Vulnerability from cleanstart
Published
2026-04-01 09:38
Modified
2026-03-20 04:46
Summary
Security fixes for CVE-2024-10005, CVE-2024-10006, CVE-2025-47913, CVE-2025-47914, CVE-2025-58181, CVE-2025-61727, CVE-2025-61729, CVE-2026-1229, CVE-2026-24051, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-33186, ghsa-2464-8j7c-4cjm, ghsa-2x5j-vhc8-9cwm, ghsa-6v2p-p543-phr9, ghsa-c6gw-w398-hv78, ghsa-fv92-fjc5-jj9h, ghsa-hcg3-q754-cr77, ghsa-jc7w-c686-c4v9, ghsa-mh63-6h87-95cp, ghsa-p77j-4mvh-x3m3, ghsa-qxp5-gwg8-xv66, ghsa-vvgc-356p-c3xw, ghsa-wjrx-6529-hcj3 applied in versions: 1.10.7-r0, 1.10.7-r1, 1.10.9-r0, 1.10.9-r1, 1.10.9-r2, 1.10.9-r3, 1.9.4-r0
Details
Multiple security vulnerabilities affect the opentofu-fips package. These issues are resolved in later releases. See references for individual vulnerability details.
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "opentofu-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.9.4-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the opentofu-fips package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-AD71344",
"modified": "2026-03-20T04:46:15Z",
"published": "2026-04-01T09:38:56.500937Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-AD71344.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-10005"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-10006"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-1229"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-2464-8j7c-4cjm"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-2x5j-vhc8-9cwm"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-6v2p-p543-phr9"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-c6gw-w398-hv78"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-fv92-fjc5-jj9h"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-hcg3-q754-cr77"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-jc7w-c686-c4v9"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-mh63-6h87-95cp"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-p77j-4mvh-x3m3"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-qxp5-gwg8-xv66"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-vvgc-356p-c3xw"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-wjrx-6529-hcj3"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-10005"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-10006"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1229"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2024-10005, CVE-2024-10006, CVE-2025-47913, CVE-2025-47914, CVE-2025-58181, CVE-2025-61727, CVE-2025-61729, CVE-2026-1229, CVE-2026-24051, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-33186, ghsa-2464-8j7c-4cjm, ghsa-2x5j-vhc8-9cwm, ghsa-6v2p-p543-phr9, ghsa-c6gw-w398-hv78, ghsa-fv92-fjc5-jj9h, ghsa-hcg3-q754-cr77, ghsa-jc7w-c686-c4v9, ghsa-mh63-6h87-95cp, ghsa-p77j-4mvh-x3m3, ghsa-qxp5-gwg8-xv66, ghsa-vvgc-356p-c3xw, ghsa-wjrx-6529-hcj3 applied in versions: 1.10.7-r0, 1.10.7-r1, 1.10.9-r0, 1.10.9-r1, 1.10.9-r2, 1.10.9-r3, 1.9.4-r0",
"upstream": [
"CVE-2024-10005",
"CVE-2024-10006",
"CVE-2025-47913",
"CVE-2025-47914",
"CVE-2025-58181",
"CVE-2025-61727",
"CVE-2025-61729",
"CVE-2026-1229",
"CVE-2026-24051",
"CVE-2026-25679",
"CVE-2026-27139",
"CVE-2026-27142",
"CVE-2026-33186",
"ghsa-2464-8j7c-4cjm",
"ghsa-2x5j-vhc8-9cwm",
"ghsa-6v2p-p543-phr9",
"ghsa-c6gw-w398-hv78",
"ghsa-fv92-fjc5-jj9h",
"ghsa-hcg3-q754-cr77",
"ghsa-jc7w-c686-c4v9",
"ghsa-mh63-6h87-95cp",
"ghsa-p77j-4mvh-x3m3",
"ghsa-qxp5-gwg8-xv66",
"ghsa-vvgc-356p-c3xw",
"ghsa-wjrx-6529-hcj3"
]
}
cleanstart-2026-zg64300
Vulnerability from cleanstart
Published
2026-02-27 01:05
Modified
2026-02-26 12:09
Summary
Within HostnameError
Details
Multiple security vulnerabilities affect the kyverno package. Within HostnameError. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "kyverno"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.16.0-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the kyverno package. Within HostnameError. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-ZG64300",
"modified": "2026-02-26T12:09:56Z",
"published": "2026-02-27T01:05:11.090007Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-ZG64300.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-58183",
"CVE-2025-58185",
"CVE-2025-58187",
"CVE-2025-58188",
"CVE-2025-58189",
"CVE-2025-61723",
"CVE-2025-61724",
"CVE-2025-61725",
"CVE-2025-61729"
]
}
cleanstart-2026-fx51482
Vulnerability from cleanstart
Published
2026-04-01 09:45
Modified
2026-03-18 07:43
Summary
Security fixes for CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-61732, CVE-2025-68121, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142 applied in versions: 1.5.1-r0, 1.5.1-r1
Details
Multiple security vulnerabilities affect the nginx-prometheus-exporter package. These issues are resolved in later releases. See references for individual vulnerability details.
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "nginx-prometheus-exporter"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.5.1-r1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the nginx-prometheus-exporter package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-FX51482",
"modified": "2026-03-18T07:43:14Z",
"published": "2026-04-01T09:45:37.795716Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-FX51482.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61732"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61732"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27142"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-61732, CVE-2025-68121, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142 applied in versions: 1.5.1-r0, 1.5.1-r1",
"upstream": [
"CVE-2025-61726",
"CVE-2025-61727",
"CVE-2025-61728",
"CVE-2025-61729",
"CVE-2025-61730",
"CVE-2025-61732",
"CVE-2025-68121",
"CVE-2026-25679",
"CVE-2026-27139",
"CVE-2026-27142"
]
}
cleanstart-2026-cd92481
Vulnerability from cleanstart
Published
2026-01-30 14:01
Modified
2026-01-29 18:58
Summary
Within HostnameError
Details
Multiple security vulnerabilities affect the kubernetes package. Within HostnameError. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "kubernetes"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.32.10-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the kubernetes package. Within HostnameError. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-CD92481",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T14:01:20.457302Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-CD92481"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-6V2P-P543-PHR9"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-61727",
"CVE-2025-61729",
"GHSA-6V2P-P543-PHR9"
]
}
cleanstart-2026-ul17352
Vulnerability from cleanstart
Published
2026-01-30 16:29
Modified
2026-01-29 18:58
Summary
excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Details
Multiple security vulnerabilities affect the metrics-server-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "metrics-server-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.5.2-r3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the metrics-server-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-UL17352",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T16:29:25.464127Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-UL17352.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-m425-mq94-257g"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-wf43-55jj-vwq8"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-wr2v-9rpq-c35q"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate",
"upstream": [
"CVE-2025-61727",
"CVE-2025-61729",
"GHSA-m425-mq94-257g",
"GHSA-wf43-55jj-vwq8",
"GHSA-wr2v-9rpq-c35q"
]
}
cleanstart-2026-uy81473
Vulnerability from cleanstart
Published
2026-01-30 15:44
Modified
2026-01-29 18:58
Summary
SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process
Details
Multiple security vulnerabilities affect the cloudnative-pg-fips package. SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "cloudnative-pg-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.24.4-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the cloudnative-pg-fips package. SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-UY81473",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T15:44:54.187987Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-UY81473.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process",
"upstream": [
"CVE-2025-47913",
"CVE-2025-47914",
"CVE-2025-58181",
"CVE-2025-61727",
"CVE-2025-61729"
]
}
cleanstart-2026-mk39503
Vulnerability from cleanstart
Published
2026-04-01 09:50
Modified
2026-03-16 05:34
Summary
Security fixes for CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61729, CVE-2026-1229, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142 applied in versions: 3.19.0-r0, 4.0.1-r0, 4.1.0-r0, 4.1.0-r1
Details
Multiple security vulnerabilities affect the helm package. These issues are resolved in later releases. See references for individual vulnerability details.
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "helm"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.1.0-r1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the helm package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-MK39503",
"modified": "2026-03-16T05:34:59Z",
"published": "2026-04-01T09:50:25.337048Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-MK39503.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-1229"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1229"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27142"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61729, CVE-2026-1229, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142 applied in versions: 3.19.0-r0, 4.0.1-r0, 4.1.0-r0, 4.1.0-r1",
"upstream": [
"CVE-2025-58183",
"CVE-2025-58185",
"CVE-2025-58187",
"CVE-2025-58188",
"CVE-2025-58189",
"CVE-2025-61723",
"CVE-2025-61724",
"CVE-2025-61725",
"CVE-2025-61729",
"CVE-2026-1229",
"CVE-2026-25679",
"CVE-2026-27139",
"CVE-2026-27142"
]
}
cleanstart-2026-po40318
Vulnerability from cleanstart
Published
2026-01-30 15:31
Modified
2026-01-29 18:58
Summary
go-redis is the official Redis client library for the Go programming language
Details
Multiple security vulnerabilities affect the harbor-registry-fips package. go-redis is the official Redis client library for the Go programming language. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "harbor-registry-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.6.2-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the harbor-registry-fips package. go-redis is the official Redis client library for the Go programming language. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-PO40318",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T15:31:53.772564Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-PO40318"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-29923"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-29923"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "go-redis is the official Redis client library for the Go programming language",
"upstream": [
"CVE-2025-29923",
"CVE-2025-61727",
"CVE-2025-61729"
]
}
cleanstart-2026-lp38773
Vulnerability from cleanstart
Published
2026-01-30 15:03
Modified
2026-01-29 18:58
Summary
excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Details
Multiple security vulnerabilities affect the kube-state-metrics-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "kube-state-metrics-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.17.0-r1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the kube-state-metrics-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-LP38773",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T15:03:53.100242Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-LP38773"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-F6X5-JH6R-WRFV"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-J5W8-Q4QC-RX2X"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate",
"upstream": [
"CVE-2025-61727",
"CVE-2025-61729",
"GHSA-F6X5-JH6R-WRFV",
"GHSA-J5W8-Q4QC-RX2X"
]
}
cleanstart-2026-xz45798
Vulnerability from cleanstart
Published
2026-01-30 14:05
Modified
2026-01-29 18:58
Summary
Within HostnameError
Details
Multiple security vulnerabilities affect the kubernetes package. Within HostnameError. See references for individual vulnerability details.
Severity
9.8 (Critical)
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "kubernetes"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.34.2-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the kubernetes package. Within HostnameError. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-XZ45798",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T14:05:20.961893Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-XZ45798.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-61727",
"CVE-2025-61729"
]
}
cleanstart-2026-jr03360
Vulnerability from cleanstart
Published
2026-02-17 00:39
Modified
2026-02-16 09:23
Summary
Within HostnameError
Details
Security vulnerability affects the external-secrets package. Within HostnameError.
Severity
9.8 (Critical)
References
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "external-secrets"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.1.0-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Security vulnerability affects the external-secrets package. Within HostnameError.",
"id": "CLEANSTART-2026-JR03360",
"modified": "2026-02-16T09:23:22Z",
"published": "2026-02-17T00:39:45.300172Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-JR03360"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-61729"
]
}
cleanstart-2026-do68350
Vulnerability from cleanstart
Published
2026-01-30 14:50
Modified
2026-01-29 18:58
Summary
excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Details
Multiple security vulnerabilities affect the prometheus-operator-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "prometheus-operator-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.85.0-r2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the prometheus-operator-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-DO68350",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T14:50:22.886394Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-DO68350"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-F6X5-JH6R-WRFV"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-J5W8-Q4QC-RX2X"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate",
"upstream": [
"CVE-2025-61727",
"CVE-2025-61729",
"GHSA-F6X5-JH6R-WRFV",
"GHSA-J5W8-Q4QC-RX2X"
]
}
cleanstart-2026-gj12884
Vulnerability from cleanstart
Published
2026-01-30 16:31
Modified
2026-01-29 18:58
Summary
Within HostnameError
Details
Multiple security vulnerabilities affect the kaniko-fips package. Within HostnameError. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "kaniko-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.24.0-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the kaniko-fips package. Within HostnameError. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-GJ12884",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T16:31:25.827659Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-GJ12884"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-CGRX-MC8F-2PRM"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-M6HQ-P25P-FFR2"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-PWHC-RPQ9-4C8W"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-61727",
"CVE-2025-61729",
"GHSA-CGRX-MC8F-2PRM",
"GHSA-M6HQ-P25P-FFR2",
"GHSA-PWHC-RPQ9-4C8W"
]
}
cleanstart-2026-on38469
Vulnerability from cleanstart
Published
2026-01-30 16:37
Modified
2026-01-29 18:58
Summary
Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate
Details
Multiple security vulnerabilities affect the k8ssandra-client-fips package. Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "k8ssandra-client-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.7.0-r2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the k8ssandra-client-fips package. Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-ON38469",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T16:37:25.667594Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-ON38469"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-F6X5-JH6R-WRFV"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-J5W8-Q4QC-RX2X"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-M6HQ-P25P-FFR2"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-PWHC-RPQ9-4C8W"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate",
"upstream": [
"CVE-2025-58183",
"CVE-2025-58185",
"CVE-2025-58187",
"CVE-2025-58188",
"CVE-2025-58189",
"CVE-2025-61723",
"CVE-2025-61724",
"CVE-2025-61725",
"CVE-2025-61727",
"CVE-2025-61729",
"GHSA-F6X5-JH6R-WRFV",
"GHSA-J5W8-Q4QC-RX2X",
"GHSA-M6HQ-P25P-FFR2",
"GHSA-PWHC-RPQ9-4C8W"
]
}
cleanstart-2025-yj25356
Vulnerability from cleanstart
Published
2026-01-16 12:00
Modified
2025-12-06 13:34
Summary
Security fixes for CVE-2025-61729 applied in versions: 1.40.2-r0
Details
Security vulnerability affects the tigera-operator package. This issue is resolved in later releases. See references for CVE details.
References
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "tigera-operator"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.40.2-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"details": "Security vulnerability affects the tigera-operator package. This issue is resolved in later releases. See references for CVE details.",
"id": "CLEANSTART-2025-YJ25356",
"modified": "2025-12-06T13:34:11Z",
"published": "2026-01-16T12:00:45.358320Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2025/CLEANSTART-2025-YJ25356.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2025-61729 applied in versions: 1.40.2-r0",
"upstream": [
"CVE-2025-61729"
]
}
cleanstart-2026-iw06531
Vulnerability from cleanstart
Published
2026-01-30 15:07
Modified
2026-01-29 18:58
Summary
excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Details
Multiple security vulnerabilities affect the istio-pilot-discovery-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.
Severity
9.8 (Critical)
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "istio-pilot-discovery-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.28.1-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the istio-pilot-discovery-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-IW06531",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T15:07:23.455235Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-IW06531"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate",
"upstream": [
"CVE-2025-61727",
"CVE-2025-61729"
]
}
cleanstart-2026-sm37781
Vulnerability from cleanstart
Published
2026-03-04 00:45
Modified
2026-03-03 12:59
Summary
Due to missing nil check, sending 0x0a-0x0f HTTP/2 frames will cause a running server to panic
Details
Multiple security vulnerabilities affect the cert-manager-fips package. Due to missing nil check, sending 0x0a-0x0f HTTP/2 frames will cause a running server to panic See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "cert-manager-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.19.2-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the cert-manager-fips package. Due to missing nil check, sending 0x0a-0x0f HTTP/2 frames will cause a running server to panic See references for individual vulnerability details.",
"id": "CLEANSTART-2026-SM37781",
"modified": "2026-03-03T12:59:01Z",
"published": "2026-03-04T00:45:05.719125Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-SM37781.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47910"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27141"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47910"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27141"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Due to missing nil check, sending 0x0a-0x0f HTTP/2 frames will cause a running server to panic",
"upstream": [
"CVE-2025-47910",
"CVE-2025-47913",
"CVE-2025-47914",
"CVE-2025-58181",
"CVE-2025-58183",
"CVE-2025-58185",
"CVE-2025-58187",
"CVE-2025-58188",
"CVE-2025-58189",
"CVE-2025-61723",
"CVE-2025-61724",
"CVE-2025-61725",
"CVE-2025-61727",
"CVE-2025-61729",
"CVE-2026-27141"
]
}
cleanstart-2025-eu07511
Vulnerability from cleanstart
Published
2026-01-16 11:58
Modified
2025-12-06 13:34
Summary
Security fixes for CVE-2025-47912, CVE-2025-58183, CVE-2025-58185, CVE-2025-58186, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61729 applied in versions: 1.7.0-r0, 1.7.1-r0
Details
Multiple security vulnerabilities affect the vault-k8s package. These issues are resolved in later releases. See references for individual CVE details.
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "vault-k8s"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.7.1-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"details": "Multiple security vulnerabilities affect the vault-k8s package. These issues are resolved in later releases. See references for individual CVE details.",
"id": "CLEANSTART-2025-EU07511",
"modified": "2025-12-06T13:34:11Z",
"published": "2026-01-16T11:58:32.440192Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2025/CLEANSTART-2025-EU07511.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47912"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58186"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47912"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58186"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2025-47912, CVE-2025-58183, CVE-2025-58185, CVE-2025-58186, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61729 applied in versions: 1.7.0-r0, 1.7.1-r0",
"upstream": [
"CVE-2025-47912",
"CVE-2025-58183",
"CVE-2025-58185",
"CVE-2025-58186",
"CVE-2025-58187",
"CVE-2025-58188",
"CVE-2025-58189",
"CVE-2025-61723",
"CVE-2025-61724",
"CVE-2025-61725",
"CVE-2025-61729"
]
}
cleanstart-2026-jr37040
Vulnerability from cleanstart
Published
2026-01-30 15:23
Modified
2026-01-29 18:58
Summary
excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Details
Multiple security vulnerabilities affect the helm-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "helm-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.0.1-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the helm-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-JR37040",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T15:23:53.534475Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-JR37040"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate",
"upstream": [
"CVE-2025-58183",
"CVE-2025-58185",
"CVE-2025-58187",
"CVE-2025-58188",
"CVE-2025-58189",
"CVE-2025-61723",
"CVE-2025-61724",
"CVE-2025-61725",
"CVE-2025-61727",
"CVE-2025-61729"
]
}
cleanstart-2026-rd08428
Vulnerability from cleanstart
Published
2026-01-30 15:17
Modified
2026-01-29 18:58
Summary
excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Details
Multiple security vulnerabilities affect the helm-operator-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.
Severity
9.8 (Critical)
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "helm-operator-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.41.1-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the helm-operator-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-RD08428",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T15:17:23.554517Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-RD08428.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate",
"upstream": [
"CVE-2025-61727",
"CVE-2025-61729"
]
}
cleanstart-2026-az32516
Vulnerability from cleanstart
Published
2026-01-30 17:27
Modified
2026-01-29 18:58
Summary
Within HostnameError
Details
Multiple security vulnerabilities affect the opentofu-fips package. Within HostnameError. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "opentofu-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.9.4-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the opentofu-fips package. Within HostnameError. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-AZ32516",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T17:27:26.591189Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-AZ32516"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-2464-8J7C-4CJM"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-2X5J-VHC8-9CWM"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-6V2P-P543-PHR9"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-C6GW-W398-HV78"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-FV92-FJC5-JJ9H"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-HCG3-Q754-CR77"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-JC7W-C686-C4V9"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-MH63-6H87-95CP"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-QXP5-GWG8-XV66"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-VVGC-356P-C3XW"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-WJRX-6529-HCJ3"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-47913",
"CVE-2025-47914",
"CVE-2025-58181",
"CVE-2025-61727",
"CVE-2025-61729",
"GHSA-2464-8J7C-4CJM",
"GHSA-2X5J-VHC8-9CWM",
"GHSA-6V2P-P543-PHR9",
"GHSA-C6GW-W398-HV78",
"GHSA-FV92-FJC5-JJ9H",
"GHSA-HCG3-Q754-CR77",
"GHSA-JC7W-C686-C4V9",
"GHSA-MH63-6H87-95CP",
"GHSA-QXP5-GWG8-XV66",
"GHSA-VVGC-356P-C3XW",
"GHSA-WJRX-6529-HCJ3"
]
}
cleanstart-2026-zv38826
Vulnerability from cleanstart
Published
2026-03-10 01:00
Modified
2026-03-09 13:15
Summary
Within HostnameError
Details
Security vulnerability affects the trust-manager package. Within HostnameError.
Severity
9.8 (Critical)
References
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "trust-manager"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.20.2-r1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Security vulnerability affects the trust-manager package. Within HostnameError.",
"id": "CLEANSTART-2026-ZV38826",
"modified": "2026-03-09T13:15:34Z",
"published": "2026-03-10T01:00:05.764793Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-ZV38826.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-61729"
]
}
cleanstart-2026-ha44046
Vulnerability from cleanstart
Published
2026-02-25 00:49
Modified
2026-02-24 09:23
Summary
Within HostnameError
Details
Multiple security vulnerabilities affect the helm package. Within HostnameError. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "helm"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.0.1-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the helm package. Within HostnameError. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-HA44046",
"modified": "2026-02-24T09:23:19Z",
"published": "2026-02-25T00:49:42.693487Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-HA44046"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-58183",
"CVE-2025-58185",
"CVE-2025-58187",
"CVE-2025-58188",
"CVE-2025-58189",
"CVE-2025-61723",
"CVE-2025-61724",
"CVE-2025-61725",
"CVE-2025-61729"
]
}
cleanstart-2026-na36743
Vulnerability from cleanstart
Published
2026-01-30 16:35
Modified
2026-01-29 18:58
Summary
Within HostnameError
Details
Security vulnerability affects the gitlab-pages-fips package. Within HostnameError.
Severity
9.8 (Critical)
References
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "gitlab-pages-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "18.7.1-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Security vulnerability affects the gitlab-pages-fips package. Within HostnameError.",
"id": "CLEANSTART-2026-NA36743",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T16:35:55.379246Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-NA36743"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-61729"
]
}
cleanstart-2026-ew68942
Vulnerability from cleanstart
Published
2026-01-30 14:53
Modified
2026-01-29 18:58
Summary
excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Details
Multiple security vulnerabilities affect the multus-cni-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "multus-cni-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.0.2-r3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the multus-cni-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-EW68942",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T14:53:53.713652Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-EW68942"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-4V7X-PQXF-CX7M"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-6V2P-P543-PHR9"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-M425-MQ94-257G"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-QPPJ-FM5R-HXR3"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-QXP5-GWG8-XV66"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-VVGC-356P-C3XW"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate",
"upstream": [
"CVE-2025-61727",
"CVE-2025-61729",
"GHSA-4V7X-PQXF-CX7M",
"GHSA-6V2P-P543-PHR9",
"GHSA-M425-MQ94-257G",
"GHSA-QPPJ-FM5R-HXR3",
"GHSA-QXP5-GWG8-XV66",
"GHSA-VVGC-356P-C3XW"
]
}
cleanstart-2026-ms81166
Vulnerability from cleanstart
Published
2026-04-01 09:37
Modified
2026-03-20 11:37
Summary
Security fixes for CVE-2025-61727, CVE-2025-61729, CVE-2025-68121, CVE-2026-1229, CVE-2026-24051, CVE-2026-25679, CVE-2026-26958, CVE-2026-27142, CVE-2026-33186 applied in versions: 2.4.4-r2, 2.4.4-r4, 2.5.0-r0, 2.5.0-r1
Details
Multiple security vulnerabilities affect the openbao-fips package. These issues are resolved in later releases. See references for individual vulnerability details.
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "openbao-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.5.0-r1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the openbao-fips package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-MS81166",
"modified": "2026-03-20T11:37:58Z",
"published": "2026-04-01T09:37:27.717828Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-MS81166.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-1229"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-26958"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1229"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26958"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2025-61727, CVE-2025-61729, CVE-2025-68121, CVE-2026-1229, CVE-2026-24051, CVE-2026-25679, CVE-2026-26958, CVE-2026-27142, CVE-2026-33186 applied in versions: 2.4.4-r2, 2.4.4-r4, 2.5.0-r0, 2.5.0-r1",
"upstream": [
"CVE-2025-61727",
"CVE-2025-61729",
"CVE-2025-68121",
"CVE-2026-1229",
"CVE-2026-24051",
"CVE-2026-25679",
"CVE-2026-26958",
"CVE-2026-27142",
"CVE-2026-33186"
]
}
cleanstart-2026-ly33846
Vulnerability from cleanstart
Published
2026-01-30 15:16
Modified
2026-01-29 18:58
Summary
Within HostnameError
Details
Multiple security vulnerabilities affect the helm package. Within HostnameError. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "helm"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.0.1-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the helm package. Within HostnameError. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-LY33846",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T15:16:23.051630Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-LY33846"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-58183",
"CVE-2025-58185",
"CVE-2025-58187",
"CVE-2025-58188",
"CVE-2025-58189",
"CVE-2025-61723",
"CVE-2025-61724",
"CVE-2025-61725",
"CVE-2025-61729"
]
}
cleanstart-2026-kk41938
Vulnerability from cleanstart
Published
2026-01-30 15:06
Modified
2026-01-29 18:58
Summary
Within HostnameError
Details
Multiple security vulnerabilities affect the k8ssandra-operator-fips package. Within HostnameError. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "k8ssandra-operator-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.29.0-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the k8ssandra-operator-fips package. Within HostnameError. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-KK41938",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T15:06:23.375949Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-KK41938"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-0913"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-4673"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47907"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-0913"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4673"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47907"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-0913",
"CVE-2025-4673",
"CVE-2025-47907",
"CVE-2025-61727",
"CVE-2025-61729"
]
}
cleanstart-2026-fs64938
Vulnerability from cleanstart
Published
2026-01-30 15:24
Modified
2026-01-29 18:58
Summary
excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Details
Multiple security vulnerabilities affect the helm-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "helm-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.0.1-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the helm-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-FS64938",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T15:24:53.185811Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-FS64938"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate",
"upstream": [
"CVE-2025-58183",
"CVE-2025-58185",
"CVE-2025-58187",
"CVE-2025-58188",
"CVE-2025-58189",
"CVE-2025-61723",
"CVE-2025-61724",
"CVE-2025-61725",
"CVE-2025-61727",
"CVE-2025-61729"
]
}
cleanstart-2026-ol32822
Vulnerability from cleanstart
Published
2026-04-01 09:48
Modified
2026-03-16 16:39
Summary
Security fixes for CVE-2024-36537, CVE-2025-47910, CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2026-25518, ghsa-gx3x-vq4p-mhhv applied in versions: 2.4.0-r1, 2.4.0-r2
Details
Multiple security vulnerabilities affect the cert-manager-cmctl-fips package. These issues are resolved in later releases. See references for individual vulnerability details.
References
| URL | Type | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "cert-manager-cmctl-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.4.0-r2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the cert-manager-cmctl-fips package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-OL32822",
"modified": "2026-03-16T16:39:54Z",
"published": "2026-04-01T09:48:17.130268Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-OL32822.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-36537"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47910"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25518"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-gx3x-vq4p-mhhv"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-36537"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47910"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25518"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2024-36537, CVE-2025-47910, CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2026-25518, ghsa-gx3x-vq4p-mhhv applied in versions: 2.4.0-r1, 2.4.0-r2",
"upstream": [
"CVE-2024-36537",
"CVE-2025-47910",
"CVE-2025-58183",
"CVE-2025-58185",
"CVE-2025-58187",
"CVE-2025-58188",
"CVE-2025-58189",
"CVE-2025-61723",
"CVE-2025-61724",
"CVE-2025-61725",
"CVE-2025-61726",
"CVE-2025-61727",
"CVE-2025-61728",
"CVE-2025-61729",
"CVE-2025-61730",
"CVE-2026-25518",
"ghsa-gx3x-vq4p-mhhv"
]
}
cleanstart-2026-um63521
Vulnerability from cleanstart
Published
2026-01-30 16:12
Modified
2026-01-29 18:58
Summary
Within HostnameError
Details
Multiple security vulnerabilities affect the vertical-pod-autoscaler-fips package. Within HostnameError. See references for individual vulnerability details.
Severity
9.8 (Critical)
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "vertical-pod-autoscaler-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.5.1-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the vertical-pod-autoscaler-fips package. Within HostnameError. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-UM63521",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T16:12:25.029065Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-UM63521.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-61727",
"CVE-2025-61729"
]
}
cleanstart-2026-pm59896
Vulnerability from cleanstart
Published
2026-04-01 10:00
Modified
2026-03-11 05:51
Summary
Security fixes for CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61729 applied in versions: 1.41.1-r0, 1.41.1-r1
Details
Multiple security vulnerabilities affect the helm-operator package. These issues are resolved in later releases. See references for individual vulnerability details.
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "helm-operator"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.41.1-r1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the helm-operator package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-PM59896",
"modified": "2026-03-11T05:51:53Z",
"published": "2026-04-01T10:00:44.608929Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-PM59896.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61729 applied in versions: 1.41.1-r0, 1.41.1-r1",
"upstream": [
"CVE-2025-58183",
"CVE-2025-58185",
"CVE-2025-58187",
"CVE-2025-58188",
"CVE-2025-58189",
"CVE-2025-61723",
"CVE-2025-61724",
"CVE-2025-61725",
"CVE-2025-61729"
]
}
cleanstart-2026-xv54160
Vulnerability from cleanstart
Published
2026-02-17 00:41
Modified
2026-02-16 09:23
Summary
Within HostnameError
Details
Multiple security vulnerabilities affect the opentofu-fips package. Within HostnameError. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "opentofu-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.9.4-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the opentofu-fips package. Within HostnameError. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-XV54160",
"modified": "2026-02-16T09:23:22Z",
"published": "2026-02-17T00:41:15.330012Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-XV54160.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-2464-8j7c-4cjm"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-2x5j-vhc8-9cwm"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-6v2p-p543-phr9"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-c6gw-w398-hv78"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-fv92-fjc5-jj9h"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-hcg3-q754-cr77"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-jc7w-c686-c4v9"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-mh63-6h87-95cp"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-qxp5-gwg8-xv66"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-vvgc-356p-c3xw"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-wjrx-6529-hcj3"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-47913",
"CVE-2025-47914",
"CVE-2025-58181",
"CVE-2025-61727",
"CVE-2025-61729",
"GHSA-2464-8j7c-4cjm",
"GHSA-2x5j-vhc8-9cwm",
"GHSA-6v2p-p543-phr9",
"GHSA-c6gw-w398-hv78",
"GHSA-fv92-fjc5-jj9h",
"GHSA-hcg3-q754-cr77",
"GHSA-jc7w-c686-c4v9",
"GHSA-mh63-6h87-95cp",
"GHSA-qxp5-gwg8-xv66",
"GHSA-vvgc-356p-c3xw",
"GHSA-wjrx-6529-hcj3"
]
}
cleanstart-2026-th00404
Vulnerability from cleanstart
Published
2026-01-30 14:04
Modified
2026-01-29 18:58
Summary
Within HostnameError
Details
Multiple security vulnerabilities affect the kubernetes package. Within HostnameError. See references for individual vulnerability details.
Severity
9.8 (Critical)
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "kubernetes"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.34.2-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the kubernetes package. Within HostnameError. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-TH00404",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T14:04:20.735662Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-TH00404.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-61727",
"CVE-2025-61729"
]
}
cleanstart-2026-ig94553
Vulnerability from cleanstart
Published
2026-02-25 00:49
Modified
2026-02-24 09:23
Summary
excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Details
Multiple security vulnerabilities affect the helm-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "helm-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.0.1-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the helm-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-IG94553",
"modified": "2026-02-24T09:23:19Z",
"published": "2026-02-25T00:49:42.735675Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-IG94553"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate",
"upstream": [
"CVE-2025-58183",
"CVE-2025-58185",
"CVE-2025-58187",
"CVE-2025-58188",
"CVE-2025-58189",
"CVE-2025-61723",
"CVE-2025-61724",
"CVE-2025-61725",
"CVE-2025-61727",
"CVE-2025-61729"
]
}
cleanstart-2026-nz19387
Vulnerability from cleanstart
Published
2026-01-30 14:52
Modified
2026-01-29 18:58
Summary
Within HostnameError
Details
Multiple security vulnerabilities affect the openbao-fips package. Within HostnameError. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "openbao-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.3.2-r3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the openbao-fips package. Within HostnameError. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-NZ19387",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T14:52:23.218213Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-NZ19387"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-2464-8J7C-4CJM"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-F6X5-JH6R-WRFV"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-J5W8-Q4QC-RX2X"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-61727",
"CVE-2025-61729",
"GHSA-2464-8J7C-4CJM",
"GHSA-F6X5-JH6R-WRFV",
"GHSA-J5W8-Q4QC-RX2X"
]
}
cleanstart-2026-ni96678
Vulnerability from cleanstart
Published
2026-01-30 15:06
Modified
2026-01-29 18:58
Summary
Within HostnameError
Details
Multiple security vulnerabilities affect the k8ssandra-operator-fips package. Within HostnameError. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "k8ssandra-operator-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.27.0-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the k8ssandra-operator-fips package. Within HostnameError. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-NI96678",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T15:06:52.947220Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-NI96678"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-0913"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-4673"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47907"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-0913"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4673"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47907"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-0913",
"CVE-2025-4673",
"CVE-2025-47907",
"CVE-2025-61727",
"CVE-2025-61729"
]
}
cleanstart-2026-fr97108
Vulnerability from cleanstart
Published
2026-04-30 00:58
Modified
2026-04-29 07:50
Summary
During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions
Details
Multiple security vulnerabilities affect the terragrunt-fips package. During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "terragrunt-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.99.5-r1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the terragrunt-fips package. During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-FR97108",
"modified": "2026-04-29T07:50:05Z",
"published": "2026-04-30T00:58:27.074156Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-FR97108.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-1229"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-26958"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27141"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-34986"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-4660"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-3xc5-wrhm-f963"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-6g7g-w4f8-9c9x"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-78h2-9frx-2jm8"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-92mm-2pjq-r785"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-9h8m-3fm2-qjrq"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-fw7p-63qq-7hpr"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-hfvc-g4fc-pqhx"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-q9hv-hpm4-hj6x"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-w8rr-5gcm-pp58"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-xmrv-pmrh-hhx2"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1229"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26958"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27141"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4660"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions",
"upstream": [
"CVE-2025-47913",
"CVE-2025-47914",
"CVE-2025-58181",
"CVE-2025-61727",
"CVE-2025-61729",
"CVE-2026-1229",
"CVE-2026-24051",
"CVE-2026-25679",
"CVE-2026-26958",
"CVE-2026-27139",
"CVE-2026-27141",
"CVE-2026-27142",
"CVE-2026-32280",
"CVE-2026-33186",
"CVE-2026-34986",
"CVE-2026-4660",
"ghsa-3xc5-wrhm-f963",
"ghsa-6g7g-w4f8-9c9x",
"ghsa-78h2-9frx-2jm8",
"ghsa-92mm-2pjq-r785",
"ghsa-9h8m-3fm2-qjrq",
"ghsa-fw7p-63qq-7hpr",
"ghsa-hfvc-g4fc-pqhx",
"ghsa-q9hv-hpm4-hj6x",
"ghsa-w8rr-5gcm-pp58",
"ghsa-xmrv-pmrh-hhx2"
]
}
cleanstart-2026-hw19594
Vulnerability from cleanstart
Published
2026-02-24 00:45
Modified
2026-02-23 12:58
Summary
Within HostnameError
Details
Multiple security vulnerabilities affect the helm package. Within HostnameError. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "helm"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.0.1-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the helm package. Within HostnameError. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-HW19594",
"modified": "2026-02-23T12:58:32Z",
"published": "2026-02-24T00:45:50.891263Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-HW19594"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-58183",
"CVE-2025-58185",
"CVE-2025-58187",
"CVE-2025-58188",
"CVE-2025-58189",
"CVE-2025-61723",
"CVE-2025-61724",
"CVE-2025-61725",
"CVE-2025-61729"
]
}
cleanstart-2026-jk84667
Vulnerability from cleanstart
Published
2026-04-01 09:10
Modified
2026-03-28 10:13
Summary
Security fixes for CVE-2025-0913, CVE-2025-4673, CVE-2025-47907, CVE-2025-47911, CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-58190, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-61732, CVE-2025-68121, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142 applied in versions: 2.7.0-r7, 2.7.0-r8
Details
Multiple security vulnerabilities affect the opensearch-k8s-operator-fips package. These issues are resolved in later releases. See references for individual vulnerability details.
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "opensearch-k8s-operator-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.7.0-r8"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the opensearch-k8s-operator-fips package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-JK84667",
"modified": "2026-03-28T10:13:46Z",
"published": "2026-04-01T09:10:09.429544Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-JK84667.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-0913"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-4673"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47907"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47911"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58190"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61732"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-0913"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4673"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47907"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47911"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58190"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61732"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27142"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2025-0913, CVE-2025-4673, CVE-2025-47907, CVE-2025-47911, CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-58190, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-61732, CVE-2025-68121, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142 applied in versions: 2.7.0-r7, 2.7.0-r8",
"upstream": [
"CVE-2025-0913",
"CVE-2025-4673",
"CVE-2025-47907",
"CVE-2025-47911",
"CVE-2025-58183",
"CVE-2025-58185",
"CVE-2025-58187",
"CVE-2025-58188",
"CVE-2025-58189",
"CVE-2025-58190",
"CVE-2025-61723",
"CVE-2025-61724",
"CVE-2025-61725",
"CVE-2025-61726",
"CVE-2025-61727",
"CVE-2025-61728",
"CVE-2025-61729",
"CVE-2025-61730",
"CVE-2025-61732",
"CVE-2025-68121",
"CVE-2026-25679",
"CVE-2026-27139",
"CVE-2026-27142"
]
}
cleanstart-2026-yd87381
Vulnerability from cleanstart
Published
2026-01-30 16:22
Modified
2026-01-29 18:58
Summary
excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Details
Multiple security vulnerabilities affect the prometheus-node-exporter-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "prometheus-node-exporter-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.9.1-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the prometheus-node-exporter-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-YD87381",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T16:22:55.178631Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-YD87381.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-6v2p-p543-phr9"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-cgrx-mc8f-2prm"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-f6x5-jh6r-wrfv"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-j5w8-q4qc-rx2x"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-vvgc-356p-c3xw"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate",
"upstream": [
"CVE-2025-61727",
"CVE-2025-61729",
"GHSA-6v2p-p543-phr9",
"GHSA-cgrx-mc8f-2prm",
"GHSA-f6x5-jh6r-wrfv",
"GHSA-j5w8-q4qc-rx2x",
"GHSA-vvgc-356p-c3xw"
]
}
cleanstart-2026-zo91195
Vulnerability from cleanstart
Published
2026-01-30 15:30
Modified
2026-01-29 18:58
Summary
go-redis is the official Redis client library for the Go programming language
Details
Multiple security vulnerabilities affect the harbor-registry-fips package. go-redis is the official Redis client library for the Go programming language. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "harbor-registry-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.8.3-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the harbor-registry-fips package. go-redis is the official Redis client library for the Go programming language. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-ZO91195",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T15:30:24.594235Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-ZO91195.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-29923"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-29923"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "go-redis is the official Redis client library for the Go programming language",
"upstream": [
"CVE-2025-29923",
"CVE-2025-61727",
"CVE-2025-61729"
]
}
cleanstart-2026-vv68546
Vulnerability from cleanstart
Published
2026-01-30 16:35
Modified
2026-01-29 18:58
Summary
Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate
Details
Multiple security vulnerabilities affect the k8ssandra-client-fips package. Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "k8ssandra-client-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.7.0-r4"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the k8ssandra-client-fips package. Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-VV68546",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T16:35:55.883570Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-VV68546.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-f6x5-jh6r-wrfv"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-j5w8-q4qc-rx2x"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-m6hq-p25p-ffr2"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-pwhc-rpq9-4c8w"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Due to the design of the name constraint checking algorithm, the processing time of some inputs scale non-linearly with respect to the size of the certificate",
"upstream": [
"CVE-2025-58183",
"CVE-2025-58185",
"CVE-2025-58187",
"CVE-2025-58188",
"CVE-2025-58189",
"CVE-2025-61723",
"CVE-2025-61724",
"CVE-2025-61725",
"CVE-2025-61727",
"CVE-2025-61729",
"GHSA-f6x5-jh6r-wrfv",
"GHSA-j5w8-q4qc-rx2x",
"GHSA-m6hq-p25p-ffr2",
"GHSA-pwhc-rpq9-4c8w"
]
}
cleanstart-2026-ls12576
Vulnerability from cleanstart
Published
2026-04-01 09:19
Modified
2026-03-25 14:09
Summary
Security fixes for CVE-2025-61726, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-68119, CVE-2025-68121, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-33186, ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x applied in versions: 1.16.2-r2, 1.17.2-r0, 1.17.2-r1, 1.18.0-r0
Details
Multiple security vulnerabilities affect the velero-fips package. These issues are resolved in later releases. See references for individual vulnerability details.
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "velero-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.18.0-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the velero-fips package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-LS12576",
"modified": "2026-03-25T14:09:04Z",
"published": "2026-04-01T09:19:50.661957Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-LS12576.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68119"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-f6x5-jh6r-wrfv"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-j5w8-q4qc-rx2x"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68119"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2025-61726, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-68119, CVE-2025-68121, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-33186, ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x applied in versions: 1.16.2-r2, 1.17.2-r0, 1.17.2-r1, 1.18.0-r0",
"upstream": [
"CVE-2025-61726",
"CVE-2025-61728",
"CVE-2025-61729",
"CVE-2025-61730",
"CVE-2025-68119",
"CVE-2025-68121",
"CVE-2026-25679",
"CVE-2026-27139",
"CVE-2026-27142",
"CVE-2026-33186",
"ghsa-f6x5-jh6r-wrfv",
"ghsa-j5w8-q4qc-rx2x"
]
}
cleanstart-2026-ia26094
Vulnerability from cleanstart
Published
2026-01-30 14:51
Modified
2026-01-29 18:58
Summary
excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Details
Multiple security vulnerabilities affect the prometheus-operator-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "prometheus-operator-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.86.2-r1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the prometheus-operator-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-IA26094",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T14:51:22.634752Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-IA26094"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-F6X5-JH6R-WRFV"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-J5W8-Q4QC-RX2X"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate",
"upstream": [
"CVE-2025-61727",
"CVE-2025-61729",
"GHSA-F6X5-JH6R-WRFV",
"GHSA-J5W8-Q4QC-RX2X"
]
}
cleanstart-2026-ch77232
Vulnerability from cleanstart
Published
2026-04-01 09:06
Modified
2026-03-31 07:29
Summary
Security fixes for CVE-2025-61726, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-61732, CVE-2025-68119, CVE-2025-68121, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142 applied in versions: 18.7.1-r0
Details
Multiple security vulnerabilities affect the gitlab-pages-fips package. These issues are resolved in later releases. See references for individual vulnerability details.
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "gitlab-pages-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "18.7.1-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the gitlab-pages-fips package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-CH77232",
"modified": "2026-03-31T07:29:33Z",
"published": "2026-04-01T09:06:04.906254Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-CH77232.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61732"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68119"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61732"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68119"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27142"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2025-61726, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-61732, CVE-2025-68119, CVE-2025-68121, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142 applied in versions: 18.7.1-r0",
"upstream": [
"CVE-2025-61726",
"CVE-2025-61728",
"CVE-2025-61729",
"CVE-2025-61730",
"CVE-2025-61732",
"CVE-2025-68119",
"CVE-2025-68121",
"CVE-2026-25679",
"CVE-2026-27139",
"CVE-2026-27142"
]
}
cleanstart-2026-ni04192
Vulnerability from cleanstart
Published
2026-04-01 09:24
Modified
2026-03-24 12:54
Summary
Security fixes for CVE-2025-61729, CVE-2026-1229, CVE-2026-24051, CVE-2026-25679, CVE-2026-25934, CVE-2026-27139, CVE-2026-27142, CVE-2026-33186, ghsa-2464-8j7c-4cjm, ghsa-2x5j-vhc8-9cwm, ghsa-37cx-329c-33x3, ghsa-fv92-fjc5-jj9h, ghsa-p77j-4mvh-x3m3 applied in versions: 3.6.16-r0, 3.6.18-r0, 3.6.18-r1, 3.6.18-r2, 3.7.4-r0
Details
Multiple security vulnerabilities affect the argo-workflows package. These issues are resolved in later releases. See references for individual vulnerability details.
References
| URL | Type | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "argo-workflows"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.7.4-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the argo-workflows package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-NI04192",
"modified": "2026-03-24T12:54:01Z",
"published": "2026-04-01T09:24:43.327769Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-NI04192.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-1229"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25934"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-2464-8j7c-4cjm"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-2x5j-vhc8-9cwm"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-37cx-329c-33x3"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-fv92-fjc5-jj9h"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-p77j-4mvh-x3m3"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1229"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25934"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2025-61729, CVE-2026-1229, CVE-2026-24051, CVE-2026-25679, CVE-2026-25934, CVE-2026-27139, CVE-2026-27142, CVE-2026-33186, ghsa-2464-8j7c-4cjm, ghsa-2x5j-vhc8-9cwm, ghsa-37cx-329c-33x3, ghsa-fv92-fjc5-jj9h, ghsa-p77j-4mvh-x3m3 applied in versions: 3.6.16-r0, 3.6.18-r0, 3.6.18-r1, 3.6.18-r2, 3.7.4-r0",
"upstream": [
"CVE-2025-61729",
"CVE-2026-1229",
"CVE-2026-24051",
"CVE-2026-25679",
"CVE-2026-25934",
"CVE-2026-27139",
"CVE-2026-27142",
"CVE-2026-33186",
"ghsa-2464-8j7c-4cjm",
"ghsa-2x5j-vhc8-9cwm",
"ghsa-37cx-329c-33x3",
"ghsa-fv92-fjc5-jj9h",
"ghsa-p77j-4mvh-x3m3"
]
}
cleanstart-2026-uu20906
Vulnerability from cleanstart
Published
2026-01-30 14:48
Modified
2026-01-29 18:58
Summary
excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Details
Multiple security vulnerabilities affect the prometheus-operator-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "prometheus-operator-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.87.0-r1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the prometheus-operator-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-UU20906",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T14:48:52.774829Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-UU20906.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-f6x5-jh6r-wrfv"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-j5w8-q4qc-rx2x"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate",
"upstream": [
"CVE-2025-61727",
"CVE-2025-61729",
"GHSA-f6x5-jh6r-wrfv",
"GHSA-j5w8-q4qc-rx2x"
]
}
cleanstart-2026-cy44461
Vulnerability from cleanstart
Published
2026-02-25 00:53
Modified
2026-02-24 09:23
Summary
Within HostnameError
Details
Multiple security vulnerabilities affect the kyverno package. Within HostnameError. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "kyverno"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.16.0-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the kyverno package. Within HostnameError. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-CY44461",
"modified": "2026-02-24T09:23:19Z",
"published": "2026-02-25T00:53:13.101959Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-CY44461"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-58183",
"CVE-2025-58185",
"CVE-2025-58187",
"CVE-2025-58188",
"CVE-2025-58189",
"CVE-2025-61723",
"CVE-2025-61724",
"CVE-2025-61725",
"CVE-2025-61729"
]
}
cleanstart-2026-ia56615
Vulnerability from cleanstart
Published
2026-02-25 00:44
Modified
2026-02-24 09:23
Summary
go-git is a highly extensible git implementation library written in pure Go
Details
Multiple security vulnerabilities affect the argo-workflows package. go-git is a highly extensible git implementation library written in pure Go. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "argo-workflows"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.7.4-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the argo-workflows package. go-git is a highly extensible git implementation library written in pure Go. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-IA56615",
"modified": "2026-02-24T09:23:19Z",
"published": "2026-02-25T00:44:12.047442Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-IA56615"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25934"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-2464-8J7C-4CJM"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-2X5J-VHC8-9CWM"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-37CX-329C-33X3"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-FV92-FJC5-JJ9H"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25934"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "go-git is a highly extensible git implementation library written in pure Go",
"upstream": [
"CVE-2025-61729",
"CVE-2026-25934",
"GHSA-2464-8J7C-4CJM",
"GHSA-2X5J-VHC8-9CWM",
"GHSA-37CX-329C-33X3",
"GHSA-FV92-FJC5-JJ9H"
]
}
cleanstart-2026-pt11267
Vulnerability from cleanstart
Published
2026-01-30 16:22
Modified
2026-01-29 18:58
Summary
excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Details
Multiple security vulnerabilities affect the stakater-reloader-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.
Severity
9.8 (Critical)
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "stakater-reloader-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.1.0-r3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the stakater-reloader-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-PT11267",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T16:22:25.604414Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-PT11267"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate",
"upstream": [
"CVE-2025-61727",
"CVE-2025-61729"
]
}
cleanstart-2026-bs24435
Vulnerability from cleanstart
Published
2026-01-30 15:44
Modified
2026-01-29 18:58
Summary
SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process
Details
Multiple security vulnerabilities affect the cloudnative-pg-fips package. SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "cloudnative-pg-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.24.4-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the cloudnative-pg-fips package. SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-BS24435",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T15:44:54.166999Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-BS24435"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process",
"upstream": [
"CVE-2025-47913",
"CVE-2025-47914",
"CVE-2025-58181",
"CVE-2025-61727",
"CVE-2025-61729"
]
}
cleanstart-2026-rx06615
Vulnerability from cleanstart
Published
2026-01-30 15:45
Modified
2026-01-29 18:58
Summary
SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process
Details
Multiple security vulnerabilities affect the cloudnative-pg-fips package. SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "cloudnative-pg-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.26.2-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the cloudnative-pg-fips package. SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-RX06615",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T15:45:24.056160Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-RX06615.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process",
"upstream": [
"CVE-2025-47913",
"CVE-2025-47914",
"CVE-2025-58181",
"CVE-2025-61727",
"CVE-2025-61729"
]
}
cleanstart-2026-hx78047
Vulnerability from cleanstart
Published
2026-01-30 15:24
Modified
2026-01-29 18:58
Summary
excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Details
Multiple security vulnerabilities affect the helm-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "helm-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.0.1-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the helm-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-HX78047",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T15:24:23.175483Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-HX78047"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate",
"upstream": [
"CVE-2025-58183",
"CVE-2025-58185",
"CVE-2025-58187",
"CVE-2025-58188",
"CVE-2025-58189",
"CVE-2025-61723",
"CVE-2025-61724",
"CVE-2025-61725",
"CVE-2025-61727",
"CVE-2025-61729"
]
}
cleanstart-2026-kt28044
Vulnerability from cleanstart
Published
2026-04-30 01:03
Modified
2026-04-29 07:43
Summary
During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions
Details
Multiple security vulnerabilities affect the terragrunt-fips package. During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "terragrunt-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.97.2-r6"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the terragrunt-fips package. During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-KT28044",
"modified": "2026-04-29T07:43:21Z",
"published": "2026-04-30T01:03:26.906365Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-KT28044.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-1229"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-26958"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33810"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-34986"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39882"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-4660"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-3xc5-wrhm-f963"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-6g7g-w4f8-9c9x"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-92mm-2pjq-r785"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-9h8m-3fm2-qjrq"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-fw7p-63qq-7hpr"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-p77j-4mvh-x3m3"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-q9hv-hpm4-hj6x"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-w8rr-5gcm-pp58"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-xmrv-pmrh-hhx2"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1229"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26958"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33810"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39882"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4660"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions",
"upstream": [
"CVE-2025-47913",
"CVE-2025-47914",
"CVE-2025-58181",
"CVE-2025-61727",
"CVE-2025-61729",
"CVE-2026-1229",
"CVE-2026-24051",
"CVE-2026-25679",
"CVE-2026-26958",
"CVE-2026-27139",
"CVE-2026-27142",
"CVE-2026-32280",
"CVE-2026-32281",
"CVE-2026-32282",
"CVE-2026-32283",
"CVE-2026-32289",
"CVE-2026-33186",
"CVE-2026-33810",
"CVE-2026-34986",
"CVE-2026-39882",
"CVE-2026-4660",
"ghsa-3xc5-wrhm-f963",
"ghsa-6g7g-w4f8-9c9x",
"ghsa-92mm-2pjq-r785",
"ghsa-9h8m-3fm2-qjrq",
"ghsa-fw7p-63qq-7hpr",
"ghsa-p77j-4mvh-x3m3",
"ghsa-q9hv-hpm4-hj6x",
"ghsa-w8rr-5gcm-pp58",
"ghsa-xmrv-pmrh-hhx2"
]
}
cleanstart-2026-so17846
Vulnerability from cleanstart
Published
2026-01-30 16:30
Modified
2026-01-29 18:58
Summary
Within HostnameError
Details
Multiple security vulnerabilities affect the kubernetes-fips package. Within HostnameError. See references for individual vulnerability details.
Severity
9.8 (Critical)
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "kubernetes-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.33.6-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the kubernetes-fips package. Within HostnameError. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-SO17846",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T16:30:25.764771Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-SO17846.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-61727",
"CVE-2025-61729"
]
}
cleanstart-2026-er42900
Vulnerability from cleanstart
Published
2026-01-30 15:41
Modified
2026-01-29 18:58
Summary
ParseAddress function constructs domain-literal address components through repeated string concatenation
Details
Multiple security vulnerabilities affect the external-dns-fips package. The ParseAddress function constructs domain-literal address components through repeated string concatenation. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "external-dns-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.20.0-r2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the external-dns-fips package. The ParseAddress function constructs domain-literal address components through repeated string concatenation. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-ER42900",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T15:41:23.817747Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-ER42900"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47910"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-F6X5-JH6R-WRFV"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-J5W8-Q4QC-RX2X"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47910"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "ParseAddress function constructs domain-literal address components through repeated string concatenation",
"upstream": [
"CVE-2025-47910",
"CVE-2025-47914",
"CVE-2025-58181",
"CVE-2025-58183",
"CVE-2025-58185",
"CVE-2025-58187",
"CVE-2025-58188",
"CVE-2025-58189",
"CVE-2025-61723",
"CVE-2025-61724",
"CVE-2025-61725",
"CVE-2025-61727",
"CVE-2025-61729",
"GHSA-F6X5-JH6R-WRFV",
"GHSA-J5W8-Q4QC-RX2X"
]
}
cleanstart-2026-la33013
Vulnerability from cleanstart
Published
2026-01-30 14:40
Modified
2026-01-29 18:58
Summary
Within HostnameError
Details
Multiple security vulnerabilities affect the velero-fips package. Within HostnameError. See references for individual vulnerability details.
Severity
9.8 (Critical)
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "velero-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.16.2-r2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the velero-fips package. Within HostnameError. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-LA33013",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T14:40:22.526589Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-LA33013"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-F6X5-JH6R-WRFV"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-J5W8-Q4QC-RX2X"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-61729",
"GHSA-F6X5-JH6R-WRFV",
"GHSA-J5W8-Q4QC-RX2X"
]
}
cleanstart-2026-gu55430
Vulnerability from cleanstart
Published
2026-04-01 09:37
Modified
2026-03-20 04:52
Summary
Security fixes for CVE-2025-47913, CVE-2025-47914, CVE-2025-58181, CVE-2025-61727, CVE-2025-61729, CVE-2026-24051, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-33186, ghsa-2464-8j7c-4cjm, ghsa-2x5j-vhc8-9cwm, ghsa-6v2p-p543-phr9, ghsa-9h8m-3fm2-qjrq, ghsa-c6gw-w398-hv78, ghsa-fv92-fjc5-jj9h, ghsa-hcg3-q754-cr77, ghsa-jc7w-c686-c4v9, ghsa-mh63-6h87-95cp, ghsa-qxp5-gwg8-xv66, ghsa-vvgc-356p-c3xw, ghsa-wjrx-6529-hcj3 applied in versions: 1.10.7-r0, 1.9.4-r0, 1.9.4-r1, 1.9.4-r2, 1.9.4-r3
Details
Multiple security vulnerabilities affect the opentofu-fips package. These issues are resolved in later releases. See references for individual vulnerability details.
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "opentofu-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.9.4-r3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the opentofu-fips package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-GU55430",
"modified": "2026-03-20T04:52:14Z",
"published": "2026-04-01T09:37:53.639715Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-GU55430.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-2464-8j7c-4cjm"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-2x5j-vhc8-9cwm"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-6v2p-p543-phr9"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-9h8m-3fm2-qjrq"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-c6gw-w398-hv78"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-fv92-fjc5-jj9h"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-hcg3-q754-cr77"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-jc7w-c686-c4v9"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-mh63-6h87-95cp"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-qxp5-gwg8-xv66"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-vvgc-356p-c3xw"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-wjrx-6529-hcj3"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2025-47913, CVE-2025-47914, CVE-2025-58181, CVE-2025-61727, CVE-2025-61729, CVE-2026-24051, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-33186, ghsa-2464-8j7c-4cjm, ghsa-2x5j-vhc8-9cwm, ghsa-6v2p-p543-phr9, ghsa-9h8m-3fm2-qjrq, ghsa-c6gw-w398-hv78, ghsa-fv92-fjc5-jj9h, ghsa-hcg3-q754-cr77, ghsa-jc7w-c686-c4v9, ghsa-mh63-6h87-95cp, ghsa-qxp5-gwg8-xv66, ghsa-vvgc-356p-c3xw, ghsa-wjrx-6529-hcj3 applied in versions: 1.10.7-r0, 1.9.4-r0, 1.9.4-r1, 1.9.4-r2, 1.9.4-r3",
"upstream": [
"CVE-2025-47913",
"CVE-2025-47914",
"CVE-2025-58181",
"CVE-2025-61727",
"CVE-2025-61729",
"CVE-2026-24051",
"CVE-2026-25679",
"CVE-2026-27139",
"CVE-2026-27142",
"CVE-2026-33186",
"ghsa-2464-8j7c-4cjm",
"ghsa-2x5j-vhc8-9cwm",
"ghsa-6v2p-p543-phr9",
"ghsa-9h8m-3fm2-qjrq",
"ghsa-c6gw-w398-hv78",
"ghsa-fv92-fjc5-jj9h",
"ghsa-hcg3-q754-cr77",
"ghsa-jc7w-c686-c4v9",
"ghsa-mh63-6h87-95cp",
"ghsa-qxp5-gwg8-xv66",
"ghsa-vvgc-356p-c3xw",
"ghsa-wjrx-6529-hcj3"
]
}
cleanstart-2026-bk44511
Vulnerability from cleanstart
Published
2026-04-01 09:08
Modified
2026-03-28 10:16
Summary
Security fixes for CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-61732, CVE-2025-68119, CVE-2025-68121, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142 applied in versions: 1.78.0-r0, 1.78.0-r2, 1.78.0-r3
Details
Multiple security vulnerabilities affect the prometheus-redis-exporter-fips package. These issues are resolved in later releases. See references for individual vulnerability details.
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "prometheus-redis-exporter-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.78.0-r3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the prometheus-redis-exporter-fips package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-BK44511",
"modified": "2026-03-28T10:16:01Z",
"published": "2026-04-01T09:08:47.105116Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-BK44511.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61732"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68119"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61732"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68119"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27142"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-61732, CVE-2025-68119, CVE-2025-68121, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142 applied in versions: 1.78.0-r0, 1.78.0-r2, 1.78.0-r3",
"upstream": [
"CVE-2025-61726",
"CVE-2025-61727",
"CVE-2025-61728",
"CVE-2025-61729",
"CVE-2025-61730",
"CVE-2025-61732",
"CVE-2025-68119",
"CVE-2025-68121",
"CVE-2026-25679",
"CVE-2026-27139",
"CVE-2026-27142"
]
}
cleanstart-2026-do31246
Vulnerability from cleanstart
Published
2026-04-30 01:04
Modified
2026-04-29 07:38
Summary
During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions
Details
Multiple security vulnerabilities affect the terragrunt-fips package. During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "terragrunt-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.95.1-r4"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the terragrunt-fips package. During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-DO31246",
"modified": "2026-04-29T07:38:43Z",
"published": "2026-04-30T01:04:59.604515Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-DO31246.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61732"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68119"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32285"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33810"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39882"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-4660"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-3xc5-wrhm-f963"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-6g7g-w4f8-9c9x"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-92mm-2pjq-r785"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-9h8m-3fm2-qjrq"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-fw7p-63qq-7hpr"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-q9hv-hpm4-hj6x"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-w8rr-5gcm-pp58"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61732"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68119"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32285"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33810"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39882"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4660"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions",
"upstream": [
"CVE-2025-47913",
"CVE-2025-47914",
"CVE-2025-58181",
"CVE-2025-61726",
"CVE-2025-61727",
"CVE-2025-61728",
"CVE-2025-61729",
"CVE-2025-61730",
"CVE-2025-61732",
"CVE-2025-68119",
"CVE-2025-68121",
"CVE-2026-25679",
"CVE-2026-27139",
"CVE-2026-27142",
"CVE-2026-32280",
"CVE-2026-32281",
"CVE-2026-32282",
"CVE-2026-32283",
"CVE-2026-32285",
"CVE-2026-32289",
"CVE-2026-33186",
"CVE-2026-33810",
"CVE-2026-39882",
"CVE-2026-4660",
"ghsa-3xc5-wrhm-f963",
"ghsa-6g7g-w4f8-9c9x",
"ghsa-92mm-2pjq-r785",
"ghsa-9h8m-3fm2-qjrq",
"ghsa-fw7p-63qq-7hpr",
"ghsa-q9hv-hpm4-hj6x",
"ghsa-w8rr-5gcm-pp58"
]
}
cleanstart-2026-ph90623
Vulnerability from cleanstart
Published
2026-01-30 14:49
Modified
2026-01-29 18:58
Summary
excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Details
Multiple security vulnerabilities affect the prometheus-operator-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "prometheus-operator-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.87.0-r1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the prometheus-operator-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-PH90623",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T14:49:52.682724Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-PH90623"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-F6X5-JH6R-WRFV"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-J5W8-Q4QC-RX2X"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate",
"upstream": [
"CVE-2025-61727",
"CVE-2025-61729",
"GHSA-F6X5-JH6R-WRFV",
"GHSA-J5W8-Q4QC-RX2X"
]
}
cleanstart-2026-sw55801
Vulnerability from cleanstart
Published
2026-01-30 16:24
Modified
2026-01-29 18:58
Summary
Within HostnameError
Details
Multiple security vulnerabilities affect the stakater-reloader package. Within HostnameError. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "stakater-reloader"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.4.8-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the stakater-reloader package. Within HostnameError. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-SW55801",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T16:24:55.642434Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-SW55801.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-58183",
"CVE-2025-58185",
"CVE-2025-58187",
"CVE-2025-58188",
"CVE-2025-58189",
"CVE-2025-61723",
"CVE-2025-61724",
"CVE-2025-61725",
"CVE-2025-61729"
]
}
cleanstart-2026-fu47971
Vulnerability from cleanstart
Published
2026-04-07 00:47
Modified
2026-04-06 13:01
Summary
protojson
Details
Multiple security vulnerabilities affect the prometheus-node-exporter package. The protojson. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "prometheus-node-exporter"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.8.0-r3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the prometheus-node-exporter package. The protojson. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-FU47971",
"modified": "2026-04-06T13:01:42Z",
"published": "2026-04-07T00:47:07.546790Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-FU47971.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-24786"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-22871"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-4673"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47907"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61732"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-6v2p-p543-phr9"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-cgrx-mc8f-2prm"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-f6x5-jh6r-wrfv"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-hcg3-q754-cr77"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-j5w8-q4qc-rx2x"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-qxp5-gwg8-xv66"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-v778-237x-gjrc"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-vvgc-356p-c3xw"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24786"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22871"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4673"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47907"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61732"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27142"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "protojson",
"upstream": [
"CVE-2024-24786",
"CVE-2025-22871",
"CVE-2025-4673",
"CVE-2025-47907",
"CVE-2025-58183",
"CVE-2025-58185",
"CVE-2025-58187",
"CVE-2025-58188",
"CVE-2025-58189",
"CVE-2025-61723",
"CVE-2025-61724",
"CVE-2025-61725",
"CVE-2025-61726",
"CVE-2025-61727",
"CVE-2025-61728",
"CVE-2025-61729",
"CVE-2025-61730",
"CVE-2025-61732",
"CVE-2025-68121",
"CVE-2026-25679",
"CVE-2026-27139",
"CVE-2026-27142",
"ghsa-6v2p-p543-phr9",
"ghsa-cgrx-mc8f-2prm",
"ghsa-f6x5-jh6r-wrfv",
"ghsa-hcg3-q754-cr77",
"ghsa-j5w8-q4qc-rx2x",
"ghsa-qxp5-gwg8-xv66",
"ghsa-v778-237x-gjrc",
"ghsa-vvgc-356p-c3xw"
]
}
cleanstart-2026-om95908
Vulnerability from cleanstart
Published
2026-04-01 09:38
Modified
2026-03-20 04:48
Summary
Security fixes for CVE-2025-47913, CVE-2025-47914, CVE-2025-58181, CVE-2025-61727, CVE-2025-61729, CVE-2026-1229, CVE-2026-24051, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-33186, ghsa-2464-8j7c-4cjm, ghsa-2x5j-vhc8-9cwm, ghsa-6v2p-p543-phr9, ghsa-c6gw-w398-hv78, ghsa-fv92-fjc5-jj9h, ghsa-hcg3-q754-cr77, ghsa-jc7w-c686-c4v9, ghsa-mh63-6h87-95cp, ghsa-p77j-4mvh-x3m3, ghsa-qxp5-gwg8-xv66, ghsa-r92c-9c7f-3pj8, ghsa-vvgc-356p-c3xw, ghsa-wjrx-6529-hcj3 applied in versions: 1.10.7-r0, 1.10.7-r1, 1.11.4-r0, 1.11.5-r0, 1.11.5-r1, 1.11.5-r2, 1.9.4-r0
Details
Multiple security vulnerabilities affect the opentofu-fips package. These issues are resolved in later releases. See references for individual vulnerability details.
References
| URL | Type | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "opentofu-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.9.4-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the opentofu-fips package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-OM95908",
"modified": "2026-03-20T04:48:45Z",
"published": "2026-04-01T09:38:28.220463Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-OM95908.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-1229"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-2464-8j7c-4cjm"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-2x5j-vhc8-9cwm"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-6v2p-p543-phr9"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-c6gw-w398-hv78"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-fv92-fjc5-jj9h"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-hcg3-q754-cr77"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-jc7w-c686-c4v9"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-mh63-6h87-95cp"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-p77j-4mvh-x3m3"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-qxp5-gwg8-xv66"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-r92c-9c7f-3pj8"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-vvgc-356p-c3xw"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-wjrx-6529-hcj3"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1229"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2025-47913, CVE-2025-47914, CVE-2025-58181, CVE-2025-61727, CVE-2025-61729, CVE-2026-1229, CVE-2026-24051, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-33186, ghsa-2464-8j7c-4cjm, ghsa-2x5j-vhc8-9cwm, ghsa-6v2p-p543-phr9, ghsa-c6gw-w398-hv78, ghsa-fv92-fjc5-jj9h, ghsa-hcg3-q754-cr77, ghsa-jc7w-c686-c4v9, ghsa-mh63-6h87-95cp, ghsa-p77j-4mvh-x3m3, ghsa-qxp5-gwg8-xv66, ghsa-r92c-9c7f-3pj8, ghsa-vvgc-356p-c3xw, ghsa-wjrx-6529-hcj3 applied in versions: 1.10.7-r0, 1.10.7-r1, 1.11.4-r0, 1.11.5-r0, 1.11.5-r1, 1.11.5-r2, 1.9.4-r0",
"upstream": [
"CVE-2025-47913",
"CVE-2025-47914",
"CVE-2025-58181",
"CVE-2025-61727",
"CVE-2025-61729",
"CVE-2026-1229",
"CVE-2026-24051",
"CVE-2026-25679",
"CVE-2026-27139",
"CVE-2026-27142",
"CVE-2026-33186",
"ghsa-2464-8j7c-4cjm",
"ghsa-2x5j-vhc8-9cwm",
"ghsa-6v2p-p543-phr9",
"ghsa-c6gw-w398-hv78",
"ghsa-fv92-fjc5-jj9h",
"ghsa-hcg3-q754-cr77",
"ghsa-jc7w-c686-c4v9",
"ghsa-mh63-6h87-95cp",
"ghsa-p77j-4mvh-x3m3",
"ghsa-qxp5-gwg8-xv66",
"ghsa-r92c-9c7f-3pj8",
"ghsa-vvgc-356p-c3xw",
"ghsa-wjrx-6529-hcj3"
]
}
cleanstart-2026-jm84344
Vulnerability from cleanstart
Published
2026-01-30 15:33
Modified
2026-01-29 18:58
Summary
Within HostnameError
Details
Security vulnerability affects the external-secrets package. Within HostnameError.
Severity
9.8 (Critical)
References
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "external-secrets"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.1.0-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Security vulnerability affects the external-secrets package. Within HostnameError.",
"id": "CLEANSTART-2026-JM84344",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T15:33:53.700265Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-JM84344"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-61729"
]
}
cleanstart-2026-qz70444
Vulnerability from cleanstart
Published
2026-01-30 17:24
Modified
2026-01-29 18:58
Summary
Within HostnameError
Details
Multiple security vulnerabilities affect the opentofu-fips package. Within HostnameError. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "opentofu-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.9.4-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the opentofu-fips package. Within HostnameError. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-QZ70444",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T17:24:26.605623Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-QZ70444"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-2464-8J7C-4CJM"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-2X5J-VHC8-9CWM"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-6V2P-P543-PHR9"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-C6GW-W398-HV78"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-FV92-FJC5-JJ9H"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-HCG3-Q754-CR77"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-JC7W-C686-C4V9"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-MH63-6H87-95CP"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-QXP5-GWG8-XV66"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-VVGC-356P-C3XW"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-WJRX-6529-HCJ3"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-47913",
"CVE-2025-47914",
"CVE-2025-58181",
"CVE-2025-61727",
"CVE-2025-61729",
"GHSA-2464-8J7C-4CJM",
"GHSA-2X5J-VHC8-9CWM",
"GHSA-6V2P-P543-PHR9",
"GHSA-C6GW-W398-HV78",
"GHSA-FV92-FJC5-JJ9H",
"GHSA-HCG3-Q754-CR77",
"GHSA-JC7W-C686-C4V9",
"GHSA-MH63-6H87-95CP",
"GHSA-QXP5-GWG8-XV66",
"GHSA-VVGC-356P-C3XW",
"GHSA-WJRX-6529-HCJ3"
]
}
cleanstart-2026-dd39330
Vulnerability from cleanstart
Published
2026-01-30 14:53
Modified
2026-01-29 18:58
Summary
excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Details
Multiple security vulnerabilities affect the multus-cni-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.
Severity
9.8 (Critical)
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "multus-cni-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.1.4-r4"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the multus-cni-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-DD39330",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T14:53:22.793144Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-DD39330"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate",
"upstream": [
"CVE-2025-61727",
"CVE-2025-61729"
]
}
cleanstart-2026-nx54250
Vulnerability from cleanstart
Published
2026-04-10 01:03
Modified
2026-04-09 09:59
Summary
During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions
Details
Multiple security vulnerabilities affect the gitness package. During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "gitness"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.3.0-r1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the gitness package. During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-NX54250",
"modified": "2026-04-09T09:59:33Z",
"published": "2026-04-10T01:03:29.003448Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-NX54250.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-22868"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-30153"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68119"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33540"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33810"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-35172"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-4vq8-7jfc-9cvp"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-f6x5-jh6r-wrfv"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-j5w8-q4qc-rx2x"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-vrw8-fxc6-2r93"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22868"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-30153"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68119"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33540"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33810"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35172"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "During chain building, the amount of work that is done is not correctly limited when a large number of intermediate certificates are passed in VerifyOptions",
"upstream": [
"CVE-2025-22868",
"CVE-2025-30153",
"CVE-2025-61726",
"CVE-2025-61728",
"CVE-2025-61729",
"CVE-2025-61730",
"CVE-2025-68119",
"CVE-2026-32280",
"CVE-2026-32281",
"CVE-2026-32282",
"CVE-2026-32283",
"CVE-2026-32289",
"CVE-2026-33186",
"CVE-2026-33540",
"CVE-2026-33810",
"CVE-2026-35172",
"ghsa-4vq8-7jfc-9cvp",
"ghsa-f6x5-jh6r-wrfv",
"ghsa-j5w8-q4qc-rx2x",
"ghsa-vrw8-fxc6-2r93"
]
}
cleanstart-2026-vg57433
Vulnerability from cleanstart
Published
2026-02-17 00:39
Modified
2026-02-16 09:23
Summary
Within HostnameError
Details
Multiple security vulnerabilities affect the argo-workflows package. Within HostnameError. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "argo-workflows"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.7.9-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the argo-workflows package. Within HostnameError. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-VG57433",
"modified": "2026-02-16T09:23:22Z",
"published": "2026-02-17T00:39:45.599344Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-VG57433.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-2464-8j7c-4cjm"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-2x5j-vhc8-9cwm"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-fv92-fjc5-jj9h"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-61729",
"GHSA-2464-8j7c-4cjm",
"GHSA-2x5j-vhc8-9cwm",
"GHSA-fv92-fjc5-jj9h"
]
}
cleanstart-2026-oa82425
Vulnerability from cleanstart
Published
2026-02-25 00:44
Modified
2026-02-24 09:23
Summary
go-git is a highly extensible git implementation library written in pure Go
Details
Multiple security vulnerabilities affect the argo-workflows package. go-git is a highly extensible git implementation library written in pure Go. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "argo-workflows"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.7.9-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the argo-workflows package. go-git is a highly extensible git implementation library written in pure Go. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-OA82425",
"modified": "2026-02-24T09:23:19Z",
"published": "2026-02-25T00:44:42.034173Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-OA82425"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25934"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-2464-8J7C-4CJM"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-2X5J-VHC8-9CWM"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-37CX-329C-33X3"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-FV92-FJC5-JJ9H"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25934"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "go-git is a highly extensible git implementation library written in pure Go",
"upstream": [
"CVE-2025-61729",
"CVE-2026-25934",
"GHSA-2464-8J7C-4CJM",
"GHSA-2X5J-VHC8-9CWM",
"GHSA-37CX-329C-33X3",
"GHSA-FV92-FJC5-JJ9H"
]
}
cleanstart-2026-uq43569
Vulnerability from cleanstart
Published
2026-02-25 00:44
Modified
2026-02-24 09:23
Summary
go-git is a highly extensible git implementation library written in pure Go
Details
Multiple security vulnerabilities affect the argo-workflows package. go-git is a highly extensible git implementation library written in pure Go. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "argo-workflows"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.7.4-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the argo-workflows package. go-git is a highly extensible git implementation library written in pure Go. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-UQ43569",
"modified": "2026-02-24T09:23:19Z",
"published": "2026-02-25T00:44:12.116432Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-UQ43569.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25934"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-2464-8j7c-4cjm"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-2x5j-vhc8-9cwm"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-37cx-329c-33x3"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-fv92-fjc5-jj9h"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25934"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "go-git is a highly extensible git implementation library written in pure Go",
"upstream": [
"CVE-2025-61729",
"CVE-2026-25934",
"GHSA-2464-8j7c-4cjm",
"GHSA-2x5j-vhc8-9cwm",
"GHSA-37cx-329c-33x3",
"GHSA-fv92-fjc5-jj9h"
]
}
cleanstart-2026-pf41398
Vulnerability from cleanstart
Published
2026-04-01 10:07
Modified
2026-03-06 05:33
Summary
Security fixes for CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61727, CVE-2025-61729, CVE-2025-61732, CVE-2025-68121 applied in versions: 3.19.0-r0, 3.19.5-r0, 4.0.1-r0
Details
Multiple security vulnerabilities affect the helm-fips package. These issues are resolved in later releases. See references for individual vulnerability details.
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "helm-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.0.1-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the helm-fips package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-PF41398",
"modified": "2026-03-06T05:33:23Z",
"published": "2026-04-01T10:07:15.004853Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-PF41398.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61732"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61732"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61727, CVE-2025-61729, CVE-2025-61732, CVE-2025-68121 applied in versions: 3.19.0-r0, 3.19.5-r0, 4.0.1-r0",
"upstream": [
"CVE-2025-58183",
"CVE-2025-58185",
"CVE-2025-58187",
"CVE-2025-58188",
"CVE-2025-58189",
"CVE-2025-61723",
"CVE-2025-61724",
"CVE-2025-61725",
"CVE-2025-61727",
"CVE-2025-61729",
"CVE-2025-61732",
"CVE-2025-68121"
]
}
cleanstart-2026-mk10646
Vulnerability from cleanstart
Published
2026-04-01 09:24
Modified
2026-03-24 12:53
Summary
Security fixes for CVE-2025-61729, CVE-2026-25679, CVE-2026-25934, CVE-2026-27139, CVE-2026-27142, ghsa-2464-8j7c-4cjm, ghsa-2x5j-vhc8-9cwm, ghsa-37cx-329c-33x3, ghsa-9h8m-3fm2-qjrq, ghsa-fv92-fjc5-jj9h, ghsa-fw7p-63qq-7hpr, ghsa-p77j-4mvh-x3m3, ghsa-q9hv-hpm4-hj6x applied in versions: 3.6.16-r0, 3.7.4-r0, 3.7.9-r0, 3.7.9-r1
Details
Multiple security vulnerabilities affect the argo-workflows package. These issues are resolved in later releases. See references for individual vulnerability details.
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "argo-workflows"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.7.9-r1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the argo-workflows package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-MK10646",
"modified": "2026-03-24T12:53:01Z",
"published": "2026-04-01T09:24:40.606937Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-MK10646.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25934"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-2464-8j7c-4cjm"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-2x5j-vhc8-9cwm"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-37cx-329c-33x3"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-9h8m-3fm2-qjrq"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-fv92-fjc5-jj9h"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-fw7p-63qq-7hpr"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-p77j-4mvh-x3m3"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-q9hv-hpm4-hj6x"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25934"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27142"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2025-61729, CVE-2026-25679, CVE-2026-25934, CVE-2026-27139, CVE-2026-27142, ghsa-2464-8j7c-4cjm, ghsa-2x5j-vhc8-9cwm, ghsa-37cx-329c-33x3, ghsa-9h8m-3fm2-qjrq, ghsa-fv92-fjc5-jj9h, ghsa-fw7p-63qq-7hpr, ghsa-p77j-4mvh-x3m3, ghsa-q9hv-hpm4-hj6x applied in versions: 3.6.16-r0, 3.7.4-r0, 3.7.9-r0, 3.7.9-r1",
"upstream": [
"CVE-2025-61729",
"CVE-2026-25679",
"CVE-2026-25934",
"CVE-2026-27139",
"CVE-2026-27142",
"ghsa-2464-8j7c-4cjm",
"ghsa-2x5j-vhc8-9cwm",
"ghsa-37cx-329c-33x3",
"ghsa-9h8m-3fm2-qjrq",
"ghsa-fv92-fjc5-jj9h",
"ghsa-fw7p-63qq-7hpr",
"ghsa-p77j-4mvh-x3m3",
"ghsa-q9hv-hpm4-hj6x"
]
}
cleanstart-2026-kg18353
Vulnerability from cleanstart
Published
2026-01-30 14:02
Modified
2026-01-29 18:58
Summary
Within HostnameError
Details
Multiple security vulnerabilities affect the kubernetes package. Within HostnameError. See references for individual vulnerability details.
Severity
9.8 (Critical)
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "kubernetes"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.33.6-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the kubernetes package. Within HostnameError. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-KG18353",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T14:02:50.542288Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-KG18353"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-61727",
"CVE-2025-61729"
]
}
cleanstart-2026-ok45738
Vulnerability from cleanstart
Published
2026-01-30 15:45
Modified
2026-01-29 18:58
Summary
Within HostnameError
Details
Security vulnerability affects the cert-manager package. Within HostnameError.
Severity
9.8 (Critical)
References
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "cert-manager"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.19.1-r1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Security vulnerability affects the cert-manager package. Within HostnameError.",
"id": "CLEANSTART-2026-OK45738",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T15:45:53.967263Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-OK45738"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-61729"
]
}
cleanstart-2026-so16176
Vulnerability from cleanstart
Published
2026-01-30 15:39
Modified
2026-01-29 18:58
Summary
excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Details
Multiple security vulnerabilities affect the consul-k8s-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "consul-k8s-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.9.1-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the consul-k8s-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-SO16176",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T15:39:24.255623Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-SO16176.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-22871"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47903"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47907"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22871"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47903"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47907"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate",
"upstream": [
"CVE-2025-22871",
"CVE-2025-47903",
"CVE-2025-47907",
"CVE-2025-61727",
"CVE-2025-61729"
]
}
cleanstart-2026-ls00044
Vulnerability from cleanstart
Published
2026-04-01 09:38
Modified
2026-03-20 11:37
Summary
Security fixes for CVE-2025-47911, CVE-2025-47913, CVE-2025-47914, CVE-2025-54410, CVE-2025-58181, CVE-2025-58190, CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-68121, CVE-2026-1229, CVE-2026-24051, CVE-2026-25679, CVE-2026-26958, CVE-2026-27139, CVE-2026-27142, CVE-2026-33186 applied in versions: 2.3.2-r4, 2.3.2-r5, 2.4.4-r2, 2.5.0-r0, 2.5.0-r1
Details
Multiple security vulnerabilities affect the openbao-fips package. These issues are resolved in later releases. See references for individual vulnerability details.
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "openbao-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.5.0-r1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the openbao-fips package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-LS00044",
"modified": "2026-03-20T11:37:58Z",
"published": "2026-04-01T09:38:02.432087Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-LS00044.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47911"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-54410"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58190"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-1229"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-26958"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47911"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-54410"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58190"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1229"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26958"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2025-47911, CVE-2025-47913, CVE-2025-47914, CVE-2025-54410, CVE-2025-58181, CVE-2025-58190, CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-68121, CVE-2026-1229, CVE-2026-24051, CVE-2026-25679, CVE-2026-26958, CVE-2026-27139, CVE-2026-27142, CVE-2026-33186 applied in versions: 2.3.2-r4, 2.3.2-r5, 2.4.4-r2, 2.5.0-r0, 2.5.0-r1",
"upstream": [
"CVE-2025-47911",
"CVE-2025-47913",
"CVE-2025-47914",
"CVE-2025-54410",
"CVE-2025-58181",
"CVE-2025-58190",
"CVE-2025-61726",
"CVE-2025-61727",
"CVE-2025-61728",
"CVE-2025-61729",
"CVE-2025-61730",
"CVE-2025-68121",
"CVE-2026-1229",
"CVE-2026-24051",
"CVE-2026-25679",
"CVE-2026-26958",
"CVE-2026-27139",
"CVE-2026-27142",
"CVE-2026-33186"
]
}
cleanstart-2026-pk62208
Vulnerability from cleanstart
Published
2026-01-30 16:20
Modified
2026-01-29 18:58
Summary
excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Details
Multiple security vulnerabilities affect the stakater-reloader-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.
Severity
9.8 (Critical)
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "stakater-reloader-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.3.0-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the stakater-reloader-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-PK62208",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T16:20:55.127319Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-PK62208"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate",
"upstream": [
"CVE-2025-61727",
"CVE-2025-61729"
]
}
cleanstart-2026-sv79070
Vulnerability from cleanstart
Published
2026-01-30 15:47
Modified
2026-01-29 18:58
Summary
SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process
Details
Multiple security vulnerabilities affect the cloudnative-pg-fips package. SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "cloudnative-pg-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.24.4-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the cloudnative-pg-fips package. SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-SV79070",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T15:47:54.520743Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-SV79070.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process",
"upstream": [
"CVE-2025-47913",
"CVE-2025-47914",
"CVE-2025-58181",
"CVE-2025-61727",
"CVE-2025-61729"
]
}
cleanstart-2026-ha09227
Vulnerability from cleanstart
Published
2026-04-01 09:19
Modified
2026-03-25 14:21
Summary
Security fixes for CVE-2025-47911, CVE-2025-47913, CVE-2025-47914, CVE-2025-58181, CVE-2025-58190, CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-61732, CVE-2025-68121, CVE-2026-25679, CVE-2026-27137, CVE-2026-27138, CVE-2026-27139, CVE-2026-27141, CVE-2026-27142, CVE-2026-33186, ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x applied in versions: 0.18.0-r0, 0.18.0-r1
Details
Multiple security vulnerabilities affect the external-dns package. These issues are resolved in later releases. See references for individual vulnerability details.
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "external-dns"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.18.0-r1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the external-dns package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-HA09227",
"modified": "2026-03-25T14:21:54Z",
"published": "2026-04-01T09:19:28.951475Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-HA09227.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47911"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58190"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61732"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27137"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27138"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27141"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-f6x5-jh6r-wrfv"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-j5w8-q4qc-rx2x"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47911"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58190"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61732"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27137"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27138"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27141"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2025-47911, CVE-2025-47913, CVE-2025-47914, CVE-2025-58181, CVE-2025-58190, CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-61732, CVE-2025-68121, CVE-2026-25679, CVE-2026-27137, CVE-2026-27138, CVE-2026-27139, CVE-2026-27141, CVE-2026-27142, CVE-2026-33186, ghsa-f6x5-jh6r-wrfv, ghsa-j5w8-q4qc-rx2x applied in versions: 0.18.0-r0, 0.18.0-r1",
"upstream": [
"CVE-2025-47911",
"CVE-2025-47913",
"CVE-2025-47914",
"CVE-2025-58181",
"CVE-2025-58190",
"CVE-2025-61726",
"CVE-2025-61727",
"CVE-2025-61728",
"CVE-2025-61729",
"CVE-2025-61730",
"CVE-2025-61732",
"CVE-2025-68121",
"CVE-2026-25679",
"CVE-2026-27137",
"CVE-2026-27138",
"CVE-2026-27139",
"CVE-2026-27141",
"CVE-2026-27142",
"CVE-2026-33186",
"ghsa-f6x5-jh6r-wrfv",
"ghsa-j5w8-q4qc-rx2x"
]
}
cleanstart-2026-ce02533
Vulnerability from cleanstart
Published
2026-04-01 09:21
Modified
2026-03-25 10:51
Summary
Security fixes for CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61729, CVE-2025-62820, CVE-2026-30836, CVE-2026-33186, ghsa-p77j-4mvh-x3m3, ghsa-q4r8-xm5f-56gw applied in versions: 0.10.1-r0, 0.9.10-r0, 0.9.9-r0, 0.9.9-r1
Details
Multiple security vulnerabilities affect the step-issuer package. These issues are resolved in later releases. See references for individual vulnerability details.
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "step-issuer"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.9.9-r1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the step-issuer package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-CE02533",
"modified": "2026-03-25T10:51:25Z",
"published": "2026-04-01T09:21:33.459909Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-CE02533.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-62820"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-30836"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-p77j-4mvh-x3m3"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-q4r8-xm5f-56gw"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62820"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-30836"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61729, CVE-2025-62820, CVE-2026-30836, CVE-2026-33186, ghsa-p77j-4mvh-x3m3, ghsa-q4r8-xm5f-56gw applied in versions: 0.10.1-r0, 0.9.10-r0, 0.9.9-r0, 0.9.9-r1",
"upstream": [
"CVE-2025-58183",
"CVE-2025-58185",
"CVE-2025-58187",
"CVE-2025-58188",
"CVE-2025-58189",
"CVE-2025-61723",
"CVE-2025-61724",
"CVE-2025-61725",
"CVE-2025-61729",
"CVE-2025-62820",
"CVE-2026-30836",
"CVE-2026-33186",
"ghsa-p77j-4mvh-x3m3",
"ghsa-q4r8-xm5f-56gw"
]
}
cleanstart-2026-nl96892
Vulnerability from cleanstart
Published
2026-01-30 16:31
Modified
2026-01-29 18:58
Summary
Within HostnameError
Details
Multiple security vulnerabilities affect the kubernetes-fips package. Within HostnameError. See references for individual vulnerability details.
Severity
9.8 (Critical)
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "kubernetes-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.33.6-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the kubernetes-fips package. Within HostnameError. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-NL96892",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T16:31:25.336110Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-NL96892"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-61727",
"CVE-2025-61729"
]
}
cleanstart-2026-tr92727
Vulnerability from cleanstart
Published
2026-02-13 00:41
Modified
2026-02-12 13:07
Summary
During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated between the initial handshake and the resumed handshake, the resumed handshake may succ...
Details
Multiple security vulnerabilities affect the prometheus-operator-fips package. During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated between the initial handshake and the resumed handshake, the resumed handshake may succeed when it should have failed. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "prometheus-operator-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.88.0-r1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the prometheus-operator-fips package. During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated between the initial handshake and the resumed handshake, the resumed handshake may succeed when it should have failed. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-TR92727",
"modified": "2026-02-12T13:07:54Z",
"published": "2026-02-13T00:41:14.875956Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-TR92727.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-f6x5-jh6r-wrfv"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-j5w8-q4qc-rx2x"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated between the initial handshake and the resumed handshake, the resumed handshake may succ...",
"upstream": [
"CVE-2025-61727",
"CVE-2025-61729",
"CVE-2025-68121",
"GHSA-f6x5-jh6r-wrfv",
"GHSA-j5w8-q4qc-rx2x"
]
}
cleanstart-2026-vl83369
Vulnerability from cleanstart
Published
2026-01-30 15:03
Modified
2026-01-29 18:58
Summary
excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Details
Multiple security vulnerabilities affect the kube-state-metrics-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "kube-state-metrics-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.15.0-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the kube-state-metrics-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-VL83369",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T15:03:53.758258Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-VL83369.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-6v2p-p543-phr9"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-hcg3-q754-cr77"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-qxp5-gwg8-xv66"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-vvgc-356p-c3xw"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate",
"upstream": [
"CVE-2025-61727",
"CVE-2025-61729",
"GHSA-6v2p-p543-phr9",
"GHSA-hcg3-q754-cr77",
"GHSA-qxp5-gwg8-xv66",
"GHSA-vvgc-356p-c3xw"
]
}
cleanstart-2026-iy17697
Vulnerability from cleanstart
Published
2026-01-30 16:37
Modified
2026-01-29 18:58
Summary
excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Details
Multiple security vulnerabilities affect the elastic-beats-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "elastic-beats-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.2.2-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the elastic-beats-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-IY17697",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T16:37:55.497960Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-IY17697"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-32FW-GQ77-F2F2"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-F6X5-JH6R-WRFV"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-J5W8-Q4QC-RX2X"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate",
"upstream": [
"CVE-2025-47913",
"CVE-2025-61727",
"CVE-2025-61729",
"GHSA-32FW-GQ77-F2F2",
"GHSA-F6X5-JH6R-WRFV",
"GHSA-J5W8-Q4QC-RX2X"
]
}
cleanstart-2026-id24148
Vulnerability from cleanstart
Published
2026-04-01 09:27
Modified
2026-03-24 04:58
Summary
Security fixes for CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61729, CVE-2026-33186 applied in versions: 0.28.7-r1, 0.29.0-r0, 0.30.0-r0
Details
Multiple security vulnerabilities affect the step package. These issues are resolved in later releases. See references for individual vulnerability details.
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "step"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.30.0-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the step package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-ID24148",
"modified": "2026-03-24T04:58:10Z",
"published": "2026-04-01T09:27:05.843609Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-ID24148.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61729, CVE-2026-33186 applied in versions: 0.28.7-r1, 0.29.0-r0, 0.30.0-r0",
"upstream": [
"CVE-2025-58183",
"CVE-2025-58185",
"CVE-2025-58187",
"CVE-2025-58188",
"CVE-2025-58189",
"CVE-2025-61723",
"CVE-2025-61724",
"CVE-2025-61725",
"CVE-2025-61729",
"CVE-2026-33186"
]
}
cleanstart-2026-jt73156
Vulnerability from cleanstart
Published
2026-04-11 00:42
Modified
2026-04-10 12:27
Summary
protojson
Details
Multiple security vulnerabilities affect the prometheus-node-exporter package. The protojson. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "prometheus-node-exporter"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.8.0-r3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the prometheus-node-exporter package. The protojson. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-JT73156",
"modified": "2026-04-10T12:27:18Z",
"published": "2026-04-11T00:42:17.168521Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-JT73156.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2024-24786"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-22871"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-4673"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47907"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61732"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-6v2p-p543-phr9"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-cgrx-mc8f-2prm"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-f6x5-jh6r-wrfv"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-hcg3-q754-cr77"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-j5w8-q4qc-rx2x"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-qxp5-gwg8-xv66"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-v778-237x-gjrc"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-vvgc-356p-c3xw"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24786"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-22871"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4673"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47907"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61732"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27142"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "protojson",
"upstream": [
"CVE-2024-24786",
"CVE-2025-22871",
"CVE-2025-4673",
"CVE-2025-47907",
"CVE-2025-58183",
"CVE-2025-58185",
"CVE-2025-58187",
"CVE-2025-58188",
"CVE-2025-58189",
"CVE-2025-61723",
"CVE-2025-61724",
"CVE-2025-61725",
"CVE-2025-61726",
"CVE-2025-61727",
"CVE-2025-61728",
"CVE-2025-61729",
"CVE-2025-61730",
"CVE-2025-61732",
"CVE-2025-68121",
"CVE-2026-25679",
"CVE-2026-27139",
"CVE-2026-27142",
"ghsa-6v2p-p543-phr9",
"ghsa-cgrx-mc8f-2prm",
"ghsa-f6x5-jh6r-wrfv",
"ghsa-hcg3-q754-cr77",
"ghsa-j5w8-q4qc-rx2x",
"ghsa-qxp5-gwg8-xv66",
"ghsa-v778-237x-gjrc",
"ghsa-vvgc-356p-c3xw"
]
}
cleanstart-2026-cf63743
Vulnerability from cleanstart
Published
2026-04-01 09:12
Modified
2026-03-28 09:39
Summary
Security fixes for CVE-2025-61727, CVE-2025-61729, CVE-2026-24051, CVE-2026-33186, ghsa-9h8m-3fm2-qjrq, ghsa-p77j-4mvh-x3m3 applied in versions: 1.34.2-r0, 1.34.6-r0
Details
Multiple security vulnerabilities affect the kubernetes package. These issues are resolved in later releases. See references for individual vulnerability details.
References
| URL | Type | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "kubernetes"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.34.6-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the kubernetes package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-CF63743",
"modified": "2026-03-28T09:39:54Z",
"published": "2026-04-01T09:12:16.516536Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-CF63743.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-9h8m-3fm2-qjrq"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-p77j-4mvh-x3m3"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2025-61727, CVE-2025-61729, CVE-2026-24051, CVE-2026-33186, ghsa-9h8m-3fm2-qjrq, ghsa-p77j-4mvh-x3m3 applied in versions: 1.34.2-r0, 1.34.6-r0",
"upstream": [
"CVE-2025-61727",
"CVE-2025-61729",
"CVE-2026-24051",
"CVE-2026-33186",
"ghsa-9h8m-3fm2-qjrq",
"ghsa-p77j-4mvh-x3m3"
]
}
cleanstart-2026-lz10721
Vulnerability from cleanstart
Published
2026-01-30 16:40
Modified
2026-01-29 18:58
Summary
Within HostnameError
Details
Multiple security vulnerabilities affect the druid-exporter-fips package. Within HostnameError. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "druid-exporter-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.11-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the druid-exporter-fips package. Within HostnameError. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-LZ10721",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T16:40:55.517816Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-LZ10721"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-29526"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47907"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-4F99-4Q7P-P3GH"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-29526"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47907"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2022-29526",
"CVE-2025-47907",
"CVE-2025-61727",
"CVE-2025-61729",
"GHSA-4F99-4Q7P-P3GH"
]
}
cleanstart-2026-el98016
Vulnerability from cleanstart
Published
2026-01-30 15:23
Modified
2026-01-29 18:58
Summary
excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Details
Multiple security vulnerabilities affect the helm-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "helm-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.19.0-r1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the helm-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-EL98016",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T15:23:23.257385Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-EL98016"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate",
"upstream": [
"CVE-2025-58183",
"CVE-2025-58185",
"CVE-2025-58187",
"CVE-2025-58188",
"CVE-2025-58189",
"CVE-2025-61723",
"CVE-2025-61724",
"CVE-2025-61725",
"CVE-2025-61727",
"CVE-2025-61729"
]
}
cleanstart-2026-qe58701
Vulnerability from cleanstart
Published
2026-01-30 16:22
Modified
2026-01-29 18:58
Summary
excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Details
Multiple security vulnerabilities affect the prometheus-node-exporter-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "prometheus-node-exporter-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.9.1-r1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the prometheus-node-exporter-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-QE58701",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T16:22:55.193625Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-QE58701"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-CGRX-MC8F-2PRM"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-F6X5-JH6R-WRFV"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-J5W8-Q4QC-RX2X"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-VVGC-356P-C3XW"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate",
"upstream": [
"CVE-2025-61727",
"CVE-2025-61729",
"GHSA-CGRX-MC8F-2PRM",
"GHSA-F6X5-JH6R-WRFV",
"GHSA-J5W8-Q4QC-RX2X",
"GHSA-VVGC-356P-C3XW"
]
}
cleanstart-2026-gl18398
Vulnerability from cleanstart
Published
2026-01-30 16:36
Modified
2026-01-29 18:58
Summary
excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Details
Multiple security vulnerabilities affect the elastic-beats-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | |||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "elastic-beats-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "9.2.2-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the elastic-beats-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-GL18398",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T16:36:55.508939Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-GL18398"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-32FW-GQ77-F2F2"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-F6X5-JH6R-WRFV"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-J5W8-Q4QC-RX2X"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate",
"upstream": [
"CVE-2025-47913",
"CVE-2025-61727",
"CVE-2025-61729",
"GHSA-32FW-GQ77-F2F2",
"GHSA-F6X5-JH6R-WRFV",
"GHSA-J5W8-Q4QC-RX2X"
]
}
cleanstart-2026-li04631
Vulnerability from cleanstart
Published
2026-04-01 09:08
Modified
2026-03-28 10:16
Summary
Security fixes for CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-61732, CVE-2025-68119, CVE-2025-68121, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142 applied in versions: 1.79.0-r0, 1.79.0-r2, 1.79.0-r3
Details
Multiple security vulnerabilities affect the prometheus-redis-exporter-fips package. These issues are resolved in later releases. See references for individual vulnerability details.
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "prometheus-redis-exporter-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.79.0-r3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the prometheus-redis-exporter-fips package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-LI04631",
"modified": "2026-03-28T10:16:19Z",
"published": "2026-04-01T09:08:44.082129Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-LI04631.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61732"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68119"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61732"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68119"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27142"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-61732, CVE-2025-68119, CVE-2025-68121, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142 applied in versions: 1.79.0-r0, 1.79.0-r2, 1.79.0-r3",
"upstream": [
"CVE-2025-61726",
"CVE-2025-61727",
"CVE-2025-61728",
"CVE-2025-61729",
"CVE-2025-61730",
"CVE-2025-61732",
"CVE-2025-68119",
"CVE-2025-68121",
"CVE-2026-25679",
"CVE-2026-27139",
"CVE-2026-27142"
]
}
cleanstart-2026-bh03809
Vulnerability from cleanstart
Published
2026-01-30 15:04
Modified
2026-01-29 18:58
Summary
excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Details
Multiple security vulnerabilities affect the kube-rbac-proxy-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.
Severity
9.8 (Critical)
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "kube-rbac-proxy-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.17.1-r1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the kube-rbac-proxy-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-BH03809",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T15:04:53.009971Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-BH03809"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate",
"upstream": [
"CVE-2025-61727",
"CVE-2025-61729"
]
}
cleanstart-2026-aq75465
Vulnerability from cleanstart
Published
2026-04-01 09:50
Modified
2026-03-16 05:35
Summary
Security fixes for CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61729, CVE-2026-1229, CVE-2026-27141 applied in versions: 3.19.0-r0, 4.0.0-r0, 4.0.1-r0, 4.1.1-r1
Details
Multiple security vulnerabilities affect the helm package. These issues are resolved in later releases. See references for individual vulnerability details.
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "helm"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.1.1-r1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the helm package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-AQ75465",
"modified": "2026-03-16T05:35:26Z",
"published": "2026-04-01T09:50:20.419820Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-AQ75465.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-1229"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27141"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1229"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27141"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61729, CVE-2026-1229, CVE-2026-27141 applied in versions: 3.19.0-r0, 4.0.0-r0, 4.0.1-r0, 4.1.1-r1",
"upstream": [
"CVE-2025-58183",
"CVE-2025-58185",
"CVE-2025-58187",
"CVE-2025-58188",
"CVE-2025-58189",
"CVE-2025-61723",
"CVE-2025-61724",
"CVE-2025-61725",
"CVE-2025-61729",
"CVE-2026-1229",
"CVE-2026-27141"
]
}
cleanstart-2026-nv78596
Vulnerability from cleanstart
Published
2026-04-01 09:32
Modified
2026-03-23 07:34
Summary
Security fixes for CVE-2022-29526, CVE-2025-47907, CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-68121, CVE-2026-24515, CVE-2026-25210, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, ghsa-4f99-4q7p-p3gh applied in versions: 0.10-r0, 0.11-r0, 0.11-r2, 0.11-r3, 0.11-r4
Details
Multiple security vulnerabilities affect the druid-exporter-fips package. These issues are resolved in later releases. See references for individual vulnerability details.
References
| URL | Type | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "druid-exporter-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.11-r4"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the druid-exporter-fips package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-NV78596",
"modified": "2026-03-23T07:34:57Z",
"published": "2026-04-01T09:32:41.363681Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-NV78596.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2022-29526"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47907"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-24515"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25210"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-4f99-4q7p-p3gh"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-29526"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47907"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24515"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25210"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27142"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2022-29526, CVE-2025-47907, CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61726, CVE-2025-61727, CVE-2025-61728, CVE-2025-61729, CVE-2025-61730, CVE-2025-68121, CVE-2026-24515, CVE-2026-25210, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, ghsa-4f99-4q7p-p3gh applied in versions: 0.10-r0, 0.11-r0, 0.11-r2, 0.11-r3, 0.11-r4",
"upstream": [
"CVE-2022-29526",
"CVE-2025-47907",
"CVE-2025-58183",
"CVE-2025-58185",
"CVE-2025-58187",
"CVE-2025-58188",
"CVE-2025-58189",
"CVE-2025-61723",
"CVE-2025-61724",
"CVE-2025-61725",
"CVE-2025-61726",
"CVE-2025-61727",
"CVE-2025-61728",
"CVE-2025-61729",
"CVE-2025-61730",
"CVE-2025-68121",
"CVE-2026-24515",
"CVE-2026-25210",
"CVE-2026-25679",
"CVE-2026-27139",
"CVE-2026-27142",
"ghsa-4f99-4q7p-p3gh"
]
}
cleanstart-2026-do54415
Vulnerability from cleanstart
Published
2026-01-30 15:33
Modified
2026-01-29 18:58
Summary
Within HostnameError
Details
Security vulnerability affects the external-secrets package. Within HostnameError.
Severity
9.8 (Critical)
References
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "external-secrets"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.1.0-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Security vulnerability affects the external-secrets package. Within HostnameError.",
"id": "CLEANSTART-2026-DO54415",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T15:33:23.703184Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-DO54415"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-61729"
]
}
cleanstart-2026-az24638
Vulnerability from cleanstart
Published
2026-01-30 17:22
Modified
2026-01-29 18:58
Summary
Within HostnameError
Details
Multiple security vulnerabilities affect the opentofu-fips package. Within HostnameError. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "opentofu-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.9.4-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the opentofu-fips package. Within HostnameError. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-AZ24638",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T17:22:56.881050Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-AZ24638"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-2464-8J7C-4CJM"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-2X5J-VHC8-9CWM"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-6V2P-P543-PHR9"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-C6GW-W398-HV78"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-FV92-FJC5-JJ9H"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-HCG3-Q754-CR77"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-JC7W-C686-C4V9"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-MH63-6H87-95CP"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-QXP5-GWG8-XV66"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-VVGC-356P-C3XW"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-WJRX-6529-HCJ3"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-47913",
"CVE-2025-47914",
"CVE-2025-58181",
"CVE-2025-61727",
"CVE-2025-61729",
"GHSA-2464-8J7C-4CJM",
"GHSA-2X5J-VHC8-9CWM",
"GHSA-6V2P-P543-PHR9",
"GHSA-C6GW-W398-HV78",
"GHSA-FV92-FJC5-JJ9H",
"GHSA-HCG3-Q754-CR77",
"GHSA-JC7W-C686-C4V9",
"GHSA-MH63-6H87-95CP",
"GHSA-QXP5-GWG8-XV66",
"GHSA-VVGC-356P-C3XW",
"GHSA-WJRX-6529-HCJ3"
]
}
cleanstart-2026-uy85485
Vulnerability from cleanstart
Published
2026-01-30 14:45
Modified
2026-01-29 18:58
Summary
Within HostnameError
Details
Multiple security vulnerabilities affect the vault-k8s package. Within HostnameError. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "vault-k8s"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.7.1-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the vault-k8s package. Within HostnameError. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-UY85485",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T14:45:52.628542Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-UY85485.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-58183",
"CVE-2025-58185",
"CVE-2025-58187",
"CVE-2025-58188",
"CVE-2025-58189",
"CVE-2025-61723",
"CVE-2025-61724",
"CVE-2025-61725",
"CVE-2025-61729"
]
}
cleanstart-2026-ur80185
Vulnerability from cleanstart
Published
2026-01-30 15:30
Modified
2026-01-29 18:58
Summary
excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Details
Multiple security vulnerabilities affect the helm-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "helm-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "3.19.0-r1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the helm-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-UR80185",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T15:30:24.609590Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-UR80185.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate",
"upstream": [
"CVE-2025-58183",
"CVE-2025-58185",
"CVE-2025-58187",
"CVE-2025-58188",
"CVE-2025-58189",
"CVE-2025-61723",
"CVE-2025-61724",
"CVE-2025-61725",
"CVE-2025-61727",
"CVE-2025-61729"
]
}
cleanstart-2026-fj56296
Vulnerability from cleanstart
Published
2026-01-30 15:45
Modified
2026-01-29 18:58
Summary
SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process
Details
Multiple security vulnerabilities affect the cloudnative-pg-fips package. SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "cloudnative-pg-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.26.2-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the cloudnative-pg-fips package. SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-FJ56296",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T15:45:23.960354Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-FJ56296"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process",
"upstream": [
"CVE-2025-47913",
"CVE-2025-47914",
"CVE-2025-58181",
"CVE-2025-61727",
"CVE-2025-61729"
]
}
cleanstart-2026-co80279
Vulnerability from cleanstart
Published
2026-01-30 15:02
Modified
2026-01-29 18:58
Summary
Within HostnameError
Details
Security vulnerability affects the kube-vip package. Within HostnameError.
Severity
9.8 (Critical)
References
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "kube-vip"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.0.1-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Security vulnerability affects the kube-vip package. Within HostnameError.",
"id": "CLEANSTART-2026-CO80279",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T15:02:52.896368Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-CO80279"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-61729"
]
}
cleanstart-2026-fb07695
Vulnerability from cleanstart
Published
2026-04-15 00:45
Modified
2026-04-14 11:38
Summary
When verifying a certificate chain containing excluded DNS constraints, these constraints are not correctly applied to wildcard DNS SANs which use a different case than the constraint
Details
Multiple security vulnerabilities affect the velero-fips package. When verifying a certificate chain containing excluded DNS constraints, these constraints are not correctly applied to wildcard DNS SANs which use a different case than the constraint. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "velero-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.17.2-r5"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the velero-fips package. When verifying a certificate chain containing excluded DNS constraints, these constraints are not correctly applied to wildcard DNS SANs which use a different case than the constraint. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-FB07695",
"modified": "2026-04-14T11:38:13Z",
"published": "2026-04-15T00:45:38.848496Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-FB07695.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68119"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33810"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-34986"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-39883"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-f6x5-jh6r-wrfv"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-j5w8-q4qc-rx2x"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-xmrv-pmrh-hhx2"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68119"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32289"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33810"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39883"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "When verifying a certificate chain containing excluded DNS constraints, these constraints are not correctly applied to wildcard DNS SANs which use a different case than the constraint",
"upstream": [
"CVE-2025-61726",
"CVE-2025-61728",
"CVE-2025-61729",
"CVE-2025-61730",
"CVE-2025-68119",
"CVE-2025-68121",
"CVE-2026-24051",
"CVE-2026-25679",
"CVE-2026-27139",
"CVE-2026-27142",
"CVE-2026-32280",
"CVE-2026-32281",
"CVE-2026-32282",
"CVE-2026-32283",
"CVE-2026-32289",
"CVE-2026-33186",
"CVE-2026-33810",
"CVE-2026-34986",
"CVE-2026-39883",
"ghsa-f6x5-jh6r-wrfv",
"ghsa-j5w8-q4qc-rx2x",
"ghsa-xmrv-pmrh-hhx2"
]
}
cleanstart-2026-vc16841
Vulnerability from cleanstart
Published
2026-01-30 15:02
Modified
2026-01-29 18:58
Summary
Within HostnameError
Details
Multiple security vulnerabilities affect the kyverno package. Within HostnameError. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "kyverno"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.16.0-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the kyverno package. Within HostnameError. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-VC16841",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T15:02:22.944744Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-VC16841.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-58183",
"CVE-2025-58185",
"CVE-2025-58187",
"CVE-2025-58188",
"CVE-2025-58189",
"CVE-2025-61723",
"CVE-2025-61724",
"CVE-2025-61725",
"CVE-2025-61729"
]
}
cleanstart-2026-zp68963
Vulnerability from cleanstart
Published
2026-01-30 15:47
Modified
2026-01-29 18:58
Summary
SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process
Details
Multiple security vulnerabilities affect the cloudnative-pg-fips package. SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "cloudnative-pg-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.25.4-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the cloudnative-pg-fips package. SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-ZP68963",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T15:47:54.288582Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-ZP68963.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process",
"upstream": [
"CVE-2025-47913",
"CVE-2025-47914",
"CVE-2025-58181",
"CVE-2025-61727",
"CVE-2025-61729"
]
}
cleanstart-2026-nc32267
Vulnerability from cleanstart
Published
2026-04-01 09:31
Modified
2026-03-23 07:39
Summary
Security fixes for CVE-2025-47913, CVE-2025-47914, CVE-2025-58181, CVE-2025-61727, CVE-2025-61729, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-33186 applied in versions: 1.24.4-r0, 1.28.1-r0, 1.28.1-r1
Details
Multiple security vulnerabilities affect the cloudnative-pg-fips package. These issues are resolved in later releases. See references for individual vulnerability details.
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "cloudnative-pg-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.28.1-r1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the cloudnative-pg-fips package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-NC32267",
"modified": "2026-03-23T07:39:20Z",
"published": "2026-04-01T09:31:06.582607Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-NC32267.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2025-47913, CVE-2025-47914, CVE-2025-58181, CVE-2025-61727, CVE-2025-61729, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, CVE-2026-33186 applied in versions: 1.24.4-r0, 1.28.1-r0, 1.28.1-r1",
"upstream": [
"CVE-2025-47913",
"CVE-2025-47914",
"CVE-2025-58181",
"CVE-2025-61727",
"CVE-2025-61729",
"CVE-2026-25679",
"CVE-2026-27139",
"CVE-2026-27142",
"CVE-2026-33186"
]
}
cleanstart-2026-hx97842
Vulnerability from cleanstart
Published
2026-04-01 09:37
Modified
2026-03-20 11:37
Summary
Security fixes for CVE-2025-47911, CVE-2025-47913, CVE-2025-47914, CVE-2025-54410, CVE-2025-58181, CVE-2025-58190, CVE-2025-61727, CVE-2025-61729, CVE-2025-68121, CVE-2026-1229, CVE-2026-24051, CVE-2026-25679, CVE-2026-26958, CVE-2026-27139, CVE-2026-27142, CVE-2026-33186 applied in versions: 2.2.2-r6, 2.3.2-r4, 2.4.4-r2, 2.5.0-r0, 2.5.0-r1
Details
Multiple security vulnerabilities affect the openbao-fips package. These issues are resolved in later releases. See references for individual vulnerability details.
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "openbao-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.5.0-r1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the openbao-fips package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-HX97842",
"modified": "2026-03-20T11:37:58Z",
"published": "2026-04-01T09:37:55.704076Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-HX97842.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47911"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-54410"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58190"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-1229"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-26958"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47911"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-54410"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58190"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1229"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26958"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2025-47911, CVE-2025-47913, CVE-2025-47914, CVE-2025-54410, CVE-2025-58181, CVE-2025-58190, CVE-2025-61727, CVE-2025-61729, CVE-2025-68121, CVE-2026-1229, CVE-2026-24051, CVE-2026-25679, CVE-2026-26958, CVE-2026-27139, CVE-2026-27142, CVE-2026-33186 applied in versions: 2.2.2-r6, 2.3.2-r4, 2.4.4-r2, 2.5.0-r0, 2.5.0-r1",
"upstream": [
"CVE-2025-47911",
"CVE-2025-47913",
"CVE-2025-47914",
"CVE-2025-54410",
"CVE-2025-58181",
"CVE-2025-58190",
"CVE-2025-61727",
"CVE-2025-61729",
"CVE-2025-68121",
"CVE-2026-1229",
"CVE-2026-24051",
"CVE-2026-25679",
"CVE-2026-26958",
"CVE-2026-27139",
"CVE-2026-27142",
"CVE-2026-33186"
]
}
cleanstart-2026-xb34574
Vulnerability from cleanstart
Published
2026-02-11 00:40
Modified
2026-02-10 22:11
Summary
excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Details
Multiple security vulnerabilities affect the istio-pilot-discovery-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.
Severity
9.8 (Critical)
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "istio-pilot-discovery-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.28.1-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the istio-pilot-discovery-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-XB34574",
"modified": "2026-02-10T22:11:02Z",
"published": "2026-02-11T00:40:59.223419Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-XB34574.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate",
"upstream": [
"CVE-2025-61727",
"CVE-2025-61729"
]
}
cleanstart-2026-jj09127
Vulnerability from cleanstart
Published
2026-04-01 09:26
Modified
2026-03-24 04:58
Summary
Security fixes for CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61729, CVE-2026-33186 applied in versions: 0.28.7-r1, 0.29.0-r0, 0.30.0-r0
Details
Multiple security vulnerabilities affect the step-cli package. These issues are resolved in later releases. See references for individual vulnerability details.
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "step-cli"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.30.0-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the step-cli package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-JJ09127",
"modified": "2026-03-24T04:58:10Z",
"published": "2026-04-01T09:26:20.691727Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-JJ09127.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-33186"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61729, CVE-2026-33186 applied in versions: 0.28.7-r1, 0.29.0-r0, 0.30.0-r0",
"upstream": [
"CVE-2025-58183",
"CVE-2025-58185",
"CVE-2025-58187",
"CVE-2025-58188",
"CVE-2025-58189",
"CVE-2025-61723",
"CVE-2025-61724",
"CVE-2025-61725",
"CVE-2025-61729",
"CVE-2026-33186"
]
}
cleanstart-2026-ds01292
Vulnerability from cleanstart
Published
2026-04-01 10:03
Modified
2026-03-10 06:29
Summary
Security fixes for CVE-2025-47910, CVE-2025-47913, CVE-2025-47914, CVE-2025-58181, CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61727, CVE-2025-61729, CVE-2026-24051, CVE-2026-27141, ghsa-9h8m-3fm2-qjrq applied in versions: 1.19.1-r0, 1.19.2-r0, 1.19.2-r1
Details
Multiple security vulnerabilities affect the cert-manager-fips package. These issues are resolved in later releases. See references for individual vulnerability details.
References
| URL | Type | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "cert-manager-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.19.2-r1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the cert-manager-fips package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-DS01292",
"modified": "2026-03-10T06:29:01Z",
"published": "2026-04-01T10:03:13.135534Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-DS01292.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47910"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27141"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-9h8m-3fm2-qjrq"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47910"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24051"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27141"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2025-47910, CVE-2025-47913, CVE-2025-47914, CVE-2025-58181, CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2025-61727, CVE-2025-61729, CVE-2026-24051, CVE-2026-27141, ghsa-9h8m-3fm2-qjrq applied in versions: 1.19.1-r0, 1.19.2-r0, 1.19.2-r1",
"upstream": [
"CVE-2025-47910",
"CVE-2025-47913",
"CVE-2025-47914",
"CVE-2025-58181",
"CVE-2025-58183",
"CVE-2025-58185",
"CVE-2025-58187",
"CVE-2025-58188",
"CVE-2025-58189",
"CVE-2025-61723",
"CVE-2025-61724",
"CVE-2025-61725",
"CVE-2025-61727",
"CVE-2025-61729",
"CVE-2026-24051",
"CVE-2026-27141",
"ghsa-9h8m-3fm2-qjrq"
]
}
cleanstart-2026-vi85055
Vulnerability from cleanstart
Published
2026-02-25 00:51
Modified
2026-02-24 09:23
Summary
Within HostnameError
Details
Multiple security vulnerabilities affect the helm package. Within HostnameError. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "helm"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.0.1-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the helm package. Within HostnameError. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-VI85055",
"modified": "2026-02-24T09:23:19Z",
"published": "2026-02-25T00:51:12.873948Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-VI85055.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-58183",
"CVE-2025-58185",
"CVE-2025-58187",
"CVE-2025-58188",
"CVE-2025-58189",
"CVE-2025-61723",
"CVE-2025-61724",
"CVE-2025-61725",
"CVE-2025-61729"
]
}
cleanstart-2026-od98869
Vulnerability from cleanstart
Published
2026-03-10 00:59
Modified
2026-03-09 13:15
Summary
Within HostnameError
Details
Security vulnerability affects the trust-manager package. Within HostnameError.
Severity
9.8 (Critical)
References
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "trust-manager"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.20.2-r1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Security vulnerability affects the trust-manager package. Within HostnameError.",
"id": "CLEANSTART-2026-OD98869",
"modified": "2026-03-09T13:15:34Z",
"published": "2026-03-10T00:59:05.580952Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-OD98869"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-61729"
]
}
cleanstart-2026-dt66006
Vulnerability from cleanstart
Published
2026-03-10 00:58
Modified
2026-03-09 13:15
Summary
Within HostnameError
Details
Security vulnerability affects the prometheus-redis-exporter package. Within HostnameError.
Severity
9.8 (Critical)
References
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "prometheus-redis-exporter"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.80.1-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Security vulnerability affects the prometheus-redis-exporter package. Within HostnameError.",
"id": "CLEANSTART-2026-DT66006",
"modified": "2026-03-09T13:15:34Z",
"published": "2026-03-10T00:58:35.493841Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-DT66006"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-61729"
]
}
cleanstart-2026-ib05679
Vulnerability from cleanstart
Published
2026-01-30 15:06
Modified
2026-01-29 18:58
Summary
Within HostnameError
Details
Multiple security vulnerabilities affect the k8ssandra-operator-fips package. Within HostnameError. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "k8ssandra-operator-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.26.0-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the k8ssandra-operator-fips package. Within HostnameError. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-IB05679",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T15:06:23.436295Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-IB05679"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-0913"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-4673"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47907"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-0913"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4673"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47907"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-0913",
"CVE-2025-4673",
"CVE-2025-47907",
"CVE-2025-61727",
"CVE-2025-61729"
]
}
cleanstart-2026-vz85637
Vulnerability from cleanstart
Published
2026-02-25 00:50
Modified
2026-02-24 09:23
Summary
excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Details
Multiple security vulnerabilities affect the helm-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "helm-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.0.1-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the helm-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-VZ85637",
"modified": "2026-02-24T09:23:19Z",
"published": "2026-02-25T00:50:42.986205Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-VZ85637.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate",
"upstream": [
"CVE-2025-58183",
"CVE-2025-58185",
"CVE-2025-58187",
"CVE-2025-58188",
"CVE-2025-58189",
"CVE-2025-61723",
"CVE-2025-61724",
"CVE-2025-61725",
"CVE-2025-61727",
"CVE-2025-61729"
]
}
cleanstart-2026-gs30434
Vulnerability from cleanstart
Published
2026-01-30 14:35
Modified
2026-01-29 18:58
Summary
Within HostnameError
Details
Multiple security vulnerabilities affect the kubernetes package. Within HostnameError. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "kubernetes"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.32.10-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the kubernetes package. Within HostnameError. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-GS30434",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T14:35:22.588418Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-GS30434"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-6V2P-P543-PHR9"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-61727",
"CVE-2025-61729",
"GHSA-6V2P-P543-PHR9"
]
}
cleanstart-2026-yk82785
Vulnerability from cleanstart
Published
2026-01-30 14:01
Modified
2026-01-29 18:58
Summary
Within HostnameError
Details
Multiple security vulnerabilities affect the kubernetes package. Within HostnameError. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "kubernetes"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.31.14-r1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the kubernetes package. Within HostnameError. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-YK82785",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T14:01:20.108833Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-YK82785.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-6v2p-p543-phr9"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-61727",
"CVE-2025-61729",
"GHSA-6v2p-p543-phr9"
]
}
cleanstart-2026-gg58376
Vulnerability from cleanstart
Published
2026-02-17 00:41
Modified
2026-02-16 09:23
Summary
Within HostnameError
Details
Multiple security vulnerabilities affect the opentofu-fips package. Within HostnameError. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "opentofu-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.9.4-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the opentofu-fips package. Within HostnameError. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-GG58376",
"modified": "2026-02-16T09:23:22Z",
"published": "2026-02-17T00:41:15.939977Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-GG58376"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-2464-8J7C-4CJM"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-2X5J-VHC8-9CWM"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-6V2P-P543-PHR9"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-C6GW-W398-HV78"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-FV92-FJC5-JJ9H"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-HCG3-Q754-CR77"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-JC7W-C686-C4V9"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-MH63-6H87-95CP"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-QXP5-GWG8-XV66"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-R92C-9C7F-3PJ8"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-VVGC-356P-C3XW"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/GHSA-WJRX-6529-HCJ3"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47914"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58181"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-47913",
"CVE-2025-47914",
"CVE-2025-58181",
"CVE-2025-61727",
"CVE-2025-61729",
"GHSA-2464-8J7C-4CJM",
"GHSA-2X5J-VHC8-9CWM",
"GHSA-6V2P-P543-PHR9",
"GHSA-C6GW-W398-HV78",
"GHSA-FV92-FJC5-JJ9H",
"GHSA-HCG3-Q754-CR77",
"GHSA-JC7W-C686-C4V9",
"GHSA-MH63-6H87-95CP",
"GHSA-QXP5-GWG8-XV66",
"GHSA-R92C-9C7F-3PJ8",
"GHSA-VVGC-356P-C3XW",
"GHSA-WJRX-6529-HCJ3"
]
}
cleanstart-2026-tj33788
Vulnerability from cleanstart
Published
2026-02-10 00:39
Modified
2026-02-09 12:51
Summary
Within HostnameError
Details
Multiple security vulnerabilities affect the openbao-fips package. Within HostnameError. See references for individual vulnerability details.
Severity
9.8 (Critical)
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "openbao-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.5.0-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the openbao-fips package. Within HostnameError. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-TJ33788",
"modified": "2026-02-09T12:51:17Z",
"published": "2026-02-10T00:39:24.476012Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-TJ33788.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-61727",
"CVE-2025-61729"
]
}
cleanstart-2026-iy78242
Vulnerability from cleanstart
Published
2026-04-01 09:44
Modified
2026-03-19 06:58
Summary
Security fixes for CVE-2025-61729, CVE-2025-61732, CVE-2025-68121, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, ghsa-273p-m2cw-6833, ghsa-4c4x-jm2x-pf9j, ghsa-4qg8-fj49-pxjh, ghsa-59jp-pj84-45mr, ghsa-72c7-4g63-hpw5, ghsa-846p-jg2w-w324, ghsa-9h8m-3fm2-qjrq, ghsa-f6x5-jh6r-wrfv, ghsa-f83f-xpx7-ffpw, ghsa-fcv2-xgw5-pqxf, ghsa-fphv-w9fq-2525, ghsa-fw7p-63qq-7hpr, ghsa-j5w8-q4qc-rx2x, ghsa-jqc5-w2xx-5vq4, ghsa-p436-gjf2-799p, ghsa-whqx-f9j3-ch6m applied in versions: 0.26.0-r0, 0.26.0-r1, 0.26.0-r2, 0.26.0-r3, 0.26.0-r4
Details
Multiple security vulnerabilities affect the tekton-chains-fips package. These issues are resolved in later releases. See references for individual vulnerability details.
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "tekton-chains-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.26.0-r4"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the tekton-chains-fips package. These issues are resolved in later releases. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-IY78242",
"modified": "2026-03-19T06:58:14Z",
"published": "2026-04-01T09:44:29.089231Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-IY78242.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61732"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-273p-m2cw-6833"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-4c4x-jm2x-pf9j"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-4qg8-fj49-pxjh"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-59jp-pj84-45mr"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-72c7-4g63-hpw5"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-846p-jg2w-w324"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-9h8m-3fm2-qjrq"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-f6x5-jh6r-wrfv"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-f83f-xpx7-ffpw"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-fcv2-xgw5-pqxf"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-fphv-w9fq-2525"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-fw7p-63qq-7hpr"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-j5w8-q4qc-rx2x"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-jqc5-w2xx-5vq4"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-p436-gjf2-799p"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-whqx-f9j3-ch6m"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61732"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27142"
}
],
"related": [],
"schema_version": "1.7.3",
"summary": "Security fixes for CVE-2025-61729, CVE-2025-61732, CVE-2025-68121, CVE-2026-25679, CVE-2026-27139, CVE-2026-27142, ghsa-273p-m2cw-6833, ghsa-4c4x-jm2x-pf9j, ghsa-4qg8-fj49-pxjh, ghsa-59jp-pj84-45mr, ghsa-72c7-4g63-hpw5, ghsa-846p-jg2w-w324, ghsa-9h8m-3fm2-qjrq, ghsa-f6x5-jh6r-wrfv, ghsa-f83f-xpx7-ffpw, ghsa-fcv2-xgw5-pqxf, ghsa-fphv-w9fq-2525, ghsa-fw7p-63qq-7hpr, ghsa-j5w8-q4qc-rx2x, ghsa-jqc5-w2xx-5vq4, ghsa-p436-gjf2-799p, ghsa-whqx-f9j3-ch6m applied in versions: 0.26.0-r0, 0.26.0-r1, 0.26.0-r2, 0.26.0-r3, 0.26.0-r4",
"upstream": [
"CVE-2025-61729",
"CVE-2025-61732",
"CVE-2025-68121",
"CVE-2026-25679",
"CVE-2026-27139",
"CVE-2026-27142",
"ghsa-273p-m2cw-6833",
"ghsa-4c4x-jm2x-pf9j",
"ghsa-4qg8-fj49-pxjh",
"ghsa-59jp-pj84-45mr",
"ghsa-72c7-4g63-hpw5",
"ghsa-846p-jg2w-w324",
"ghsa-9h8m-3fm2-qjrq",
"ghsa-f6x5-jh6r-wrfv",
"ghsa-f83f-xpx7-ffpw",
"ghsa-fcv2-xgw5-pqxf",
"ghsa-fphv-w9fq-2525",
"ghsa-fw7p-63qq-7hpr",
"ghsa-j5w8-q4qc-rx2x",
"ghsa-jqc5-w2xx-5vq4",
"ghsa-p436-gjf2-799p",
"ghsa-whqx-f9j3-ch6m"
]
}
cleanstart-2026-mi26039
Vulnerability from cleanstart
Published
2026-01-30 14:49
Modified
2026-01-29 18:58
Summary
Within HostnameError
Details
Multiple security vulnerabilities affect the step-issuer package. Within HostnameError. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "step-issuer"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.9.9-r1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the step-issuer package. Within HostnameError. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-MI26039",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T14:49:22.768843Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-MI26039"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-62820"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58185"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58187"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58188"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58189"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61723"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61724"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61725"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62820"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-58183",
"CVE-2025-58185",
"CVE-2025-58187",
"CVE-2025-58188",
"CVE-2025-58189",
"CVE-2025-61723",
"CVE-2025-61724",
"CVE-2025-61725",
"CVE-2025-61729",
"CVE-2025-62820"
]
}
cleanstart-2026-hq78610
Vulnerability from cleanstart
Published
2026-04-25 00:45
Modified
2026-04-24 22:46
Summary
Aircompressor is a library with ports of the Snappy, LZO, LZ4, and Zstandard compression algorithms to Java
Details
Multiple security vulnerabilities affect the trino package. Aircompressor is a library with ports of the Snappy, LZO, LZ4, and Zstandard compression algorithms to Java. See references for individual vulnerability details.
Severity
9.8 (Critical)
References
| URL | Type | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "trino"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "479-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the trino package. Aircompressor is a library with ports of the Snappy, LZO, LZ4, and Zstandard compression algorithms to Java. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-HQ78610",
"modified": "2026-04-24T22:46:48Z",
"published": "2026-04-25T00:45:02.559999Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-HQ78610.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61732"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-67721"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68119"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-1225"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-1605"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2026-27142"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/ghsa-72hv-8253-57qq"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61730"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61732"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-67721"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68119"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1225"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1605"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27139"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27142"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Aircompressor is a library with ports of the Snappy, LZO, LZ4, and Zstandard compression algorithms to Java",
"upstream": [
"CVE-2025-61726",
"CVE-2025-61727",
"CVE-2025-61728",
"CVE-2025-61729",
"CVE-2025-61730",
"CVE-2025-61732",
"CVE-2025-67721",
"CVE-2025-68119",
"CVE-2025-68121",
"CVE-2026-1225",
"CVE-2026-1605",
"CVE-2026-25679",
"CVE-2026-27139",
"CVE-2026-27142",
"ghsa-72hv-8253-57qq"
]
}
cleanstart-2026-nv82543
Vulnerability from cleanstart
Published
2026-01-30 16:29
Modified
2026-01-29 18:58
Summary
excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Details
Multiple security vulnerabilities affect the metrics-server-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.
Severity
9.8 (Critical)
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "metrics-server-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.6.4-r1"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the metrics-server-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-NV82543",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T16:29:25.549030Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-NV82543"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate",
"upstream": [
"CVE-2025-61727",
"CVE-2025-61729"
]
}
cleanstart-2026-rt10702
Vulnerability from cleanstart
Published
2026-01-30 16:30
Modified
2026-01-29 18:58
Summary
Within HostnameError
Details
Multiple security vulnerabilities affect the kubernetes-fips package. Within HostnameError. See references for individual vulnerability details.
Severity
9.8 (Critical)
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "kubernetes-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1.32.10-r0"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the kubernetes-fips package. Within HostnameError. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-RT10702",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T16:30:25.697056Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-RT10702.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "Within HostnameError",
"upstream": [
"CVE-2025-61727",
"CVE-2025-61729"
]
}
cleanstart-2026-uj17204
Vulnerability from cleanstart
Published
2026-01-30 15:03
Modified
2026-01-29 18:58
Summary
excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
Details
Multiple security vulnerabilities affect the kube-rbac-proxy-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.
Severity
9.8 (Critical)
{
"affected": [
{
"package": {
"ecosystem": "CleanStart",
"name": "kube-rbac-proxy-fips"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "0.18.2-r2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"credits": [],
"database_specific": {},
"details": "Multiple security vulnerabilities affect the kube-rbac-proxy-fips package. An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. See references for individual vulnerability details.",
"id": "CLEANSTART-2026-UJ17204",
"modified": "2026-01-29T18:58:54Z",
"published": "2026-01-30T15:03:52.998379Z",
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cleanstart-dev/cleanstart-security-advisories/tree/main/advisories/2026/CLEANSTART-2026-UJ17204.json"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://osv.dev/vulnerability/CVE-2025-61729"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61727"
},
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
}
],
"related": [],
"schema_version": "1.7.3",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate",
"upstream": [
"CVE-2025-61727",
"CVE-2025-61729"
]
}
RHSA-2026:3833
Vulnerability from csaf_redhat - Published: 2026-03-05 08:23 - Updated: 2026-05-07 08:12Summary
Red Hat Security Advisory: grafana security update
Severity
Important
Notes
Topic: An update for grafana is now available for Red Hat Enterprise Linux 9.6 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB.
Security Fix(es):
* crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate (CVE-2025-61729)
* golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip (CVE-2025-61728)
* golang: net/url: Memory exhaustion in query parameter parsing in net/url (CVE-2025-61726)
* crypto/tls: Unexpected session resumption in crypto/tls (CVE-2025-68121)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.
7.5 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:3833
Workaround
Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.
A flaw was found in the archive/zip package in the Go standard library. A super-linear file name indexing algorithm is used in the first time a file in an archive is opened. A crafted zip archive containing a specific arrangement of file names can cause an excessive CPU and memory consumption. A Go application processing a malicious archive can become unresponsive or crash, resulting in a denial of service.
7.5 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:3833
Workaround
To mitigate this vulnerability, implement a timeout in your archive/zip processing logic to abort the operation if it exceeds a few seconds, preventing the application from consuming an excessive amount of resources.
A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.
7.5 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:3833
A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security (TLS) session resumption when certificate authority (CA) settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing a client or server to establish a connection that should have been rejected. This could lead to an authentication bypass under specific conditions.
7.4 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:3833
References
| URL | Category | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for grafana is now available for Red Hat Enterprise Linux 9.6 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB \u0026 OpenTSDB. \n\nSecurity Fix(es):\n\n* crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate (CVE-2025-61729)\n\n* golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip (CVE-2025-61728)\n\n* golang: net/url: Memory exhaustion in query parameter parsing in net/url (CVE-2025-61726)\n\n* crypto/tls: Unexpected session resumption in crypto/tls (CVE-2025-68121)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:3833",
"url": "https://access.redhat.com/errata/RHSA-2026:3833"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "2434431",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434431"
},
{
"category": "external",
"summary": "2434432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434432"
},
{
"category": "external",
"summary": "2437111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437111"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_3833.json"
}
],
"title": "Red Hat Security Advisory: grafana security update",
"tracking": {
"current_release_date": "2026-05-07T08:12:53+00:00",
"generator": {
"date": "2026-05-07T08:12:53+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.9"
}
},
"id": "RHSA-2026:3833",
"initial_release_date": "2026-03-05T08:23:57+00:00",
"revision_history": [
{
"date": "2026-03-05T08:23:57+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-03-05T08:23:57+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-07T08:12:53+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product": {
"name": "Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_eus:9.6::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-0:10.2.6-18.el9_6.src",
"product": {
"name": "grafana-0:10.2.6-18.el9_6.src",
"product_id": "grafana-0:10.2.6-18.el9_6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana@10.2.6-18.el9_6?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-0:10.2.6-18.el9_6.aarch64",
"product": {
"name": "grafana-0:10.2.6-18.el9_6.aarch64",
"product_id": "grafana-0:10.2.6-18.el9_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana@10.2.6-18.el9_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "grafana-selinux-0:10.2.6-18.el9_6.aarch64",
"product": {
"name": "grafana-selinux-0:10.2.6-18.el9_6.aarch64",
"product_id": "grafana-selinux-0:10.2.6-18.el9_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-selinux@10.2.6-18.el9_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "grafana-debugsource-0:10.2.6-18.el9_6.aarch64",
"product": {
"name": "grafana-debugsource-0:10.2.6-18.el9_6.aarch64",
"product_id": "grafana-debugsource-0:10.2.6-18.el9_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-debugsource@10.2.6-18.el9_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "grafana-debuginfo-0:10.2.6-18.el9_6.aarch64",
"product": {
"name": "grafana-debuginfo-0:10.2.6-18.el9_6.aarch64",
"product_id": "grafana-debuginfo-0:10.2.6-18.el9_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-debuginfo@10.2.6-18.el9_6?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-0:10.2.6-18.el9_6.ppc64le",
"product": {
"name": "grafana-0:10.2.6-18.el9_6.ppc64le",
"product_id": "grafana-0:10.2.6-18.el9_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana@10.2.6-18.el9_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "grafana-selinux-0:10.2.6-18.el9_6.ppc64le",
"product": {
"name": "grafana-selinux-0:10.2.6-18.el9_6.ppc64le",
"product_id": "grafana-selinux-0:10.2.6-18.el9_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-selinux@10.2.6-18.el9_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "grafana-debugsource-0:10.2.6-18.el9_6.ppc64le",
"product": {
"name": "grafana-debugsource-0:10.2.6-18.el9_6.ppc64le",
"product_id": "grafana-debugsource-0:10.2.6-18.el9_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-debugsource@10.2.6-18.el9_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "grafana-debuginfo-0:10.2.6-18.el9_6.ppc64le",
"product": {
"name": "grafana-debuginfo-0:10.2.6-18.el9_6.ppc64le",
"product_id": "grafana-debuginfo-0:10.2.6-18.el9_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-debuginfo@10.2.6-18.el9_6?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-0:10.2.6-18.el9_6.x86_64",
"product": {
"name": "grafana-0:10.2.6-18.el9_6.x86_64",
"product_id": "grafana-0:10.2.6-18.el9_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana@10.2.6-18.el9_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "grafana-selinux-0:10.2.6-18.el9_6.x86_64",
"product": {
"name": "grafana-selinux-0:10.2.6-18.el9_6.x86_64",
"product_id": "grafana-selinux-0:10.2.6-18.el9_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-selinux@10.2.6-18.el9_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "grafana-debugsource-0:10.2.6-18.el9_6.x86_64",
"product": {
"name": "grafana-debugsource-0:10.2.6-18.el9_6.x86_64",
"product_id": "grafana-debugsource-0:10.2.6-18.el9_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-debugsource@10.2.6-18.el9_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "grafana-debuginfo-0:10.2.6-18.el9_6.x86_64",
"product": {
"name": "grafana-debuginfo-0:10.2.6-18.el9_6.x86_64",
"product_id": "grafana-debuginfo-0:10.2.6-18.el9_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-debuginfo@10.2.6-18.el9_6?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-0:10.2.6-18.el9_6.s390x",
"product": {
"name": "grafana-0:10.2.6-18.el9_6.s390x",
"product_id": "grafana-0:10.2.6-18.el9_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana@10.2.6-18.el9_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "grafana-selinux-0:10.2.6-18.el9_6.s390x",
"product": {
"name": "grafana-selinux-0:10.2.6-18.el9_6.s390x",
"product_id": "grafana-selinux-0:10.2.6-18.el9_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-selinux@10.2.6-18.el9_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "grafana-debugsource-0:10.2.6-18.el9_6.s390x",
"product": {
"name": "grafana-debugsource-0:10.2.6-18.el9_6.s390x",
"product_id": "grafana-debugsource-0:10.2.6-18.el9_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-debugsource@10.2.6-18.el9_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "grafana-debuginfo-0:10.2.6-18.el9_6.s390x",
"product": {
"name": "grafana-debuginfo-0:10.2.6-18.el9_6.s390x",
"product_id": "grafana-debuginfo-0:10.2.6-18.el9_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-debuginfo@10.2.6-18.el9_6?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-0:10.2.6-18.el9_6.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-18.el9_6.aarch64"
},
"product_reference": "grafana-0:10.2.6-18.el9_6.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-0:10.2.6-18.el9_6.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-18.el9_6.ppc64le"
},
"product_reference": "grafana-0:10.2.6-18.el9_6.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-0:10.2.6-18.el9_6.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-18.el9_6.s390x"
},
"product_reference": "grafana-0:10.2.6-18.el9_6.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-0:10.2.6-18.el9_6.src as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-18.el9_6.src"
},
"product_reference": "grafana-0:10.2.6-18.el9_6.src",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-0:10.2.6-18.el9_6.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-18.el9_6.x86_64"
},
"product_reference": "grafana-0:10.2.6-18.el9_6.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-debuginfo-0:10.2.6-18.el9_6.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-18.el9_6.aarch64"
},
"product_reference": "grafana-debuginfo-0:10.2.6-18.el9_6.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-debuginfo-0:10.2.6-18.el9_6.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-18.el9_6.ppc64le"
},
"product_reference": "grafana-debuginfo-0:10.2.6-18.el9_6.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-debuginfo-0:10.2.6-18.el9_6.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-18.el9_6.s390x"
},
"product_reference": "grafana-debuginfo-0:10.2.6-18.el9_6.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-debuginfo-0:10.2.6-18.el9_6.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-18.el9_6.x86_64"
},
"product_reference": "grafana-debuginfo-0:10.2.6-18.el9_6.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-debugsource-0:10.2.6-18.el9_6.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-18.el9_6.aarch64"
},
"product_reference": "grafana-debugsource-0:10.2.6-18.el9_6.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-debugsource-0:10.2.6-18.el9_6.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-18.el9_6.ppc64le"
},
"product_reference": "grafana-debugsource-0:10.2.6-18.el9_6.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-debugsource-0:10.2.6-18.el9_6.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-18.el9_6.s390x"
},
"product_reference": "grafana-debugsource-0:10.2.6-18.el9_6.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-debugsource-0:10.2.6-18.el9_6.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-18.el9_6.x86_64"
},
"product_reference": "grafana-debugsource-0:10.2.6-18.el9_6.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-selinux-0:10.2.6-18.el9_6.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-18.el9_6.aarch64"
},
"product_reference": "grafana-selinux-0:10.2.6-18.el9_6.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-selinux-0:10.2.6-18.el9_6.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-18.el9_6.ppc64le"
},
"product_reference": "grafana-selinux-0:10.2.6-18.el9_6.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-selinux-0:10.2.6-18.el9_6.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-18.el9_6.s390x"
},
"product_reference": "grafana-selinux-0:10.2.6-18.el9_6.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-selinux-0:10.2.6-18.el9_6.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-18.el9_6.x86_64"
},
"product_reference": "grafana-selinux-0:10.2.6-18.el9_6.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-61726",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-28T20:01:42.791305+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2434432"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/url: Memory exhaustion in query parameter parsing in net/url",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker must be able to send a specially crafted HTTP request to an application parsing URL-encoded forms with net/url, specifically a request containing a large number of unique query parameters. The request will cause the application to consume an excessive amount of memory and eventually result in a denial of service, with no impact to confidentiality or integrity. Due to this reason, this vulnerability has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-18.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-18.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-18.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-18.el9_6.src",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-18.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-18.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-18.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-18.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-18.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-18.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-18.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-18.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-18.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-18.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-18.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-18.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-18.el9_6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61726"
},
{
"category": "external",
"summary": "RHBZ#2434432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434432"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61726"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"category": "external",
"summary": "https://go.dev/cl/736712",
"url": "https://go.dev/cl/736712"
},
{
"category": "external",
"summary": "https://go.dev/issue/77101",
"url": "https://go.dev/issue/77101"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
"url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4341",
"url": "https://pkg.go.dev/vuln/GO-2026-4341"
}
],
"release_date": "2026-01-28T19:30:31.215000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-05T08:23:57+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-18.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-18.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-18.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-18.el9_6.src",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-18.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-18.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-18.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-18.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-18.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-18.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-18.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-18.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-18.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-18.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-18.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-18.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-18.el9_6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3833"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-18.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-18.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-18.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-18.el9_6.src",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-18.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-18.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-18.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-18.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-18.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-18.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-18.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-18.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-18.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-18.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-18.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-18.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-18.el9_6.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-18.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-18.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-18.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-18.el9_6.src",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-18.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-18.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-18.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-18.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-18.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-18.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-18.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-18.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-18.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-18.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-18.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-18.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-18.el9_6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/url: Memory exhaustion in query parameter parsing in net/url"
},
{
"cve": "CVE-2025-61728",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-28T20:01:39.965024+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2434431"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the archive/zip package in the Go standard library. A super-linear file name indexing algorithm is used in the first time a file in an archive is opened. A crafted zip archive containing a specific arrangement of file names can cause an excessive CPU and memory consumption. A Go application processing a malicious archive can become unresponsive or crash, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker needs to be able to process a malicious zip archive with an application using the archive/zip package. Additionally, this vulnerability can cause a Go application to consume an excessive amount of CPU and memory, eventually resulting in a denial of service with no other security impact. Due to these reasons, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-18.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-18.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-18.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-18.el9_6.src",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-18.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-18.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-18.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-18.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-18.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-18.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-18.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-18.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-18.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-18.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-18.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-18.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-18.el9_6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61728"
},
{
"category": "external",
"summary": "RHBZ#2434431",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434431"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61728"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728"
},
{
"category": "external",
"summary": "https://go.dev/cl/736713",
"url": "https://go.dev/cl/736713"
},
{
"category": "external",
"summary": "https://go.dev/issue/77102",
"url": "https://go.dev/issue/77102"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
"url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4342",
"url": "https://pkg.go.dev/vuln/GO-2026-4342"
}
],
"release_date": "2026-01-28T19:30:31.354000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-05T08:23:57+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-18.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-18.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-18.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-18.el9_6.src",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-18.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-18.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-18.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-18.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-18.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-18.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-18.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-18.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-18.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-18.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-18.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-18.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-18.el9_6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3833"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, implement a timeout in your archive/zip processing logic to abort the operation if it exceeds a few seconds, preventing the application from consuming an excessive amount of resources.",
"product_ids": [
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-18.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-18.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-18.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-18.el9_6.src",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-18.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-18.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-18.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-18.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-18.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-18.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-18.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-18.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-18.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-18.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-18.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-18.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-18.el9_6.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-18.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-18.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-18.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-18.el9_6.src",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-18.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-18.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-18.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-18.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-18.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-18.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-18.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-18.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-18.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-18.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-18.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-18.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-18.el9_6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip"
},
{
"cve": "CVE-2025-61729",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2025-12-02T20:01:45.330964+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418462"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-18.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-18.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-18.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-18.el9_6.src",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-18.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-18.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-18.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-18.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-18.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-18.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-18.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-18.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-18.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-18.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-18.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-18.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-18.el9_6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "RHBZ#2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://go.dev/cl/725920",
"url": "https://go.dev/cl/725920"
},
{
"category": "external",
"summary": "https://go.dev/issue/76445",
"url": "https://go.dev/issue/76445"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4",
"url": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4155",
"url": "https://pkg.go.dev/vuln/GO-2025-4155"
}
],
"release_date": "2025-12-02T18:54:10.166000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-05T08:23:57+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-18.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-18.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-18.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-18.el9_6.src",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-18.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-18.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-18.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-18.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-18.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-18.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-18.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-18.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-18.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-18.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-18.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-18.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-18.el9_6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3833"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-18.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-18.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-18.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-18.el9_6.src",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-18.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-18.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-18.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-18.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-18.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-18.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-18.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-18.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-18.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-18.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-18.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-18.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-18.el9_6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate"
},
{
"cve": "CVE-2025-68121",
"discovery_date": "2026-02-05T18:01:30.086058+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2437111"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security (TLS) session resumption when certificate authority (CA) settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing a client or server to establish a connection that should have been rejected. This could lead to an authentication bypass under specific conditions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is a moderate flaw because it only occurs under specific conditions, such as TLS session resumption with runtime changes to certificate authority settings. Exploitation is not straightforward and requires a controlled setup. The impact is limited to certificate validation within the same component and does not affect system availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-18.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-18.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-18.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-18.el9_6.src",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-18.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-18.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-18.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-18.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-18.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-18.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-18.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-18.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-18.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-18.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-18.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-18.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-18.el9_6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68121"
},
{
"category": "external",
"summary": "RHBZ#2437111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437111"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68121"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"category": "external",
"summary": "https://go.dev/cl/737700",
"url": "https://go.dev/cl/737700"
},
{
"category": "external",
"summary": "https://go.dev/issue/77217",
"url": "https://go.dev/issue/77217"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk",
"url": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4337",
"url": "https://pkg.go.dev/vuln/GO-2026-4337"
}
],
"release_date": "2026-02-05T17:48:44.141000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-05T08:23:57+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-18.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-18.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-18.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-18.el9_6.src",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-18.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-18.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-18.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-18.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-18.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-18.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-18.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-18.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-18.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-18.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-18.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-18.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-18.el9_6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3833"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-18.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-18.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-18.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-18.el9_6.src",
"AppStream-9.6.0.Z.EUS:grafana-0:10.2.6-18.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-18.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-18.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-18.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-debuginfo-0:10.2.6-18.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-18.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-18.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-18.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-debugsource-0:10.2.6-18.el9_6.x86_64",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-18.el9_6.aarch64",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-18.el9_6.ppc64le",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-18.el9_6.s390x",
"AppStream-9.6.0.Z.EUS:grafana-selinux-0:10.2.6-18.el9_6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption"
}
]
}
RHSA-2026:3838
Vulnerability from csaf_redhat - Published: 2026-03-05 09:44 - Updated: 2026-05-07 07:30Summary
Red Hat Security Advisory: grafana security update
Severity
Important
Notes
Topic: An update for grafana is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB.
Security Fix(es):
* crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate (CVE-2025-61729)
* golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip (CVE-2025-61728)
* golang: net/url: Memory exhaustion in query parameter parsing in net/url (CVE-2025-61726)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.
7.5 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:3838
Workaround
Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.
A flaw was found in the archive/zip package in the Go standard library. A super-linear file name indexing algorithm is used in the first time a file in an archive is opened. A crafted zip archive containing a specific arrangement of file names can cause an excessive CPU and memory consumption. A Go application processing a malicious archive can become unresponsive or crash, resulting in a denial of service.
7.5 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:3838
Workaround
To mitigate this vulnerability, implement a timeout in your archive/zip processing logic to abort the operation if it exceeds a few seconds, preventing the application from consuming an excessive amount of resources.
A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.
7.5 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:3838
References
| URL | Category | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for grafana is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB \u0026 OpenTSDB. \n\nSecurity Fix(es):\n\n* crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate (CVE-2025-61729)\n\n* golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip (CVE-2025-61728)\n\n* golang: net/url: Memory exhaustion in query parameter parsing in net/url (CVE-2025-61726)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:3838",
"url": "https://access.redhat.com/errata/RHSA-2026:3838"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "2434431",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434431"
},
{
"category": "external",
"summary": "2434432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434432"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_3838.json"
}
],
"title": "Red Hat Security Advisory: grafana security update",
"tracking": {
"current_release_date": "2026-05-07T07:30:11+00:00",
"generator": {
"date": "2026-05-07T07:30:11+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.9"
}
},
"id": "RHSA-2026:3838",
"initial_release_date": "2026-03-05T09:44:33+00:00",
"revision_history": [
{
"date": "2026-03-05T09:44:33+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-03-05T09:44:33+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-07T07:30:11+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream E4S (v.8.8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream E4S (v.8.8)",
"product_id": "AppStream-8.8.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_e4s:8.8::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream TUS (v.8.8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream TUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.TUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_tus:8.8::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-0:7.5.15-9.el8_8.src",
"product": {
"name": "grafana-0:7.5.15-9.el8_8.src",
"product_id": "grafana-0:7.5.15-9.el8_8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana@7.5.15-9.el8_8?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-0:7.5.15-9.el8_8.ppc64le",
"product": {
"name": "grafana-0:7.5.15-9.el8_8.ppc64le",
"product_id": "grafana-0:7.5.15-9.el8_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana@7.5.15-9.el8_8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "grafana-debuginfo-0:7.5.15-9.el8_8.ppc64le",
"product": {
"name": "grafana-debuginfo-0:7.5.15-9.el8_8.ppc64le",
"product_id": "grafana-debuginfo-0:7.5.15-9.el8_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-debuginfo@7.5.15-9.el8_8?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-0:7.5.15-9.el8_8.x86_64",
"product": {
"name": "grafana-0:7.5.15-9.el8_8.x86_64",
"product_id": "grafana-0:7.5.15-9.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana@7.5.15-9.el8_8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "grafana-debuginfo-0:7.5.15-9.el8_8.x86_64",
"product": {
"name": "grafana-debuginfo-0:7.5.15-9.el8_8.x86_64",
"product_id": "grafana-debuginfo-0:7.5.15-9.el8_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-debuginfo@7.5.15-9.el8_8?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-0:7.5.15-9.el8_8.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.8.8)",
"product_id": "AppStream-8.8.0.Z.E4S:grafana-0:7.5.15-9.el8_8.ppc64le"
},
"product_reference": "grafana-0:7.5.15-9.el8_8.ppc64le",
"relates_to_product_reference": "AppStream-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-0:7.5.15-9.el8_8.src as a component of Red Hat Enterprise Linux AppStream E4S (v.8.8)",
"product_id": "AppStream-8.8.0.Z.E4S:grafana-0:7.5.15-9.el8_8.src"
},
"product_reference": "grafana-0:7.5.15-9.el8_8.src",
"relates_to_product_reference": "AppStream-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-0:7.5.15-9.el8_8.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.8)",
"product_id": "AppStream-8.8.0.Z.E4S:grafana-0:7.5.15-9.el8_8.x86_64"
},
"product_reference": "grafana-0:7.5.15-9.el8_8.x86_64",
"relates_to_product_reference": "AppStream-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-debuginfo-0:7.5.15-9.el8_8.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.8.8)",
"product_id": "AppStream-8.8.0.Z.E4S:grafana-debuginfo-0:7.5.15-9.el8_8.ppc64le"
},
"product_reference": "grafana-debuginfo-0:7.5.15-9.el8_8.ppc64le",
"relates_to_product_reference": "AppStream-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-debuginfo-0:7.5.15-9.el8_8.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.8)",
"product_id": "AppStream-8.8.0.Z.E4S:grafana-debuginfo-0:7.5.15-9.el8_8.x86_64"
},
"product_reference": "grafana-debuginfo-0:7.5.15-9.el8_8.x86_64",
"relates_to_product_reference": "AppStream-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-0:7.5.15-9.el8_8.src as a component of Red Hat Enterprise Linux AppStream TUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.TUS:grafana-0:7.5.15-9.el8_8.src"
},
"product_reference": "grafana-0:7.5.15-9.el8_8.src",
"relates_to_product_reference": "AppStream-8.8.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-0:7.5.15-9.el8_8.x86_64 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.TUS:grafana-0:7.5.15-9.el8_8.x86_64"
},
"product_reference": "grafana-0:7.5.15-9.el8_8.x86_64",
"relates_to_product_reference": "AppStream-8.8.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-debuginfo-0:7.5.15-9.el8_8.x86_64 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.TUS:grafana-debuginfo-0:7.5.15-9.el8_8.x86_64"
},
"product_reference": "grafana-debuginfo-0:7.5.15-9.el8_8.x86_64",
"relates_to_product_reference": "AppStream-8.8.0.Z.TUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-61726",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-28T20:01:42.791305+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2434432"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/url: Memory exhaustion in query parameter parsing in net/url",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker must be able to send a specially crafted HTTP request to an application parsing URL-encoded forms with net/url, specifically a request containing a large number of unique query parameters. The request will cause the application to consume an excessive amount of memory and eventually result in a denial of service, with no impact to confidentiality or integrity. Due to this reason, this vulnerability has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.8.0.Z.E4S:grafana-0:7.5.15-9.el8_8.ppc64le",
"AppStream-8.8.0.Z.E4S:grafana-0:7.5.15-9.el8_8.src",
"AppStream-8.8.0.Z.E4S:grafana-0:7.5.15-9.el8_8.x86_64",
"AppStream-8.8.0.Z.E4S:grafana-debuginfo-0:7.5.15-9.el8_8.ppc64le",
"AppStream-8.8.0.Z.E4S:grafana-debuginfo-0:7.5.15-9.el8_8.x86_64",
"AppStream-8.8.0.Z.TUS:grafana-0:7.5.15-9.el8_8.src",
"AppStream-8.8.0.Z.TUS:grafana-0:7.5.15-9.el8_8.x86_64",
"AppStream-8.8.0.Z.TUS:grafana-debuginfo-0:7.5.15-9.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61726"
},
{
"category": "external",
"summary": "RHBZ#2434432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434432"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61726"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"category": "external",
"summary": "https://go.dev/cl/736712",
"url": "https://go.dev/cl/736712"
},
{
"category": "external",
"summary": "https://go.dev/issue/77101",
"url": "https://go.dev/issue/77101"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
"url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4341",
"url": "https://pkg.go.dev/vuln/GO-2026-4341"
}
],
"release_date": "2026-01-28T19:30:31.215000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-05T09:44:33+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.8.0.Z.E4S:grafana-0:7.5.15-9.el8_8.ppc64le",
"AppStream-8.8.0.Z.E4S:grafana-0:7.5.15-9.el8_8.src",
"AppStream-8.8.0.Z.E4S:grafana-0:7.5.15-9.el8_8.x86_64",
"AppStream-8.8.0.Z.E4S:grafana-debuginfo-0:7.5.15-9.el8_8.ppc64le",
"AppStream-8.8.0.Z.E4S:grafana-debuginfo-0:7.5.15-9.el8_8.x86_64",
"AppStream-8.8.0.Z.TUS:grafana-0:7.5.15-9.el8_8.src",
"AppStream-8.8.0.Z.TUS:grafana-0:7.5.15-9.el8_8.x86_64",
"AppStream-8.8.0.Z.TUS:grafana-debuginfo-0:7.5.15-9.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3838"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"AppStream-8.8.0.Z.E4S:grafana-0:7.5.15-9.el8_8.ppc64le",
"AppStream-8.8.0.Z.E4S:grafana-0:7.5.15-9.el8_8.src",
"AppStream-8.8.0.Z.E4S:grafana-0:7.5.15-9.el8_8.x86_64",
"AppStream-8.8.0.Z.E4S:grafana-debuginfo-0:7.5.15-9.el8_8.ppc64le",
"AppStream-8.8.0.Z.E4S:grafana-debuginfo-0:7.5.15-9.el8_8.x86_64",
"AppStream-8.8.0.Z.TUS:grafana-0:7.5.15-9.el8_8.src",
"AppStream-8.8.0.Z.TUS:grafana-0:7.5.15-9.el8_8.x86_64",
"AppStream-8.8.0.Z.TUS:grafana-debuginfo-0:7.5.15-9.el8_8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.8.0.Z.E4S:grafana-0:7.5.15-9.el8_8.ppc64le",
"AppStream-8.8.0.Z.E4S:grafana-0:7.5.15-9.el8_8.src",
"AppStream-8.8.0.Z.E4S:grafana-0:7.5.15-9.el8_8.x86_64",
"AppStream-8.8.0.Z.E4S:grafana-debuginfo-0:7.5.15-9.el8_8.ppc64le",
"AppStream-8.8.0.Z.E4S:grafana-debuginfo-0:7.5.15-9.el8_8.x86_64",
"AppStream-8.8.0.Z.TUS:grafana-0:7.5.15-9.el8_8.src",
"AppStream-8.8.0.Z.TUS:grafana-0:7.5.15-9.el8_8.x86_64",
"AppStream-8.8.0.Z.TUS:grafana-debuginfo-0:7.5.15-9.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/url: Memory exhaustion in query parameter parsing in net/url"
},
{
"cve": "CVE-2025-61728",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-28T20:01:39.965024+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2434431"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the archive/zip package in the Go standard library. A super-linear file name indexing algorithm is used in the first time a file in an archive is opened. A crafted zip archive containing a specific arrangement of file names can cause an excessive CPU and memory consumption. A Go application processing a malicious archive can become unresponsive or crash, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker needs to be able to process a malicious zip archive with an application using the archive/zip package. Additionally, this vulnerability can cause a Go application to consume an excessive amount of CPU and memory, eventually resulting in a denial of service with no other security impact. Due to these reasons, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.8.0.Z.E4S:grafana-0:7.5.15-9.el8_8.ppc64le",
"AppStream-8.8.0.Z.E4S:grafana-0:7.5.15-9.el8_8.src",
"AppStream-8.8.0.Z.E4S:grafana-0:7.5.15-9.el8_8.x86_64",
"AppStream-8.8.0.Z.E4S:grafana-debuginfo-0:7.5.15-9.el8_8.ppc64le",
"AppStream-8.8.0.Z.E4S:grafana-debuginfo-0:7.5.15-9.el8_8.x86_64",
"AppStream-8.8.0.Z.TUS:grafana-0:7.5.15-9.el8_8.src",
"AppStream-8.8.0.Z.TUS:grafana-0:7.5.15-9.el8_8.x86_64",
"AppStream-8.8.0.Z.TUS:grafana-debuginfo-0:7.5.15-9.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61728"
},
{
"category": "external",
"summary": "RHBZ#2434431",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434431"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61728"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728"
},
{
"category": "external",
"summary": "https://go.dev/cl/736713",
"url": "https://go.dev/cl/736713"
},
{
"category": "external",
"summary": "https://go.dev/issue/77102",
"url": "https://go.dev/issue/77102"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
"url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4342",
"url": "https://pkg.go.dev/vuln/GO-2026-4342"
}
],
"release_date": "2026-01-28T19:30:31.354000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-05T09:44:33+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.8.0.Z.E4S:grafana-0:7.5.15-9.el8_8.ppc64le",
"AppStream-8.8.0.Z.E4S:grafana-0:7.5.15-9.el8_8.src",
"AppStream-8.8.0.Z.E4S:grafana-0:7.5.15-9.el8_8.x86_64",
"AppStream-8.8.0.Z.E4S:grafana-debuginfo-0:7.5.15-9.el8_8.ppc64le",
"AppStream-8.8.0.Z.E4S:grafana-debuginfo-0:7.5.15-9.el8_8.x86_64",
"AppStream-8.8.0.Z.TUS:grafana-0:7.5.15-9.el8_8.src",
"AppStream-8.8.0.Z.TUS:grafana-0:7.5.15-9.el8_8.x86_64",
"AppStream-8.8.0.Z.TUS:grafana-debuginfo-0:7.5.15-9.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3838"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, implement a timeout in your archive/zip processing logic to abort the operation if it exceeds a few seconds, preventing the application from consuming an excessive amount of resources.",
"product_ids": [
"AppStream-8.8.0.Z.E4S:grafana-0:7.5.15-9.el8_8.ppc64le",
"AppStream-8.8.0.Z.E4S:grafana-0:7.5.15-9.el8_8.src",
"AppStream-8.8.0.Z.E4S:grafana-0:7.5.15-9.el8_8.x86_64",
"AppStream-8.8.0.Z.E4S:grafana-debuginfo-0:7.5.15-9.el8_8.ppc64le",
"AppStream-8.8.0.Z.E4S:grafana-debuginfo-0:7.5.15-9.el8_8.x86_64",
"AppStream-8.8.0.Z.TUS:grafana-0:7.5.15-9.el8_8.src",
"AppStream-8.8.0.Z.TUS:grafana-0:7.5.15-9.el8_8.x86_64",
"AppStream-8.8.0.Z.TUS:grafana-debuginfo-0:7.5.15-9.el8_8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.8.0.Z.E4S:grafana-0:7.5.15-9.el8_8.ppc64le",
"AppStream-8.8.0.Z.E4S:grafana-0:7.5.15-9.el8_8.src",
"AppStream-8.8.0.Z.E4S:grafana-0:7.5.15-9.el8_8.x86_64",
"AppStream-8.8.0.Z.E4S:grafana-debuginfo-0:7.5.15-9.el8_8.ppc64le",
"AppStream-8.8.0.Z.E4S:grafana-debuginfo-0:7.5.15-9.el8_8.x86_64",
"AppStream-8.8.0.Z.TUS:grafana-0:7.5.15-9.el8_8.src",
"AppStream-8.8.0.Z.TUS:grafana-0:7.5.15-9.el8_8.x86_64",
"AppStream-8.8.0.Z.TUS:grafana-debuginfo-0:7.5.15-9.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip"
},
{
"cve": "CVE-2025-61729",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2025-12-02T20:01:45.330964+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418462"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.8.0.Z.E4S:grafana-0:7.5.15-9.el8_8.ppc64le",
"AppStream-8.8.0.Z.E4S:grafana-0:7.5.15-9.el8_8.src",
"AppStream-8.8.0.Z.E4S:grafana-0:7.5.15-9.el8_8.x86_64",
"AppStream-8.8.0.Z.E4S:grafana-debuginfo-0:7.5.15-9.el8_8.ppc64le",
"AppStream-8.8.0.Z.E4S:grafana-debuginfo-0:7.5.15-9.el8_8.x86_64",
"AppStream-8.8.0.Z.TUS:grafana-0:7.5.15-9.el8_8.src",
"AppStream-8.8.0.Z.TUS:grafana-0:7.5.15-9.el8_8.x86_64",
"AppStream-8.8.0.Z.TUS:grafana-debuginfo-0:7.5.15-9.el8_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "RHBZ#2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://go.dev/cl/725920",
"url": "https://go.dev/cl/725920"
},
{
"category": "external",
"summary": "https://go.dev/issue/76445",
"url": "https://go.dev/issue/76445"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4",
"url": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4155",
"url": "https://pkg.go.dev/vuln/GO-2025-4155"
}
],
"release_date": "2025-12-02T18:54:10.166000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-05T09:44:33+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.8.0.Z.E4S:grafana-0:7.5.15-9.el8_8.ppc64le",
"AppStream-8.8.0.Z.E4S:grafana-0:7.5.15-9.el8_8.src",
"AppStream-8.8.0.Z.E4S:grafana-0:7.5.15-9.el8_8.x86_64",
"AppStream-8.8.0.Z.E4S:grafana-debuginfo-0:7.5.15-9.el8_8.ppc64le",
"AppStream-8.8.0.Z.E4S:grafana-debuginfo-0:7.5.15-9.el8_8.x86_64",
"AppStream-8.8.0.Z.TUS:grafana-0:7.5.15-9.el8_8.src",
"AppStream-8.8.0.Z.TUS:grafana-0:7.5.15-9.el8_8.x86_64",
"AppStream-8.8.0.Z.TUS:grafana-debuginfo-0:7.5.15-9.el8_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3838"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.8.0.Z.E4S:grafana-0:7.5.15-9.el8_8.ppc64le",
"AppStream-8.8.0.Z.E4S:grafana-0:7.5.15-9.el8_8.src",
"AppStream-8.8.0.Z.E4S:grafana-0:7.5.15-9.el8_8.x86_64",
"AppStream-8.8.0.Z.E4S:grafana-debuginfo-0:7.5.15-9.el8_8.ppc64le",
"AppStream-8.8.0.Z.E4S:grafana-debuginfo-0:7.5.15-9.el8_8.x86_64",
"AppStream-8.8.0.Z.TUS:grafana-0:7.5.15-9.el8_8.src",
"AppStream-8.8.0.Z.TUS:grafana-0:7.5.15-9.el8_8.x86_64",
"AppStream-8.8.0.Z.TUS:grafana-debuginfo-0:7.5.15-9.el8_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate"
}
]
}
RHSA-2026:3970
Vulnerability from csaf_redhat - Published: 2026-03-09 01:29 - Updated: 2026-05-07 08:12Summary
Red Hat Security Advisory: rhc-worker-playbook security update
Severity
Important
Notes
Topic: An update for rhc-worker-playbook is now available for Red Hat Enterprise Linux 10.0 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: A worker for yggdrasil that receives Ansible playbooks and executes them against the local host.
Security Fix(es):
* crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate (CVE-2025-61729)
* golang: net/url: Memory exhaustion in query parameter parsing in net/url (CVE-2025-61726)
* crypto/tls: Unexpected session resumption in crypto/tls (CVE-2025-68121)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.
7.5 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:3970
Workaround
Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.
A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.
7.5 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:3970
A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security (TLS) session resumption when certificate authority (CA) settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing a client or server to establish a connection that should have been rejected. This could lead to an authentication bypass under specific conditions.
7.4 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2026:3970
References
| URL | Category | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for rhc-worker-playbook is now available for Red Hat Enterprise Linux 10.0 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "A worker for yggdrasil that receives Ansible playbooks and executes them against the local host.\n\nSecurity Fix(es):\n\n* crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate (CVE-2025-61729)\n\n* golang: net/url: Memory exhaustion in query parameter parsing in net/url (CVE-2025-61726)\n\n* crypto/tls: Unexpected session resumption in crypto/tls (CVE-2025-68121)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:3970",
"url": "https://access.redhat.com/errata/RHSA-2026:3970"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "2434432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434432"
},
{
"category": "external",
"summary": "2437111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437111"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_3970.json"
}
],
"title": "Red Hat Security Advisory: rhc-worker-playbook security update",
"tracking": {
"current_release_date": "2026-05-07T08:12:57+00:00",
"generator": {
"date": "2026-05-07T08:12:57+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.9"
}
},
"id": "RHSA-2026:3970",
"initial_release_date": "2026-03-09T01:29:32+00:00",
"revision_history": [
{
"date": "2026-03-09T01:29:32+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-03-09T01:29:32+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-07T08:12:57+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product": {
"name": "Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux_eus:10.0"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "rhc-worker-playbook-0:0.2.3-3.el10_0.src",
"product": {
"name": "rhc-worker-playbook-0:0.2.3-3.el10_0.src",
"product_id": "rhc-worker-playbook-0:0.2.3-3.el10_0.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhc-worker-playbook@0.2.3-3.el10_0?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "rhc-worker-playbook-0:0.2.3-3.el10_0.aarch64",
"product": {
"name": "rhc-worker-playbook-0:0.2.3-3.el10_0.aarch64",
"product_id": "rhc-worker-playbook-0:0.2.3-3.el10_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhc-worker-playbook@0.2.3-3.el10_0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "rhc-worker-playbook-debugsource-0:0.2.3-3.el10_0.aarch64",
"product": {
"name": "rhc-worker-playbook-debugsource-0:0.2.3-3.el10_0.aarch64",
"product_id": "rhc-worker-playbook-debugsource-0:0.2.3-3.el10_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhc-worker-playbook-debugsource@0.2.3-3.el10_0?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "rhc-worker-playbook-debuginfo-0:0.2.3-3.el10_0.aarch64",
"product": {
"name": "rhc-worker-playbook-debuginfo-0:0.2.3-3.el10_0.aarch64",
"product_id": "rhc-worker-playbook-debuginfo-0:0.2.3-3.el10_0.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhc-worker-playbook-debuginfo@0.2.3-3.el10_0?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "rhc-worker-playbook-0:0.2.3-3.el10_0.ppc64le",
"product": {
"name": "rhc-worker-playbook-0:0.2.3-3.el10_0.ppc64le",
"product_id": "rhc-worker-playbook-0:0.2.3-3.el10_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhc-worker-playbook@0.2.3-3.el10_0?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "rhc-worker-playbook-debugsource-0:0.2.3-3.el10_0.ppc64le",
"product": {
"name": "rhc-worker-playbook-debugsource-0:0.2.3-3.el10_0.ppc64le",
"product_id": "rhc-worker-playbook-debugsource-0:0.2.3-3.el10_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhc-worker-playbook-debugsource@0.2.3-3.el10_0?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "rhc-worker-playbook-debuginfo-0:0.2.3-3.el10_0.ppc64le",
"product": {
"name": "rhc-worker-playbook-debuginfo-0:0.2.3-3.el10_0.ppc64le",
"product_id": "rhc-worker-playbook-debuginfo-0:0.2.3-3.el10_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhc-worker-playbook-debuginfo@0.2.3-3.el10_0?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "rhc-worker-playbook-0:0.2.3-3.el10_0.s390x",
"product": {
"name": "rhc-worker-playbook-0:0.2.3-3.el10_0.s390x",
"product_id": "rhc-worker-playbook-0:0.2.3-3.el10_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhc-worker-playbook@0.2.3-3.el10_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "rhc-worker-playbook-debugsource-0:0.2.3-3.el10_0.s390x",
"product": {
"name": "rhc-worker-playbook-debugsource-0:0.2.3-3.el10_0.s390x",
"product_id": "rhc-worker-playbook-debugsource-0:0.2.3-3.el10_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhc-worker-playbook-debugsource@0.2.3-3.el10_0?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "rhc-worker-playbook-debuginfo-0:0.2.3-3.el10_0.s390x",
"product": {
"name": "rhc-worker-playbook-debuginfo-0:0.2.3-3.el10_0.s390x",
"product_id": "rhc-worker-playbook-debuginfo-0:0.2.3-3.el10_0.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhc-worker-playbook-debuginfo@0.2.3-3.el10_0?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "rhc-worker-playbook-0:0.2.3-3.el10_0.x86_64",
"product": {
"name": "rhc-worker-playbook-0:0.2.3-3.el10_0.x86_64",
"product_id": "rhc-worker-playbook-0:0.2.3-3.el10_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhc-worker-playbook@0.2.3-3.el10_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rhc-worker-playbook-debugsource-0:0.2.3-3.el10_0.x86_64",
"product": {
"name": "rhc-worker-playbook-debugsource-0:0.2.3-3.el10_0.x86_64",
"product_id": "rhc-worker-playbook-debugsource-0:0.2.3-3.el10_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhc-worker-playbook-debugsource@0.2.3-3.el10_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "rhc-worker-playbook-debuginfo-0:0.2.3-3.el10_0.x86_64",
"product": {
"name": "rhc-worker-playbook-debuginfo-0:0.2.3-3.el10_0.x86_64",
"product_id": "rhc-worker-playbook-debuginfo-0:0.2.3-3.el10_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhc-worker-playbook-debuginfo@0.2.3-3.el10_0?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rhc-worker-playbook-0:0.2.3-3.el10_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:rhc-worker-playbook-0:0.2.3-3.el10_0.aarch64"
},
"product_reference": "rhc-worker-playbook-0:0.2.3-3.el10_0.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhc-worker-playbook-0:0.2.3-3.el10_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:rhc-worker-playbook-0:0.2.3-3.el10_0.ppc64le"
},
"product_reference": "rhc-worker-playbook-0:0.2.3-3.el10_0.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhc-worker-playbook-0:0.2.3-3.el10_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:rhc-worker-playbook-0:0.2.3-3.el10_0.s390x"
},
"product_reference": "rhc-worker-playbook-0:0.2.3-3.el10_0.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhc-worker-playbook-0:0.2.3-3.el10_0.src as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:rhc-worker-playbook-0:0.2.3-3.el10_0.src"
},
"product_reference": "rhc-worker-playbook-0:0.2.3-3.el10_0.src",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhc-worker-playbook-0:0.2.3-3.el10_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:rhc-worker-playbook-0:0.2.3-3.el10_0.x86_64"
},
"product_reference": "rhc-worker-playbook-0:0.2.3-3.el10_0.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhc-worker-playbook-debuginfo-0:0.2.3-3.el10_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:rhc-worker-playbook-debuginfo-0:0.2.3-3.el10_0.aarch64"
},
"product_reference": "rhc-worker-playbook-debuginfo-0:0.2.3-3.el10_0.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhc-worker-playbook-debuginfo-0:0.2.3-3.el10_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:rhc-worker-playbook-debuginfo-0:0.2.3-3.el10_0.ppc64le"
},
"product_reference": "rhc-worker-playbook-debuginfo-0:0.2.3-3.el10_0.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhc-worker-playbook-debuginfo-0:0.2.3-3.el10_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:rhc-worker-playbook-debuginfo-0:0.2.3-3.el10_0.s390x"
},
"product_reference": "rhc-worker-playbook-debuginfo-0:0.2.3-3.el10_0.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhc-worker-playbook-debuginfo-0:0.2.3-3.el10_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:rhc-worker-playbook-debuginfo-0:0.2.3-3.el10_0.x86_64"
},
"product_reference": "rhc-worker-playbook-debuginfo-0:0.2.3-3.el10_0.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhc-worker-playbook-debugsource-0:0.2.3-3.el10_0.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:rhc-worker-playbook-debugsource-0:0.2.3-3.el10_0.aarch64"
},
"product_reference": "rhc-worker-playbook-debugsource-0:0.2.3-3.el10_0.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhc-worker-playbook-debugsource-0:0.2.3-3.el10_0.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:rhc-worker-playbook-debugsource-0:0.2.3-3.el10_0.ppc64le"
},
"product_reference": "rhc-worker-playbook-debugsource-0:0.2.3-3.el10_0.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhc-worker-playbook-debugsource-0:0.2.3-3.el10_0.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:rhc-worker-playbook-debugsource-0:0.2.3-3.el10_0.s390x"
},
"product_reference": "rhc-worker-playbook-debugsource-0:0.2.3-3.el10_0.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhc-worker-playbook-debugsource-0:0.2.3-3.el10_0.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:rhc-worker-playbook-debugsource-0:0.2.3-3.el10_0.x86_64"
},
"product_reference": "rhc-worker-playbook-debugsource-0:0.2.3-3.el10_0.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-61726",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-28T20:01:42.791305+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2434432"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/url: Memory exhaustion in query parameter parsing in net/url",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker must be able to send a specially crafted HTTP request to an application parsing URL-encoded forms with net/url, specifically a request containing a large number of unique query parameters. The request will cause the application to consume an excessive amount of memory and eventually result in a denial of service, with no impact to confidentiality or integrity. Due to this reason, this vulnerability has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z.E2S:rhc-worker-playbook-0:0.2.3-3.el10_0.aarch64",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-0:0.2.3-3.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-0:0.2.3-3.el10_0.s390x",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-0:0.2.3-3.el10_0.src",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-0:0.2.3-3.el10_0.x86_64",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debuginfo-0:0.2.3-3.el10_0.aarch64",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debuginfo-0:0.2.3-3.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debuginfo-0:0.2.3-3.el10_0.s390x",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debuginfo-0:0.2.3-3.el10_0.x86_64",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debugsource-0:0.2.3-3.el10_0.aarch64",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debugsource-0:0.2.3-3.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debugsource-0:0.2.3-3.el10_0.s390x",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debugsource-0:0.2.3-3.el10_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61726"
},
{
"category": "external",
"summary": "RHBZ#2434432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434432"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61726"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"category": "external",
"summary": "https://go.dev/cl/736712",
"url": "https://go.dev/cl/736712"
},
{
"category": "external",
"summary": "https://go.dev/issue/77101",
"url": "https://go.dev/issue/77101"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
"url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4341",
"url": "https://pkg.go.dev/vuln/GO-2026-4341"
}
],
"release_date": "2026-01-28T19:30:31.215000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-09T01:29:32+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z.E2S:rhc-worker-playbook-0:0.2.3-3.el10_0.aarch64",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-0:0.2.3-3.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-0:0.2.3-3.el10_0.s390x",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-0:0.2.3-3.el10_0.src",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-0:0.2.3-3.el10_0.x86_64",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debuginfo-0:0.2.3-3.el10_0.aarch64",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debuginfo-0:0.2.3-3.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debuginfo-0:0.2.3-3.el10_0.s390x",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debuginfo-0:0.2.3-3.el10_0.x86_64",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debugsource-0:0.2.3-3.el10_0.aarch64",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debugsource-0:0.2.3-3.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debugsource-0:0.2.3-3.el10_0.s390x",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debugsource-0:0.2.3-3.el10_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3970"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"AppStream-10.0.Z.E2S:rhc-worker-playbook-0:0.2.3-3.el10_0.aarch64",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-0:0.2.3-3.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-0:0.2.3-3.el10_0.s390x",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-0:0.2.3-3.el10_0.src",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-0:0.2.3-3.el10_0.x86_64",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debuginfo-0:0.2.3-3.el10_0.aarch64",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debuginfo-0:0.2.3-3.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debuginfo-0:0.2.3-3.el10_0.s390x",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debuginfo-0:0.2.3-3.el10_0.x86_64",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debugsource-0:0.2.3-3.el10_0.aarch64",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debugsource-0:0.2.3-3.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debugsource-0:0.2.3-3.el10_0.s390x",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debugsource-0:0.2.3-3.el10_0.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z.E2S:rhc-worker-playbook-0:0.2.3-3.el10_0.aarch64",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-0:0.2.3-3.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-0:0.2.3-3.el10_0.s390x",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-0:0.2.3-3.el10_0.src",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-0:0.2.3-3.el10_0.x86_64",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debuginfo-0:0.2.3-3.el10_0.aarch64",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debuginfo-0:0.2.3-3.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debuginfo-0:0.2.3-3.el10_0.s390x",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debuginfo-0:0.2.3-3.el10_0.x86_64",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debugsource-0:0.2.3-3.el10_0.aarch64",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debugsource-0:0.2.3-3.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debugsource-0:0.2.3-3.el10_0.s390x",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debugsource-0:0.2.3-3.el10_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/url: Memory exhaustion in query parameter parsing in net/url"
},
{
"cve": "CVE-2025-61729",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2025-12-02T20:01:45.330964+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418462"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z.E2S:rhc-worker-playbook-0:0.2.3-3.el10_0.aarch64",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-0:0.2.3-3.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-0:0.2.3-3.el10_0.s390x",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-0:0.2.3-3.el10_0.src",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-0:0.2.3-3.el10_0.x86_64",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debuginfo-0:0.2.3-3.el10_0.aarch64",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debuginfo-0:0.2.3-3.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debuginfo-0:0.2.3-3.el10_0.s390x",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debuginfo-0:0.2.3-3.el10_0.x86_64",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debugsource-0:0.2.3-3.el10_0.aarch64",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debugsource-0:0.2.3-3.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debugsource-0:0.2.3-3.el10_0.s390x",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debugsource-0:0.2.3-3.el10_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "RHBZ#2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://go.dev/cl/725920",
"url": "https://go.dev/cl/725920"
},
{
"category": "external",
"summary": "https://go.dev/issue/76445",
"url": "https://go.dev/issue/76445"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4",
"url": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4155",
"url": "https://pkg.go.dev/vuln/GO-2025-4155"
}
],
"release_date": "2025-12-02T18:54:10.166000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-09T01:29:32+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z.E2S:rhc-worker-playbook-0:0.2.3-3.el10_0.aarch64",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-0:0.2.3-3.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-0:0.2.3-3.el10_0.s390x",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-0:0.2.3-3.el10_0.src",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-0:0.2.3-3.el10_0.x86_64",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debuginfo-0:0.2.3-3.el10_0.aarch64",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debuginfo-0:0.2.3-3.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debuginfo-0:0.2.3-3.el10_0.s390x",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debuginfo-0:0.2.3-3.el10_0.x86_64",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debugsource-0:0.2.3-3.el10_0.aarch64",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debugsource-0:0.2.3-3.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debugsource-0:0.2.3-3.el10_0.s390x",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debugsource-0:0.2.3-3.el10_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3970"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z.E2S:rhc-worker-playbook-0:0.2.3-3.el10_0.aarch64",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-0:0.2.3-3.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-0:0.2.3-3.el10_0.s390x",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-0:0.2.3-3.el10_0.src",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-0:0.2.3-3.el10_0.x86_64",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debuginfo-0:0.2.3-3.el10_0.aarch64",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debuginfo-0:0.2.3-3.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debuginfo-0:0.2.3-3.el10_0.s390x",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debuginfo-0:0.2.3-3.el10_0.x86_64",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debugsource-0:0.2.3-3.el10_0.aarch64",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debugsource-0:0.2.3-3.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debugsource-0:0.2.3-3.el10_0.s390x",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debugsource-0:0.2.3-3.el10_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate"
},
{
"cve": "CVE-2025-68121",
"discovery_date": "2026-02-05T18:01:30.086058+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2437111"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security (TLS) session resumption when certificate authority (CA) settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing a client or server to establish a connection that should have been rejected. This could lead to an authentication bypass under specific conditions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is a moderate flaw because it only occurs under specific conditions, such as TLS session resumption with runtime changes to certificate authority settings. Exploitation is not straightforward and requires a controlled setup. The impact is limited to certificate validation within the same component and does not affect system availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z.E2S:rhc-worker-playbook-0:0.2.3-3.el10_0.aarch64",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-0:0.2.3-3.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-0:0.2.3-3.el10_0.s390x",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-0:0.2.3-3.el10_0.src",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-0:0.2.3-3.el10_0.x86_64",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debuginfo-0:0.2.3-3.el10_0.aarch64",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debuginfo-0:0.2.3-3.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debuginfo-0:0.2.3-3.el10_0.s390x",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debuginfo-0:0.2.3-3.el10_0.x86_64",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debugsource-0:0.2.3-3.el10_0.aarch64",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debugsource-0:0.2.3-3.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debugsource-0:0.2.3-3.el10_0.s390x",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debugsource-0:0.2.3-3.el10_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68121"
},
{
"category": "external",
"summary": "RHBZ#2437111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437111"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68121"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"category": "external",
"summary": "https://go.dev/cl/737700",
"url": "https://go.dev/cl/737700"
},
{
"category": "external",
"summary": "https://go.dev/issue/77217",
"url": "https://go.dev/issue/77217"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk",
"url": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4337",
"url": "https://pkg.go.dev/vuln/GO-2026-4337"
}
],
"release_date": "2026-02-05T17:48:44.141000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-03-09T01:29:32+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z.E2S:rhc-worker-playbook-0:0.2.3-3.el10_0.aarch64",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-0:0.2.3-3.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-0:0.2.3-3.el10_0.s390x",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-0:0.2.3-3.el10_0.src",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-0:0.2.3-3.el10_0.x86_64",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debuginfo-0:0.2.3-3.el10_0.aarch64",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debuginfo-0:0.2.3-3.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debuginfo-0:0.2.3-3.el10_0.s390x",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debuginfo-0:0.2.3-3.el10_0.x86_64",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debugsource-0:0.2.3-3.el10_0.aarch64",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debugsource-0:0.2.3-3.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debugsource-0:0.2.3-3.el10_0.s390x",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debugsource-0:0.2.3-3.el10_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:3970"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z.E2S:rhc-worker-playbook-0:0.2.3-3.el10_0.aarch64",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-0:0.2.3-3.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-0:0.2.3-3.el10_0.s390x",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-0:0.2.3-3.el10_0.src",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-0:0.2.3-3.el10_0.x86_64",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debuginfo-0:0.2.3-3.el10_0.aarch64",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debuginfo-0:0.2.3-3.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debuginfo-0:0.2.3-3.el10_0.s390x",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debuginfo-0:0.2.3-3.el10_0.x86_64",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debugsource-0:0.2.3-3.el10_0.aarch64",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debugsource-0:0.2.3-3.el10_0.ppc64le",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debugsource-0:0.2.3-3.el10_0.s390x",
"AppStream-10.0.Z.E2S:rhc-worker-playbook-debugsource-0:0.2.3-3.el10_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption"
}
]
}
RHSA-2026:13542
Vulnerability from csaf_redhat - Published: 2026-05-04 16:50 - Updated: 2026-05-07 08:12Summary
Red Hat Security Advisory: multicluster engine for Kubernetes v2.10.2 security update
Severity
Important
Notes
Topic: The multicluster engine for Kubernetes 2.10 General Availability release images,
which add new features and enhancements, bug fixes, and updated container images.
Details: The multicluster engine for Kubernetes v2.10 images
The multicluster engine for Kubernetes provides the foundational components
that are necessary for the centralized management of multiple
Kubernetes-based clusters across data centers, public clouds, and private
clouds.
You can use the engine to create new Red Hat OpenShift Container Platform
clusters or to bring existing Kubernetes-based clusters under management by
importing them. After the clusters are managed, you can use the APIs that
are provided by the engine to distribute configuration based on placement
policy.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in Lodash. A prototype pollution vulnerability in the _.unset and _.omit functions allows an attacker able to control property paths to delete methods from global prototypes. By removing essential functionalities, this can result in a denial of service.
8.2 (High)
Vendor Fix
For multicluster engine for Kubernetes, see the following documentation for
details on how to install the images:
https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.15/html/clusters/cluster_mce_overview#mce-install-intro
https://access.redhat.com/errata/RHSA-2026:13542
Workaround
To mitigate this issue, implement strict input validation before passing any property paths to the _.unset and _.omit functions to block attempts to access the prototype chain. Ensure that strings like __proto__, constructor and prototype are blocked, for example.
A flaw was found in the archive/tar package in the Go standard library. tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A specially crafted tar archive with a pax header indicating a big number of sparse regions can cause a Go program to try to allocate a large amount of memory, causing an out-of-memory condition and resulting in a denial of service.
7.5 (High)
Vendor Fix
For multicluster engine for Kubernetes, see the following documentation for
details on how to install the images:
https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.15/html/clusters/cluster_mce_overview#mce-install-intro
https://access.redhat.com/errata/RHSA-2026:13542
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.
7.5 (High)
Vendor Fix
For multicluster engine for Kubernetes, see the following documentation for
details on how to install the images:
https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.15/html/clusters/cluster_mce_overview#mce-install-intro
https://access.redhat.com/errata/RHSA-2026:13542
Workaround
Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.
A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.
7.5 (High)
Vendor Fix
For multicluster engine for Kubernetes, see the following documentation for
details on how to install the images:
https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.15/html/clusters/cluster_mce_overview#mce-install-intro
https://access.redhat.com/errata/RHSA-2026:13542
A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security (TLS) session resumption when certificate authority (CA) settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing a client or server to establish a connection that should have been rejected. This could lead to an authentication bypass under specific conditions.
7.4 (High)
Vendor Fix
For multicluster engine for Kubernetes, see the following documentation for
details on how to install the images:
https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.15/html/clusters/cluster_mce_overview#mce-install-intro
https://access.redhat.com/errata/RHSA-2026:13542
A cross site scripting flaw has been discovered in the npm react-router and @remix-run/router packages. React Router (and Remix v1/v2) SPA open navigation redirects originating from loaders or actions in Framework Mode, Data Mode, or the unstable RSC modes can result in unsafe URLs causing unintended javascript execution on the client. This is only an issue if you are creating redirect paths from untrusted content or via an open redirect.
8.0 (High)
Vendor Fix
For multicluster engine for Kubernetes, see the following documentation for
details on how to install the images:
https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.15/html/clusters/cluster_mce_overview#mce-install-intro
https://access.redhat.com/errata/RHSA-2026:13542
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A denial of service flaw has been discovered in the Axios npm package. the mergeConfig function in axios crashes with a TypeError when processing configuration objects containing __proto__ as an own property. An attacker can trigger this by providing a malicious configuration object created via JSON.parse(), causing complete denial of service.
7.5 (High)
Vendor Fix
For multicluster engine for Kubernetes, see the following documentation for
details on how to install the images:
https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.15/html/clusters/cluster_mce_overview#mce-install-intro
https://access.redhat.com/errata/RHSA-2026:13542
Workaround
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
A flaw was found in Immutable.js, a library for persistent immutable data structures. This vulnerability, known as Prototype Pollution, allows an attacker with low privileges to inject unwanted properties into core JavaScript object prototypes without user interaction. By manipulating specific APIs such as mergeDeep(), mergeDeepWith(), merge(), Map.toJS(), and Map.toObject(), a remote attacker could potentially execute arbitrary code or cause a denial of service (DoS).
8.8 (High)
Vendor Fix
For multicluster engine for Kubernetes, see the following documentation for
details on how to install the images:
https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.15/html/clusters/cluster_mce_overview#mce-install-intro
https://access.redhat.com/errata/RHSA-2026:13542
A flaw was found in Axios, a promise-based HTTP client. This vulnerability, known as Prototype Pollution, can be exploited through a specific "Gadget" attack chain. This allows an attacker to escalate a Prototype Pollution vulnerability in a third-party dependency, potentially leading to remote code execution or a full cloud compromise, such as bypassing AWS IMDSv2.
9.0 (Critical)
Vendor Fix
For multicluster engine for Kubernetes, see the following documentation for
details on how to install the images:
https://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.15/html/clusters/cluster_mce_overview#mce-install-intro
https://access.redhat.com/errata/RHSA-2026:13542
References
| URL | Category | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "The multicluster engine for Kubernetes 2.10 General Availability release images,\nwhich add new features and enhancements, bug fixes, and updated container images.",
"title": "Topic"
},
{
"category": "general",
"text": "The multicluster engine for Kubernetes v2.10 images\n\nThe multicluster engine for Kubernetes provides the foundational components\nthat are necessary for the centralized management of multiple\nKubernetes-based clusters across data centers, public clouds, and private\nclouds.\n\nYou can use the engine to create new Red Hat OpenShift Container Platform\nclusters or to bring existing Kubernetes-based clusters under management by\nimporting them. After the clusters are managed, you can use the APIs that\nare provided by the engine to distribute configuration based on placement\npolicy.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:13542",
"url": "https://access.redhat.com/errata/RHSA-2026:13542"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-13465",
"url": "https://access.redhat.com/security/cve/CVE-2025-13465"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-58183",
"url": "https://access.redhat.com/security/cve/CVE-2025-58183"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61726",
"url": "https://access.redhat.com/security/cve/CVE-2025-61726"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61729",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-68121",
"url": "https://access.redhat.com/security/cve/CVE-2025-68121"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-22029",
"url": "https://access.redhat.com/security/cve/CVE-2026-22029"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-25639",
"url": "https://access.redhat.com/security/cve/CVE-2026-25639"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-29063",
"url": "https://access.redhat.com/security/cve/CVE-2026-29063"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-40175",
"url": "https://access.redhat.com/security/cve/CVE-2026-40175"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_13542.json"
}
],
"title": "Red Hat Security Advisory: multicluster engine for Kubernetes v2.10.2 security update",
"tracking": {
"current_release_date": "2026-05-07T08:12:40+00:00",
"generator": {
"date": "2026-05-07T08:12:40+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.9"
}
},
"id": "RHSA-2026:13542",
"initial_release_date": "2026-05-04T16:50:36+00:00",
"revision_history": [
{
"date": "2026-05-04T16:50:36+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-05-04T16:50:47+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-07T08:12:40+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "multicluster engine for Kubernetes 2.10",
"product": {
"name": "multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:multicluster_engine:2.10::el9"
}
}
}
],
"category": "product_family",
"name": "multicluster engine for Kubernetes"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:6010f1e00ada07c0100468bde8ab20c176610f9d8e7498fc26d46960d63c9984_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:6010f1e00ada07c0100468bde8ab20c176610f9d8e7498fc26d46960d63c9984_amd64",
"product_id": "registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:6010f1e00ada07c0100468bde8ab20c176610f9d8e7498fc26d46960d63c9984_amd64",
"product_identification_helper": {
"purl": "pkg:oci/addon-manager-rhel9@sha256%3A6010f1e00ada07c0100468bde8ab20c176610f9d8e7498fc26d46960d63c9984?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1776729146"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:d37298739aa029391da1e24a052d68fb4d42a654493f3f9c0cf5f84894b2a359_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:d37298739aa029391da1e24a052d68fb4d42a654493f3f9c0cf5f84894b2a359_amd64",
"product_id": "registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:d37298739aa029391da1e24a052d68fb4d42a654493f3f9c0cf5f84894b2a359_amd64",
"product_identification_helper": {
"purl": "pkg:oci/must-gather-rhel9@sha256%3Ad37298739aa029391da1e24a052d68fb4d42a654493f3f9c0cf5f84894b2a359?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1776449110"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:a464a9d46467012d73772656bd5eb81713bcc2d27b461e1083ba5c00548156a8_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:a464a9d46467012d73772656bd5eb81713bcc2d27b461e1083ba5c00548156a8_amd64",
"product_id": "registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:a464a9d46467012d73772656bd5eb81713bcc2d27b461e1083ba5c00548156a8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/backplane-rhel9-operator@sha256%3Aa464a9d46467012d73772656bd5eb81713bcc2d27b461e1083ba5c00548156a8?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777402015"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:5606d9e6154e3eb20a6c7b94346881ddedb155f54473f0713d67fe4fa0586ac3_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:5606d9e6154e3eb20a6c7b94346881ddedb155f54473f0713d67fe4fa0586ac3_amd64",
"product_id": "registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:5606d9e6154e3eb20a6c7b94346881ddedb155f54473f0713d67fe4fa0586ac3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-api-provider-agent-rhel9@sha256%3A5606d9e6154e3eb20a6c7b94346881ddedb155f54473f0713d67fe4fa0586ac3?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777032572"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:f6a4ce6ceab1271e0afab9e60f4ef27745c584341ba944fd10e0b4209c8e4650_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:f6a4ce6ceab1271e0afab9e60f4ef27745c584341ba944fd10e0b4209c8e4650_amd64",
"product_id": "registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:f6a4ce6ceab1271e0afab9e60f4ef27745c584341ba944fd10e0b4209c8e4650_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-api-provider-aws-rhel9@sha256%3Af6a4ce6ceab1271e0afab9e60f4ef27745c584341ba944fd10e0b4209c8e4650?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777296816"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:13ef7c6b65ffe6a1b434091830aa08fe539d9befd8e55f3177e486e59fdfc9b5_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:13ef7c6b65ffe6a1b434091830aa08fe539d9befd8e55f3177e486e59fdfc9b5_amd64",
"product_id": "registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:13ef7c6b65ffe6a1b434091830aa08fe539d9befd8e55f3177e486e59fdfc9b5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-api-provider-kubevirt-rhel9@sha256%3A13ef7c6b65ffe6a1b434091830aa08fe539d9befd8e55f3177e486e59fdfc9b5?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1776729188"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:2b20ddec4825b4224839823ce56183cd163491142b9d613f51f5e15859c0bf2f_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:2b20ddec4825b4224839823ce56183cd163491142b9d613f51f5e15859c0bf2f_amd64",
"product_id": "registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:2b20ddec4825b4224839823ce56183cd163491142b9d613f51f5e15859c0bf2f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/capoa-bootstrap-rhel9@sha256%3A2b20ddec4825b4224839823ce56183cd163491142b9d613f51f5e15859c0bf2f?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777375661"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:88c09914c96a5eeea856d8ec05f7c4d7afff9537990a3508073a98de2977e983_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:88c09914c96a5eeea856d8ec05f7c4d7afff9537990a3508073a98de2977e983_amd64",
"product_id": "registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:88c09914c96a5eeea856d8ec05f7c4d7afff9537990a3508073a98de2977e983_amd64",
"product_identification_helper": {
"purl": "pkg:oci/capoa-control-plane-rhel9@sha256%3A88c09914c96a5eeea856d8ec05f7c4d7afff9537990a3508073a98de2977e983?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777375678"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:30b9c14e2c64f979c5775c331b264223075f8aa29199c9bdbb2365480553a061_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:30b9c14e2c64f979c5775c331b264223075f8aa29199c9bdbb2365480553a061_amd64",
"product_id": "registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:30b9c14e2c64f979c5775c331b264223075f8aa29199c9bdbb2365480553a061_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mce-capi-webhook-config-rhel9@sha256%3A30b9c14e2c64f979c5775c331b264223075f8aa29199c9bdbb2365480553a061?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1776641944"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:bb4a9276e2362c620f8db391c796e04e5baedef7e677b58385283ade2cd3210e_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:bb4a9276e2362c620f8db391c796e04e5baedef7e677b58385283ade2cd3210e_amd64",
"product_id": "registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:bb4a9276e2362c620f8db391c796e04e5baedef7e677b58385283ade2cd3210e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-curator-controller-rhel9@sha256%3Abb4a9276e2362c620f8db391c796e04e5baedef7e677b58385283ade2cd3210e?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1776729146"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:19521b1b70014a01fa4c7eb5852bd621714246aaa05ea39664357b3ab8f5aae4_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:19521b1b70014a01fa4c7eb5852bd621714246aaa05ea39664357b3ab8f5aae4_amd64",
"product_id": "registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:19521b1b70014a01fa4c7eb5852bd621714246aaa05ea39664357b3ab8f5aae4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-image-set-controller-rhel9@sha256%3A19521b1b70014a01fa4c7eb5852bd621714246aaa05ea39664357b3ab8f5aae4?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777333078"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:486133a133b4eb1886bf64ca623ffedf08b1eb102fa9c129614bb9ac711afdad_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:486133a133b4eb1886bf64ca623ffedf08b1eb102fa9c129614bb9ac711afdad_amd64",
"product_id": "registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:486133a133b4eb1886bf64ca623ffedf08b1eb102fa9c129614bb9ac711afdad_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-proxy-addon-rhel9@sha256%3A486133a133b4eb1886bf64ca623ffedf08b1eb102fa9c129614bb9ac711afdad?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1776556092"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:e89b050a707bd7ce17b43a72bb9a39a3e587dbadb607b16c52848609b0d6ac13_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:e89b050a707bd7ce17b43a72bb9a39a3e587dbadb607b16c52848609b0d6ac13_amd64",
"product_id": "registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:e89b050a707bd7ce17b43a72bb9a39a3e587dbadb607b16c52848609b0d6ac13_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-proxy-rhel9@sha256%3Ae89b050a707bd7ce17b43a72bb9a39a3e587dbadb607b16c52848609b0d6ac13?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777136056"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:c531d7b27a6ab1f33e07badfd713ef3fb2c51be09e2a054654d88e634e74211b_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:c531d7b27a6ab1f33e07badfd713ef3fb2c51be09e2a054654d88e634e74211b_amd64",
"product_id": "registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:c531d7b27a6ab1f33e07badfd713ef3fb2c51be09e2a054654d88e634e74211b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/clusterclaims-controller-rhel9@sha256%3Ac531d7b27a6ab1f33e07badfd713ef3fb2c51be09e2a054654d88e634e74211b?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777128761"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:ceacd9e28ebf4e2b8be2915703fcb47739098a1ef0eb47cfd5165ab09ae5f11f_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:ceacd9e28ebf4e2b8be2915703fcb47739098a1ef0eb47cfd5165ab09ae5f11f_amd64",
"product_id": "registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:ceacd9e28ebf4e2b8be2915703fcb47739098a1ef0eb47cfd5165ab09ae5f11f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/clusterlifecycle-state-metrics-rhel9@sha256%3Aceacd9e28ebf4e2b8be2915703fcb47739098a1ef0eb47cfd5165ab09ae5f11f?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777419463"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:b683c66057d65b6ca4360a31811944b4083de6b6294cf09a1c841a4498cbfd0e_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:b683c66057d65b6ca4360a31811944b4083de6b6294cf09a1c841a4498cbfd0e_amd64",
"product_id": "registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:b683c66057d65b6ca4360a31811944b4083de6b6294cf09a1c841a4498cbfd0e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/console-mce-rhel9@sha256%3Ab683c66057d65b6ca4360a31811944b4083de6b6294cf09a1c841a4498cbfd0e?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777128790"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:98ef84a6f8d90cb09113e6a3431fa00c5910ab5ba9e8263e22f7c2fc39443c20_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:98ef84a6f8d90cb09113e6a3431fa00c5910ab5ba9e8263e22f7c2fc39443c20_amd64",
"product_id": "registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:98ef84a6f8d90cb09113e6a3431fa00c5910ab5ba9e8263e22f7c2fc39443c20_amd64",
"product_identification_helper": {
"purl": "pkg:oci/discovery-rhel9@sha256%3A98ef84a6f8d90cb09113e6a3431fa00c5910ab5ba9e8263e22f7c2fc39443c20?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1776457396"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/hive-rhel9@sha256:755cea404ea13004e6d142985f6c7607d3d87daec4db4861bd06b6cbbeb62047_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/hive-rhel9@sha256:755cea404ea13004e6d142985f6c7607d3d87daec4db4861bd06b6cbbeb62047_amd64",
"product_id": "registry.redhat.io/multicluster-engine/hive-rhel9@sha256:755cea404ea13004e6d142985f6c7607d3d87daec4db4861bd06b6cbbeb62047_amd64",
"product_identification_helper": {
"purl": "pkg:oci/hive-rhel9@sha256%3A755cea404ea13004e6d142985f6c7607d3d87daec4db4861bd06b6cbbeb62047?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777324421"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:49bc55113a9e69d0555440dab3b73c436fa9c7032f1d22e5cfdb592f5a78bd62_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:49bc55113a9e69d0555440dab3b73c436fa9c7032f1d22e5cfdb592f5a78bd62_amd64",
"product_id": "registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:49bc55113a9e69d0555440dab3b73c436fa9c7032f1d22e5cfdb592f5a78bd62_amd64",
"product_identification_helper": {
"purl": "pkg:oci/hypershift-addon-rhel9-operator@sha256%3A49bc55113a9e69d0555440dab3b73c436fa9c7032f1d22e5cfdb592f5a78bd62?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777246708"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:4a78df0a94677a0eefa21b58a9ce4e277f02ae73b62def3c67ff530a352e3f6c_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:4a78df0a94677a0eefa21b58a9ce4e277f02ae73b62def3c67ff530a352e3f6c_amd64",
"product_id": "registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:4a78df0a94677a0eefa21b58a9ce4e277f02ae73b62def3c67ff530a352e3f6c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/hypershift-cli-rhel9@sha256%3A4a78df0a94677a0eefa21b58a9ce4e277f02ae73b62def3c67ff530a352e3f6c?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1776426991"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:3f0158b470e1cd9a76d28d7d3840e722548900b045e23bdd110c0eefae987249_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:3f0158b470e1cd9a76d28d7d3840e722548900b045e23bdd110c0eefae987249_amd64",
"product_id": "registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:3f0158b470e1cd9a76d28d7d3840e722548900b045e23bdd110c0eefae987249_amd64",
"product_identification_helper": {
"purl": "pkg:oci/hypershift-rhel9-operator@sha256%3A3f0158b470e1cd9a76d28d7d3840e722548900b045e23bdd110c0eefae987249?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777132402"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:a50ba0fa8810e141d7e0fa31e6f5387c9335ed8fc83f95c4293be0212f15e658_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:a50ba0fa8810e141d7e0fa31e6f5387c9335ed8fc83f95c4293be0212f15e658_amd64",
"product_id": "registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:a50ba0fa8810e141d7e0fa31e6f5387c9335ed8fc83f95c4293be0212f15e658_amd64",
"product_identification_helper": {
"purl": "pkg:oci/image-based-install-rhel9@sha256%3Aa50ba0fa8810e141d7e0fa31e6f5387c9335ed8fc83f95c4293be0212f15e658?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777188145"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:9e9170e5f4303bb0d664e875656971a359f42100ffcad76cf895db0bee84cb19_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:9e9170e5f4303bb0d664e875656971a359f42100ffcad76cf895db0bee84cb19_amd64",
"product_id": "registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:9e9170e5f4303bb0d664e875656971a359f42100ffcad76cf895db0bee84cb19_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kube-rbac-proxy-mce-rhel9@sha256%3A9e9170e5f4303bb0d664e875656971a359f42100ffcad76cf895db0bee84cb19?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777374758"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:a16813a750131e825a9cae498bbcfd6b377f6762e08e8743ef06f4eb06a7297c_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:a16813a750131e825a9cae498bbcfd6b377f6762e08e8743ef06f4eb06a7297c_amd64",
"product_id": "registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:a16813a750131e825a9cae498bbcfd6b377f6762e08e8743ef06f4eb06a7297c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/managed-serviceaccount-rhel9@sha256%3Aa16813a750131e825a9cae498bbcfd6b377f6762e08e8743ef06f4eb06a7297c?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1776824328"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b388e4e313a3e2b766a443b14a7c932ae6aa0b2aa1e39c450c34ec3cb540074d_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b388e4e313a3e2b766a443b14a7c932ae6aa0b2aa1e39c450c34ec3cb540074d_amd64",
"product_id": "registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b388e4e313a3e2b766a443b14a7c932ae6aa0b2aa1e39c450c34ec3cb540074d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/managedcluster-import-controller-rhel9@sha256%3Ab388e4e313a3e2b766a443b14a7c932ae6aa0b2aa1e39c450c34ec3cb540074d?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777246644"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:fa649457709bd0d8098b928dc8ff1813169c7abc82af9c4f81e270ef77e83c63_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:fa649457709bd0d8098b928dc8ff1813169c7abc82af9c4f81e270ef77e83c63_amd64",
"product_id": "registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:fa649457709bd0d8098b928dc8ff1813169c7abc82af9c4f81e270ef77e83c63_amd64",
"product_identification_helper": {
"purl": "pkg:oci/multicloud-manager-rhel9@sha256%3Afa649457709bd0d8098b928dc8ff1813169c7abc82af9c4f81e270ef77e83c63?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777073849"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/placement-rhel9@sha256:b2e406bf1cdc672d655c6805851b6f511a293f3d44c844663a3bab720c3ceff1_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/placement-rhel9@sha256:b2e406bf1cdc672d655c6805851b6f511a293f3d44c844663a3bab720c3ceff1_amd64",
"product_id": "registry.redhat.io/multicluster-engine/placement-rhel9@sha256:b2e406bf1cdc672d655c6805851b6f511a293f3d44c844663a3bab720c3ceff1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/placement-rhel9@sha256%3Ab2e406bf1cdc672d655c6805851b6f511a293f3d44c844663a3bab720c3ceff1?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1776737959"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:759c3b2c67e24f134f48628adb4c81bb82a060f57821ece082ba043831f6e730_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:759c3b2c67e24f134f48628adb4c81bb82a060f57821ece082ba043831f6e730_amd64",
"product_id": "registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:759c3b2c67e24f134f48628adb4c81bb82a060f57821ece082ba043831f6e730_amd64",
"product_identification_helper": {
"purl": "pkg:oci/provider-credential-controller-rhel9@sha256%3A759c3b2c67e24f134f48628adb4c81bb82a060f57821ece082ba043831f6e730?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1776901027"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/registration-rhel9@sha256:7d701a3e0495b98428f1cb072dd1fd655963fa4b4537198d26cd62e3c38fff63_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/registration-rhel9@sha256:7d701a3e0495b98428f1cb072dd1fd655963fa4b4537198d26cd62e3c38fff63_amd64",
"product_id": "registry.redhat.io/multicluster-engine/registration-rhel9@sha256:7d701a3e0495b98428f1cb072dd1fd655963fa4b4537198d26cd62e3c38fff63_amd64",
"product_identification_helper": {
"purl": "pkg:oci/registration-rhel9@sha256%3A7d701a3e0495b98428f1cb072dd1fd655963fa4b4537198d26cd62e3c38fff63?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1776881164"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:db050305b80c665ecbd3c205b0acd660487874bfba688bd715e26fb151fd2189_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:db050305b80c665ecbd3c205b0acd660487874bfba688bd715e26fb151fd2189_amd64",
"product_id": "registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:db050305b80c665ecbd3c205b0acd660487874bfba688bd715e26fb151fd2189_amd64",
"product_identification_helper": {
"purl": "pkg:oci/registration-operator-rhel9@sha256%3Adb050305b80c665ecbd3c205b0acd660487874bfba688bd715e26fb151fd2189?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1776881170"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/work-rhel9@sha256:76e2cca6983c688231e90f11868900ae32fb495032ffdf1a27eaceb34e24d51c_amd64",
"product": {
"name": "registry.redhat.io/multicluster-engine/work-rhel9@sha256:76e2cca6983c688231e90f11868900ae32fb495032ffdf1a27eaceb34e24d51c_amd64",
"product_id": "registry.redhat.io/multicluster-engine/work-rhel9@sha256:76e2cca6983c688231e90f11868900ae32fb495032ffdf1a27eaceb34e24d51c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/work-rhel9@sha256%3A76e2cca6983c688231e90f11868900ae32fb495032ffdf1a27eaceb34e24d51c?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777140415"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:9530059a49869e8f1909a7ab06036c7fd36018a14ae2e6f22c5c0c1868eaaf49_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:9530059a49869e8f1909a7ab06036c7fd36018a14ae2e6f22c5c0c1868eaaf49_arm64",
"product_id": "registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:9530059a49869e8f1909a7ab06036c7fd36018a14ae2e6f22c5c0c1868eaaf49_arm64",
"product_identification_helper": {
"purl": "pkg:oci/addon-manager-rhel9@sha256%3A9530059a49869e8f1909a7ab06036c7fd36018a14ae2e6f22c5c0c1868eaaf49?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1776729146"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:0fb43c8bc323fb5066209cbd990c260096c331a5eca5a695c9715765cb5fcaef_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:0fb43c8bc323fb5066209cbd990c260096c331a5eca5a695c9715765cb5fcaef_arm64",
"product_id": "registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:0fb43c8bc323fb5066209cbd990c260096c331a5eca5a695c9715765cb5fcaef_arm64",
"product_identification_helper": {
"purl": "pkg:oci/must-gather-rhel9@sha256%3A0fb43c8bc323fb5066209cbd990c260096c331a5eca5a695c9715765cb5fcaef?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1776449110"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:b3cb1d388c9d992b4721a1087e142255583868d0c855f5603d37b67d2c0ed64c_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:b3cb1d388c9d992b4721a1087e142255583868d0c855f5603d37b67d2c0ed64c_arm64",
"product_id": "registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:b3cb1d388c9d992b4721a1087e142255583868d0c855f5603d37b67d2c0ed64c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/backplane-rhel9-operator@sha256%3Ab3cb1d388c9d992b4721a1087e142255583868d0c855f5603d37b67d2c0ed64c?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777402015"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:09ddc268aff8a2e20a6678fe200843c4fc98e9e1d305074c5bbef73760ec15a9_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:09ddc268aff8a2e20a6678fe200843c4fc98e9e1d305074c5bbef73760ec15a9_arm64",
"product_id": "registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:09ddc268aff8a2e20a6678fe200843c4fc98e9e1d305074c5bbef73760ec15a9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-api-provider-agent-rhel9@sha256%3A09ddc268aff8a2e20a6678fe200843c4fc98e9e1d305074c5bbef73760ec15a9?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777032572"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:140b3b9a9526130a50040e355eb02609e0c38bf9ec0a8d5bcefb31862e2024f7_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:140b3b9a9526130a50040e355eb02609e0c38bf9ec0a8d5bcefb31862e2024f7_arm64",
"product_id": "registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:140b3b9a9526130a50040e355eb02609e0c38bf9ec0a8d5bcefb31862e2024f7_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-api-provider-aws-rhel9@sha256%3A140b3b9a9526130a50040e355eb02609e0c38bf9ec0a8d5bcefb31862e2024f7?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777296816"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:8b16aa9760ba4402dfef3eac989432a794af7c1c71f3e1127f6077d54cdf244d_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:8b16aa9760ba4402dfef3eac989432a794af7c1c71f3e1127f6077d54cdf244d_arm64",
"product_id": "registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:8b16aa9760ba4402dfef3eac989432a794af7c1c71f3e1127f6077d54cdf244d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-api-provider-kubevirt-rhel9@sha256%3A8b16aa9760ba4402dfef3eac989432a794af7c1c71f3e1127f6077d54cdf244d?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1776729188"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:d1773b6567bd5ebd6b33e5ff24bafdd17e1d1f4dceb2a93fd4355bad0995b7a9_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:d1773b6567bd5ebd6b33e5ff24bafdd17e1d1f4dceb2a93fd4355bad0995b7a9_arm64",
"product_id": "registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:d1773b6567bd5ebd6b33e5ff24bafdd17e1d1f4dceb2a93fd4355bad0995b7a9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/capoa-bootstrap-rhel9@sha256%3Ad1773b6567bd5ebd6b33e5ff24bafdd17e1d1f4dceb2a93fd4355bad0995b7a9?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777375661"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:b1619f86a599f1c386e8b487a1855b6f99a3538a619b55479debce224f541544_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:b1619f86a599f1c386e8b487a1855b6f99a3538a619b55479debce224f541544_arm64",
"product_id": "registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:b1619f86a599f1c386e8b487a1855b6f99a3538a619b55479debce224f541544_arm64",
"product_identification_helper": {
"purl": "pkg:oci/capoa-control-plane-rhel9@sha256%3Ab1619f86a599f1c386e8b487a1855b6f99a3538a619b55479debce224f541544?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777375678"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:853563cd50f8782fbd516fa1d4154593e421757677cd1fdbbf32cd8cb6231a99_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:853563cd50f8782fbd516fa1d4154593e421757677cd1fdbbf32cd8cb6231a99_arm64",
"product_id": "registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:853563cd50f8782fbd516fa1d4154593e421757677cd1fdbbf32cd8cb6231a99_arm64",
"product_identification_helper": {
"purl": "pkg:oci/mce-capi-webhook-config-rhel9@sha256%3A853563cd50f8782fbd516fa1d4154593e421757677cd1fdbbf32cd8cb6231a99?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1776641944"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:b0c240f80580258ce2e46a0799839048a13c75ea5f0c1afdeb197f7fa559c2f3_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:b0c240f80580258ce2e46a0799839048a13c75ea5f0c1afdeb197f7fa559c2f3_arm64",
"product_id": "registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:b0c240f80580258ce2e46a0799839048a13c75ea5f0c1afdeb197f7fa559c2f3_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-curator-controller-rhel9@sha256%3Ab0c240f80580258ce2e46a0799839048a13c75ea5f0c1afdeb197f7fa559c2f3?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1776729146"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:b590daae5128cf8d3c83fe406a6c293ed496cd75015dd9c04fe8e75677bcf898_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:b590daae5128cf8d3c83fe406a6c293ed496cd75015dd9c04fe8e75677bcf898_arm64",
"product_id": "registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:b590daae5128cf8d3c83fe406a6c293ed496cd75015dd9c04fe8e75677bcf898_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-image-set-controller-rhel9@sha256%3Ab590daae5128cf8d3c83fe406a6c293ed496cd75015dd9c04fe8e75677bcf898?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777333078"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:1ca6accd21c73a5e7bf04400e042fd1ee84ff7d18754e50fed5f5dd8f92c1208_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:1ca6accd21c73a5e7bf04400e042fd1ee84ff7d18754e50fed5f5dd8f92c1208_arm64",
"product_id": "registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:1ca6accd21c73a5e7bf04400e042fd1ee84ff7d18754e50fed5f5dd8f92c1208_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-proxy-addon-rhel9@sha256%3A1ca6accd21c73a5e7bf04400e042fd1ee84ff7d18754e50fed5f5dd8f92c1208?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1776556092"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:b94388d2168c576294a666ad688c11058a9120a1f82f46b00e17efc7cac8e283_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:b94388d2168c576294a666ad688c11058a9120a1f82f46b00e17efc7cac8e283_arm64",
"product_id": "registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:b94388d2168c576294a666ad688c11058a9120a1f82f46b00e17efc7cac8e283_arm64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-proxy-rhel9@sha256%3Ab94388d2168c576294a666ad688c11058a9120a1f82f46b00e17efc7cac8e283?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777136056"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:8f0a22e65065dd0a0d7603d880ba5204f697cab690d48bec4096ac4dfced34eb_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:8f0a22e65065dd0a0d7603d880ba5204f697cab690d48bec4096ac4dfced34eb_arm64",
"product_id": "registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:8f0a22e65065dd0a0d7603d880ba5204f697cab690d48bec4096ac4dfced34eb_arm64",
"product_identification_helper": {
"purl": "pkg:oci/clusterclaims-controller-rhel9@sha256%3A8f0a22e65065dd0a0d7603d880ba5204f697cab690d48bec4096ac4dfced34eb?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777128761"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:91eb2632f9174d001ccdd904a6b0ee2aa08e31b784fb7854d6e00ef5537797f2_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:91eb2632f9174d001ccdd904a6b0ee2aa08e31b784fb7854d6e00ef5537797f2_arm64",
"product_id": "registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:91eb2632f9174d001ccdd904a6b0ee2aa08e31b784fb7854d6e00ef5537797f2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/clusterlifecycle-state-metrics-rhel9@sha256%3A91eb2632f9174d001ccdd904a6b0ee2aa08e31b784fb7854d6e00ef5537797f2?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777419463"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:73343845c72dea40bfa36649b13d1d241f0190aa7b4d4e05952b43710ef8de42_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:73343845c72dea40bfa36649b13d1d241f0190aa7b4d4e05952b43710ef8de42_arm64",
"product_id": "registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:73343845c72dea40bfa36649b13d1d241f0190aa7b4d4e05952b43710ef8de42_arm64",
"product_identification_helper": {
"purl": "pkg:oci/console-mce-rhel9@sha256%3A73343845c72dea40bfa36649b13d1d241f0190aa7b4d4e05952b43710ef8de42?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777128790"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:647960dd990e5d4b7203450392a03d5e395de52b9a09b7488897f76f9ec16ac3_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:647960dd990e5d4b7203450392a03d5e395de52b9a09b7488897f76f9ec16ac3_arm64",
"product_id": "registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:647960dd990e5d4b7203450392a03d5e395de52b9a09b7488897f76f9ec16ac3_arm64",
"product_identification_helper": {
"purl": "pkg:oci/discovery-rhel9@sha256%3A647960dd990e5d4b7203450392a03d5e395de52b9a09b7488897f76f9ec16ac3?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1776457396"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/hive-rhel9@sha256:a67877772626c15a61c0c84009c7a4aed49e352d08d1fb518325a5190975cee6_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/hive-rhel9@sha256:a67877772626c15a61c0c84009c7a4aed49e352d08d1fb518325a5190975cee6_arm64",
"product_id": "registry.redhat.io/multicluster-engine/hive-rhel9@sha256:a67877772626c15a61c0c84009c7a4aed49e352d08d1fb518325a5190975cee6_arm64",
"product_identification_helper": {
"purl": "pkg:oci/hive-rhel9@sha256%3Aa67877772626c15a61c0c84009c7a4aed49e352d08d1fb518325a5190975cee6?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777324421"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:ba7d02e77d8dd52dd61425b27b400e0b3b2db16a82addb444bf12ec6d30a3364_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:ba7d02e77d8dd52dd61425b27b400e0b3b2db16a82addb444bf12ec6d30a3364_arm64",
"product_id": "registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:ba7d02e77d8dd52dd61425b27b400e0b3b2db16a82addb444bf12ec6d30a3364_arm64",
"product_identification_helper": {
"purl": "pkg:oci/hypershift-addon-rhel9-operator@sha256%3Aba7d02e77d8dd52dd61425b27b400e0b3b2db16a82addb444bf12ec6d30a3364?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777246708"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:9b4d478ea1b8f678154eae25a63fa4c5efaf6c6d2af26200bb5fd5d24288c2ce_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:9b4d478ea1b8f678154eae25a63fa4c5efaf6c6d2af26200bb5fd5d24288c2ce_arm64",
"product_id": "registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:9b4d478ea1b8f678154eae25a63fa4c5efaf6c6d2af26200bb5fd5d24288c2ce_arm64",
"product_identification_helper": {
"purl": "pkg:oci/hypershift-cli-rhel9@sha256%3A9b4d478ea1b8f678154eae25a63fa4c5efaf6c6d2af26200bb5fd5d24288c2ce?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1776426991"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:3a178a67d25889f7999f738077ed6a9247a77b9507aa7a05921fcff60b9d2636_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:3a178a67d25889f7999f738077ed6a9247a77b9507aa7a05921fcff60b9d2636_arm64",
"product_id": "registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:3a178a67d25889f7999f738077ed6a9247a77b9507aa7a05921fcff60b9d2636_arm64",
"product_identification_helper": {
"purl": "pkg:oci/hypershift-rhel9-operator@sha256%3A3a178a67d25889f7999f738077ed6a9247a77b9507aa7a05921fcff60b9d2636?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777132402"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:baa6d9bc58f4d70b7207688bd743e940b51a1d677b3ae357e8b81cb739e2790c_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:baa6d9bc58f4d70b7207688bd743e940b51a1d677b3ae357e8b81cb739e2790c_arm64",
"product_id": "registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:baa6d9bc58f4d70b7207688bd743e940b51a1d677b3ae357e8b81cb739e2790c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/image-based-install-rhel9@sha256%3Abaa6d9bc58f4d70b7207688bd743e940b51a1d677b3ae357e8b81cb739e2790c?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777188145"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:13c46cc94f63978ae9aad5e5a8e28f05602a165eb264f5d3a36af7b320f40030_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:13c46cc94f63978ae9aad5e5a8e28f05602a165eb264f5d3a36af7b320f40030_arm64",
"product_id": "registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:13c46cc94f63978ae9aad5e5a8e28f05602a165eb264f5d3a36af7b320f40030_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kube-rbac-proxy-mce-rhel9@sha256%3A13c46cc94f63978ae9aad5e5a8e28f05602a165eb264f5d3a36af7b320f40030?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777374758"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:17996ed18a7c5946d45802bf31f8a5075c6080f8e5340334d21764f6bd946454_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:17996ed18a7c5946d45802bf31f8a5075c6080f8e5340334d21764f6bd946454_arm64",
"product_id": "registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:17996ed18a7c5946d45802bf31f8a5075c6080f8e5340334d21764f6bd946454_arm64",
"product_identification_helper": {
"purl": "pkg:oci/managed-serviceaccount-rhel9@sha256%3A17996ed18a7c5946d45802bf31f8a5075c6080f8e5340334d21764f6bd946454?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1776824328"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:7e83ecbd9f40272e5359826761a2b6d9f48a299d99ffa245e4343d2a5526b289_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:7e83ecbd9f40272e5359826761a2b6d9f48a299d99ffa245e4343d2a5526b289_arm64",
"product_id": "registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:7e83ecbd9f40272e5359826761a2b6d9f48a299d99ffa245e4343d2a5526b289_arm64",
"product_identification_helper": {
"purl": "pkg:oci/managedcluster-import-controller-rhel9@sha256%3A7e83ecbd9f40272e5359826761a2b6d9f48a299d99ffa245e4343d2a5526b289?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777246644"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:15409fb17ca0e206d33b2819c8459e2ef609cb34ec0f4debd786bb2c8c4162f6_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:15409fb17ca0e206d33b2819c8459e2ef609cb34ec0f4debd786bb2c8c4162f6_arm64",
"product_id": "registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:15409fb17ca0e206d33b2819c8459e2ef609cb34ec0f4debd786bb2c8c4162f6_arm64",
"product_identification_helper": {
"purl": "pkg:oci/multicloud-manager-rhel9@sha256%3A15409fb17ca0e206d33b2819c8459e2ef609cb34ec0f4debd786bb2c8c4162f6?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777073849"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/placement-rhel9@sha256:20f4edc0c5cec375d29a0d1556f57d107da7300bf9fa0bbb79a03241f8103d0e_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/placement-rhel9@sha256:20f4edc0c5cec375d29a0d1556f57d107da7300bf9fa0bbb79a03241f8103d0e_arm64",
"product_id": "registry.redhat.io/multicluster-engine/placement-rhel9@sha256:20f4edc0c5cec375d29a0d1556f57d107da7300bf9fa0bbb79a03241f8103d0e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/placement-rhel9@sha256%3A20f4edc0c5cec375d29a0d1556f57d107da7300bf9fa0bbb79a03241f8103d0e?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1776737959"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:d96ae13c66493e6e82532abb5aa0ca4e97409539ac3d0f0bb8ad25e9b8b84141_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:d96ae13c66493e6e82532abb5aa0ca4e97409539ac3d0f0bb8ad25e9b8b84141_arm64",
"product_id": "registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:d96ae13c66493e6e82532abb5aa0ca4e97409539ac3d0f0bb8ad25e9b8b84141_arm64",
"product_identification_helper": {
"purl": "pkg:oci/provider-credential-controller-rhel9@sha256%3Ad96ae13c66493e6e82532abb5aa0ca4e97409539ac3d0f0bb8ad25e9b8b84141?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1776901027"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/registration-rhel9@sha256:6ea72894ba4d2ec772ab6565019f4600234957af802797c650c32516d56ea121_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/registration-rhel9@sha256:6ea72894ba4d2ec772ab6565019f4600234957af802797c650c32516d56ea121_arm64",
"product_id": "registry.redhat.io/multicluster-engine/registration-rhel9@sha256:6ea72894ba4d2ec772ab6565019f4600234957af802797c650c32516d56ea121_arm64",
"product_identification_helper": {
"purl": "pkg:oci/registration-rhel9@sha256%3A6ea72894ba4d2ec772ab6565019f4600234957af802797c650c32516d56ea121?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1776881164"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:76e7acc3f5083d73cbcfdaf4d59790070ef1b77a202242d661540bbefcc92542_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:76e7acc3f5083d73cbcfdaf4d59790070ef1b77a202242d661540bbefcc92542_arm64",
"product_id": "registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:76e7acc3f5083d73cbcfdaf4d59790070ef1b77a202242d661540bbefcc92542_arm64",
"product_identification_helper": {
"purl": "pkg:oci/registration-operator-rhel9@sha256%3A76e7acc3f5083d73cbcfdaf4d59790070ef1b77a202242d661540bbefcc92542?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1776881170"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/work-rhel9@sha256:52cb87eb762d0aeb6fc26335f7416bd1975c64ebc55d37914553178627e4325c_arm64",
"product": {
"name": "registry.redhat.io/multicluster-engine/work-rhel9@sha256:52cb87eb762d0aeb6fc26335f7416bd1975c64ebc55d37914553178627e4325c_arm64",
"product_id": "registry.redhat.io/multicluster-engine/work-rhel9@sha256:52cb87eb762d0aeb6fc26335f7416bd1975c64ebc55d37914553178627e4325c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/work-rhel9@sha256%3A52cb87eb762d0aeb6fc26335f7416bd1975c64ebc55d37914553178627e4325c?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777140415"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:ea9dda951ced7f3641ba5afd651191a75321cb0db5e251f66a510bc6d6f0f090_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:ea9dda951ced7f3641ba5afd651191a75321cb0db5e251f66a510bc6d6f0f090_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:ea9dda951ced7f3641ba5afd651191a75321cb0db5e251f66a510bc6d6f0f090_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/addon-manager-rhel9@sha256%3Aea9dda951ced7f3641ba5afd651191a75321cb0db5e251f66a510bc6d6f0f090?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1776729146"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:64aefc4a5241b636add963a7ae9c80e89fb6e51c2c70b1340c16c2a396223460_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:64aefc4a5241b636add963a7ae9c80e89fb6e51c2c70b1340c16c2a396223460_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:64aefc4a5241b636add963a7ae9c80e89fb6e51c2c70b1340c16c2a396223460_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/must-gather-rhel9@sha256%3A64aefc4a5241b636add963a7ae9c80e89fb6e51c2c70b1340c16c2a396223460?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1776449110"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:d66e556ff0b55bf9a54b45dc26e5175a662be785440db589efe01efa9da30d0e_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:d66e556ff0b55bf9a54b45dc26e5175a662be785440db589efe01efa9da30d0e_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:d66e556ff0b55bf9a54b45dc26e5175a662be785440db589efe01efa9da30d0e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/backplane-rhel9-operator@sha256%3Ad66e556ff0b55bf9a54b45dc26e5175a662be785440db589efe01efa9da30d0e?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777402015"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:9e783056352c39529e7315855af6d05cde5b39c009d2e67b9d88fb0210d30ed0_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:9e783056352c39529e7315855af6d05cde5b39c009d2e67b9d88fb0210d30ed0_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:9e783056352c39529e7315855af6d05cde5b39c009d2e67b9d88fb0210d30ed0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cluster-api-provider-agent-rhel9@sha256%3A9e783056352c39529e7315855af6d05cde5b39c009d2e67b9d88fb0210d30ed0?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777032572"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:994412dd0b9619d215a17d5ac684b11864f12030a399437247dbfa9f26061e31_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:994412dd0b9619d215a17d5ac684b11864f12030a399437247dbfa9f26061e31_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:994412dd0b9619d215a17d5ac684b11864f12030a399437247dbfa9f26061e31_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cluster-api-provider-aws-rhel9@sha256%3A994412dd0b9619d215a17d5ac684b11864f12030a399437247dbfa9f26061e31?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777296816"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:67bbdc696225283b4baa550a402fb03d9999ccd471a62622df1bbf0917ac8f52_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:67bbdc696225283b4baa550a402fb03d9999ccd471a62622df1bbf0917ac8f52_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:67bbdc696225283b4baa550a402fb03d9999ccd471a62622df1bbf0917ac8f52_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cluster-api-provider-kubevirt-rhel9@sha256%3A67bbdc696225283b4baa550a402fb03d9999ccd471a62622df1bbf0917ac8f52?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1776729188"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:c9456c7efa795d600500ab1c05e30ac7ce8f83fd571c5d8cfc0d382fcf575d9f_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:c9456c7efa795d600500ab1c05e30ac7ce8f83fd571c5d8cfc0d382fcf575d9f_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:c9456c7efa795d600500ab1c05e30ac7ce8f83fd571c5d8cfc0d382fcf575d9f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/capoa-bootstrap-rhel9@sha256%3Ac9456c7efa795d600500ab1c05e30ac7ce8f83fd571c5d8cfc0d382fcf575d9f?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777375661"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:4c30c0f1e5ba711350357dbfb9f5048129a90be5c28011f85116a2fb365c6f4c_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:4c30c0f1e5ba711350357dbfb9f5048129a90be5c28011f85116a2fb365c6f4c_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:4c30c0f1e5ba711350357dbfb9f5048129a90be5c28011f85116a2fb365c6f4c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/capoa-control-plane-rhel9@sha256%3A4c30c0f1e5ba711350357dbfb9f5048129a90be5c28011f85116a2fb365c6f4c?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777375678"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:2389723dc391b58f2b78a873d7b3ce061835dd0851806c0ac1807f1a5fdb1ccf_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:2389723dc391b58f2b78a873d7b3ce061835dd0851806c0ac1807f1a5fdb1ccf_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:2389723dc391b58f2b78a873d7b3ce061835dd0851806c0ac1807f1a5fdb1ccf_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/mce-capi-webhook-config-rhel9@sha256%3A2389723dc391b58f2b78a873d7b3ce061835dd0851806c0ac1807f1a5fdb1ccf?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1776641944"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:b7e8f2fc682eb7ae91bb81b41e2b3e0b11fbabf1399e3013cd1353d3e5503423_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:b7e8f2fc682eb7ae91bb81b41e2b3e0b11fbabf1399e3013cd1353d3e5503423_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:b7e8f2fc682eb7ae91bb81b41e2b3e0b11fbabf1399e3013cd1353d3e5503423_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cluster-curator-controller-rhel9@sha256%3Ab7e8f2fc682eb7ae91bb81b41e2b3e0b11fbabf1399e3013cd1353d3e5503423?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1776729146"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:c6e7572299b082af41e6354ba0c793961b525df3131710da9b7fa1700864e0ee_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:c6e7572299b082af41e6354ba0c793961b525df3131710da9b7fa1700864e0ee_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:c6e7572299b082af41e6354ba0c793961b525df3131710da9b7fa1700864e0ee_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cluster-image-set-controller-rhel9@sha256%3Ac6e7572299b082af41e6354ba0c793961b525df3131710da9b7fa1700864e0ee?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777333078"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:385376977c96bac3a56120ec859b410f8eb869d61195ceca2ab6b8602ae60f98_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:385376977c96bac3a56120ec859b410f8eb869d61195ceca2ab6b8602ae60f98_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:385376977c96bac3a56120ec859b410f8eb869d61195ceca2ab6b8602ae60f98_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cluster-proxy-addon-rhel9@sha256%3A385376977c96bac3a56120ec859b410f8eb869d61195ceca2ab6b8602ae60f98?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1776556092"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:205fb68996e4662d1dc53846fe878f3704caaff051e788b9b8c01c653d2d2dd6_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:205fb68996e4662d1dc53846fe878f3704caaff051e788b9b8c01c653d2d2dd6_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:205fb68996e4662d1dc53846fe878f3704caaff051e788b9b8c01c653d2d2dd6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cluster-proxy-rhel9@sha256%3A205fb68996e4662d1dc53846fe878f3704caaff051e788b9b8c01c653d2d2dd6?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777136056"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:4961180b0cf3005e3b13596a62d00b5417b79db6763ed6499bbdd33ffc5e7d8f_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:4961180b0cf3005e3b13596a62d00b5417b79db6763ed6499bbdd33ffc5e7d8f_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:4961180b0cf3005e3b13596a62d00b5417b79db6763ed6499bbdd33ffc5e7d8f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/clusterclaims-controller-rhel9@sha256%3A4961180b0cf3005e3b13596a62d00b5417b79db6763ed6499bbdd33ffc5e7d8f?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777128761"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:657056516c00fda9f925f3a49cb77fbee15bd85744da16eb30fc6d5b50f19cb5_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:657056516c00fda9f925f3a49cb77fbee15bd85744da16eb30fc6d5b50f19cb5_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:657056516c00fda9f925f3a49cb77fbee15bd85744da16eb30fc6d5b50f19cb5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/clusterlifecycle-state-metrics-rhel9@sha256%3A657056516c00fda9f925f3a49cb77fbee15bd85744da16eb30fc6d5b50f19cb5?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777419463"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:10710f43daa6a7596580e2251a4ce78b9f5f129b69ae86b830fac2ced267dc53_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:10710f43daa6a7596580e2251a4ce78b9f5f129b69ae86b830fac2ced267dc53_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:10710f43daa6a7596580e2251a4ce78b9f5f129b69ae86b830fac2ced267dc53_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/console-mce-rhel9@sha256%3A10710f43daa6a7596580e2251a4ce78b9f5f129b69ae86b830fac2ced267dc53?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777128790"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:f4ec8416deebe2f69231a2d137e05f0b244216826e1c029ff751d46cea8e0e09_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:f4ec8416deebe2f69231a2d137e05f0b244216826e1c029ff751d46cea8e0e09_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:f4ec8416deebe2f69231a2d137e05f0b244216826e1c029ff751d46cea8e0e09_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/discovery-rhel9@sha256%3Af4ec8416deebe2f69231a2d137e05f0b244216826e1c029ff751d46cea8e0e09?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1776457396"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/hive-rhel9@sha256:65595440f3d1b49881d658d7fbfc3e48805a010e8b4808a0c113b25725b6d5df_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/hive-rhel9@sha256:65595440f3d1b49881d658d7fbfc3e48805a010e8b4808a0c113b25725b6d5df_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/hive-rhel9@sha256:65595440f3d1b49881d658d7fbfc3e48805a010e8b4808a0c113b25725b6d5df_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/hive-rhel9@sha256%3A65595440f3d1b49881d658d7fbfc3e48805a010e8b4808a0c113b25725b6d5df?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777324421"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:38fc5ff2e94071852aaeafe98394ad26a15384046a3979e731e074c131b0e89c_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:38fc5ff2e94071852aaeafe98394ad26a15384046a3979e731e074c131b0e89c_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:38fc5ff2e94071852aaeafe98394ad26a15384046a3979e731e074c131b0e89c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/hypershift-addon-rhel9-operator@sha256%3A38fc5ff2e94071852aaeafe98394ad26a15384046a3979e731e074c131b0e89c?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777246708"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:656d328dab901a6c91acd23695d857c74e513b03424dac9070b013786b5b15d7_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:656d328dab901a6c91acd23695d857c74e513b03424dac9070b013786b5b15d7_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:656d328dab901a6c91acd23695d857c74e513b03424dac9070b013786b5b15d7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/hypershift-cli-rhel9@sha256%3A656d328dab901a6c91acd23695d857c74e513b03424dac9070b013786b5b15d7?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1776426991"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:65872b0324e907feaa4e7f2851d29d35306549ce35005259eaf6cb1f560c7a06_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:65872b0324e907feaa4e7f2851d29d35306549ce35005259eaf6cb1f560c7a06_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:65872b0324e907feaa4e7f2851d29d35306549ce35005259eaf6cb1f560c7a06_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/hypershift-rhel9-operator@sha256%3A65872b0324e907feaa4e7f2851d29d35306549ce35005259eaf6cb1f560c7a06?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777132402"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:7aafa8c6604fab9ddd9d7e01ce2e32dac0496f3ffe0468aaefca10aba3a02d7f_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:7aafa8c6604fab9ddd9d7e01ce2e32dac0496f3ffe0468aaefca10aba3a02d7f_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:7aafa8c6604fab9ddd9d7e01ce2e32dac0496f3ffe0468aaefca10aba3a02d7f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/image-based-install-rhel9@sha256%3A7aafa8c6604fab9ddd9d7e01ce2e32dac0496f3ffe0468aaefca10aba3a02d7f?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777188145"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:c8939d68dc4dea211e4aadef72d92cc4be2650407581f807241ccda0bb8960fc_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:c8939d68dc4dea211e4aadef72d92cc4be2650407581f807241ccda0bb8960fc_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:c8939d68dc4dea211e4aadef72d92cc4be2650407581f807241ccda0bb8960fc_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kube-rbac-proxy-mce-rhel9@sha256%3Ac8939d68dc4dea211e4aadef72d92cc4be2650407581f807241ccda0bb8960fc?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777374758"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:101d95caac7754e2a52d604b5458c1e37f243baa00f63270cbed87eb1b070057_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:101d95caac7754e2a52d604b5458c1e37f243baa00f63270cbed87eb1b070057_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:101d95caac7754e2a52d604b5458c1e37f243baa00f63270cbed87eb1b070057_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/managed-serviceaccount-rhel9@sha256%3A101d95caac7754e2a52d604b5458c1e37f243baa00f63270cbed87eb1b070057?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1776824328"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:92c0a5ad9e0f0825cf06b1ffdd753180b60b553a55675b327b34146081c41ae6_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:92c0a5ad9e0f0825cf06b1ffdd753180b60b553a55675b327b34146081c41ae6_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:92c0a5ad9e0f0825cf06b1ffdd753180b60b553a55675b327b34146081c41ae6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/managedcluster-import-controller-rhel9@sha256%3A92c0a5ad9e0f0825cf06b1ffdd753180b60b553a55675b327b34146081c41ae6?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777246644"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:d44f4a854122aad1cf7bd4e5611ee36557a86331cb687236401237858f1150f6_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:d44f4a854122aad1cf7bd4e5611ee36557a86331cb687236401237858f1150f6_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:d44f4a854122aad1cf7bd4e5611ee36557a86331cb687236401237858f1150f6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/multicloud-manager-rhel9@sha256%3Ad44f4a854122aad1cf7bd4e5611ee36557a86331cb687236401237858f1150f6?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777073849"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/placement-rhel9@sha256:a3eb86fccb73f1177cb8ecc0a2f0c34977a51d2e1dc6f206f7d9abcda51a1950_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/placement-rhel9@sha256:a3eb86fccb73f1177cb8ecc0a2f0c34977a51d2e1dc6f206f7d9abcda51a1950_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/placement-rhel9@sha256:a3eb86fccb73f1177cb8ecc0a2f0c34977a51d2e1dc6f206f7d9abcda51a1950_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/placement-rhel9@sha256%3Aa3eb86fccb73f1177cb8ecc0a2f0c34977a51d2e1dc6f206f7d9abcda51a1950?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1776737959"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:8a14ece050720263b1e66751121324660edae661a27e5401c94082ca5fd2a6aa_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:8a14ece050720263b1e66751121324660edae661a27e5401c94082ca5fd2a6aa_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:8a14ece050720263b1e66751121324660edae661a27e5401c94082ca5fd2a6aa_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/provider-credential-controller-rhel9@sha256%3A8a14ece050720263b1e66751121324660edae661a27e5401c94082ca5fd2a6aa?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1776901027"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/registration-rhel9@sha256:dc78fbb014fa97d6ee2b2b32475dc39c7277f132558c7f8b5299b6a85018043a_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/registration-rhel9@sha256:dc78fbb014fa97d6ee2b2b32475dc39c7277f132558c7f8b5299b6a85018043a_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/registration-rhel9@sha256:dc78fbb014fa97d6ee2b2b32475dc39c7277f132558c7f8b5299b6a85018043a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/registration-rhel9@sha256%3Adc78fbb014fa97d6ee2b2b32475dc39c7277f132558c7f8b5299b6a85018043a?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1776881164"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:a8583d0cb70c604bcdf595eac14ce3f25ca4ffd98d0ebb7c38ae9601b3906fee_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:a8583d0cb70c604bcdf595eac14ce3f25ca4ffd98d0ebb7c38ae9601b3906fee_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:a8583d0cb70c604bcdf595eac14ce3f25ca4ffd98d0ebb7c38ae9601b3906fee_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/registration-operator-rhel9@sha256%3Aa8583d0cb70c604bcdf595eac14ce3f25ca4ffd98d0ebb7c38ae9601b3906fee?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1776881170"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/work-rhel9@sha256:bc9f9494efef5a03e42db6a0da3d79717420b932d176e66f33885beb47ac1f8b_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-engine/work-rhel9@sha256:bc9f9494efef5a03e42db6a0da3d79717420b932d176e66f33885beb47ac1f8b_ppc64le",
"product_id": "registry.redhat.io/multicluster-engine/work-rhel9@sha256:bc9f9494efef5a03e42db6a0da3d79717420b932d176e66f33885beb47ac1f8b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/work-rhel9@sha256%3Abc9f9494efef5a03e42db6a0da3d79717420b932d176e66f33885beb47ac1f8b?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777140415"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:b1eb4a408936b8cd0863c04fb7fe3a72e875c06d9f5c33dca4c82dd4a05a027f_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:b1eb4a408936b8cd0863c04fb7fe3a72e875c06d9f5c33dca4c82dd4a05a027f_s390x",
"product_id": "registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:b1eb4a408936b8cd0863c04fb7fe3a72e875c06d9f5c33dca4c82dd4a05a027f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/addon-manager-rhel9@sha256%3Ab1eb4a408936b8cd0863c04fb7fe3a72e875c06d9f5c33dca4c82dd4a05a027f?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1776729146"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:95d4dcb17bfe3ba981ce84a27e79e8bad1f0574b7d287316ac885c3a03b47d0b_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:95d4dcb17bfe3ba981ce84a27e79e8bad1f0574b7d287316ac885c3a03b47d0b_s390x",
"product_id": "registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:95d4dcb17bfe3ba981ce84a27e79e8bad1f0574b7d287316ac885c3a03b47d0b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/must-gather-rhel9@sha256%3A95d4dcb17bfe3ba981ce84a27e79e8bad1f0574b7d287316ac885c3a03b47d0b?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1776449110"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:1a9bf49ede874a64c5acbe426e62324b564458e5575db9dd95230a15933e9adc_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:1a9bf49ede874a64c5acbe426e62324b564458e5575db9dd95230a15933e9adc_s390x",
"product_id": "registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:1a9bf49ede874a64c5acbe426e62324b564458e5575db9dd95230a15933e9adc_s390x",
"product_identification_helper": {
"purl": "pkg:oci/backplane-rhel9-operator@sha256%3A1a9bf49ede874a64c5acbe426e62324b564458e5575db9dd95230a15933e9adc?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777402015"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:3d1a892c3842daea43ff64fa6bfb2276504003de0c8822412bb403e90c783d1b_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:3d1a892c3842daea43ff64fa6bfb2276504003de0c8822412bb403e90c783d1b_s390x",
"product_id": "registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:3d1a892c3842daea43ff64fa6bfb2276504003de0c8822412bb403e90c783d1b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cluster-api-provider-agent-rhel9@sha256%3A3d1a892c3842daea43ff64fa6bfb2276504003de0c8822412bb403e90c783d1b?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777032572"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:64efc33fe97ef9bcae490ff0ca61717dd48e6b0b0aab417e8ff252250baed576_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:64efc33fe97ef9bcae490ff0ca61717dd48e6b0b0aab417e8ff252250baed576_s390x",
"product_id": "registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:64efc33fe97ef9bcae490ff0ca61717dd48e6b0b0aab417e8ff252250baed576_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cluster-api-provider-aws-rhel9@sha256%3A64efc33fe97ef9bcae490ff0ca61717dd48e6b0b0aab417e8ff252250baed576?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777296816"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:dad83ae3c921ff7444f8317fbdc165a43f9177b5d0554b08a960d9752ed1dbf8_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:dad83ae3c921ff7444f8317fbdc165a43f9177b5d0554b08a960d9752ed1dbf8_s390x",
"product_id": "registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:dad83ae3c921ff7444f8317fbdc165a43f9177b5d0554b08a960d9752ed1dbf8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cluster-api-provider-kubevirt-rhel9@sha256%3Adad83ae3c921ff7444f8317fbdc165a43f9177b5d0554b08a960d9752ed1dbf8?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1776729188"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:5cf7bb103490cb1b5423c7d02d5b412f9059dca5455770fb0ecae8e1331493d7_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:5cf7bb103490cb1b5423c7d02d5b412f9059dca5455770fb0ecae8e1331493d7_s390x",
"product_id": "registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:5cf7bb103490cb1b5423c7d02d5b412f9059dca5455770fb0ecae8e1331493d7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/capoa-bootstrap-rhel9@sha256%3A5cf7bb103490cb1b5423c7d02d5b412f9059dca5455770fb0ecae8e1331493d7?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777375661"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:a2bbd28144d23264473715038172a92b199f6fb0a1b1f3f1cad2c56a3454fe00_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:a2bbd28144d23264473715038172a92b199f6fb0a1b1f3f1cad2c56a3454fe00_s390x",
"product_id": "registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:a2bbd28144d23264473715038172a92b199f6fb0a1b1f3f1cad2c56a3454fe00_s390x",
"product_identification_helper": {
"purl": "pkg:oci/capoa-control-plane-rhel9@sha256%3Aa2bbd28144d23264473715038172a92b199f6fb0a1b1f3f1cad2c56a3454fe00?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777375678"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:2d4c85b612c10c09608c6a54cd9e55487439a30635938e018ea66f3562d5995b_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:2d4c85b612c10c09608c6a54cd9e55487439a30635938e018ea66f3562d5995b_s390x",
"product_id": "registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:2d4c85b612c10c09608c6a54cd9e55487439a30635938e018ea66f3562d5995b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/mce-capi-webhook-config-rhel9@sha256%3A2d4c85b612c10c09608c6a54cd9e55487439a30635938e018ea66f3562d5995b?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1776641944"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:57538de1fa62ef85ff3bcf844e90d44d79bb35bae50b21b2029d5fdcb909520c_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:57538de1fa62ef85ff3bcf844e90d44d79bb35bae50b21b2029d5fdcb909520c_s390x",
"product_id": "registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:57538de1fa62ef85ff3bcf844e90d44d79bb35bae50b21b2029d5fdcb909520c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cluster-curator-controller-rhel9@sha256%3A57538de1fa62ef85ff3bcf844e90d44d79bb35bae50b21b2029d5fdcb909520c?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1776729146"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:63056ed45fb5ba627a3cd35d0866d49ebcfa214e1fef12e8005540b656948cbf_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:63056ed45fb5ba627a3cd35d0866d49ebcfa214e1fef12e8005540b656948cbf_s390x",
"product_id": "registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:63056ed45fb5ba627a3cd35d0866d49ebcfa214e1fef12e8005540b656948cbf_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cluster-image-set-controller-rhel9@sha256%3A63056ed45fb5ba627a3cd35d0866d49ebcfa214e1fef12e8005540b656948cbf?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777333078"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:87a79c1d5b549de5dd7295ee7e6051a3d31a3d09b016a4904a2f0f29661468f8_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:87a79c1d5b549de5dd7295ee7e6051a3d31a3d09b016a4904a2f0f29661468f8_s390x",
"product_id": "registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:87a79c1d5b549de5dd7295ee7e6051a3d31a3d09b016a4904a2f0f29661468f8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cluster-proxy-addon-rhel9@sha256%3A87a79c1d5b549de5dd7295ee7e6051a3d31a3d09b016a4904a2f0f29661468f8?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1776556092"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:7c2ec1a251c2bf42c2b90a092e3a1e781b0e6b78894574324f559dc3ce05b918_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:7c2ec1a251c2bf42c2b90a092e3a1e781b0e6b78894574324f559dc3ce05b918_s390x",
"product_id": "registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:7c2ec1a251c2bf42c2b90a092e3a1e781b0e6b78894574324f559dc3ce05b918_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cluster-proxy-rhel9@sha256%3A7c2ec1a251c2bf42c2b90a092e3a1e781b0e6b78894574324f559dc3ce05b918?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777136056"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:c6e080ca0bd427202f59aaa22ebbe6c0e605ea826a39a7ae6d31830847a2abb4_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:c6e080ca0bd427202f59aaa22ebbe6c0e605ea826a39a7ae6d31830847a2abb4_s390x",
"product_id": "registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:c6e080ca0bd427202f59aaa22ebbe6c0e605ea826a39a7ae6d31830847a2abb4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/clusterclaims-controller-rhel9@sha256%3Ac6e080ca0bd427202f59aaa22ebbe6c0e605ea826a39a7ae6d31830847a2abb4?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777128761"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:8427851fc9e645146de5aa8f1fbc1b43ae774d4373f3523b5236eae17d54976c_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:8427851fc9e645146de5aa8f1fbc1b43ae774d4373f3523b5236eae17d54976c_s390x",
"product_id": "registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:8427851fc9e645146de5aa8f1fbc1b43ae774d4373f3523b5236eae17d54976c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/clusterlifecycle-state-metrics-rhel9@sha256%3A8427851fc9e645146de5aa8f1fbc1b43ae774d4373f3523b5236eae17d54976c?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777419463"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:5028095ad4062ba947075e6c1064c6cae11a3a7495bd5ed93a2dd47fa08abf7f_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:5028095ad4062ba947075e6c1064c6cae11a3a7495bd5ed93a2dd47fa08abf7f_s390x",
"product_id": "registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:5028095ad4062ba947075e6c1064c6cae11a3a7495bd5ed93a2dd47fa08abf7f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/console-mce-rhel9@sha256%3A5028095ad4062ba947075e6c1064c6cae11a3a7495bd5ed93a2dd47fa08abf7f?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777128790"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:4909fc1686e26c789c42426b51718ef756c595b25ba7bb372f80cbe76cd81e50_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:4909fc1686e26c789c42426b51718ef756c595b25ba7bb372f80cbe76cd81e50_s390x",
"product_id": "registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:4909fc1686e26c789c42426b51718ef756c595b25ba7bb372f80cbe76cd81e50_s390x",
"product_identification_helper": {
"purl": "pkg:oci/discovery-rhel9@sha256%3A4909fc1686e26c789c42426b51718ef756c595b25ba7bb372f80cbe76cd81e50?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1776457396"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/hive-rhel9@sha256:34b737d8960e90357006419682b8b28f10d30cec8ae8ddfbdc7805cddb0ae120_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/hive-rhel9@sha256:34b737d8960e90357006419682b8b28f10d30cec8ae8ddfbdc7805cddb0ae120_s390x",
"product_id": "registry.redhat.io/multicluster-engine/hive-rhel9@sha256:34b737d8960e90357006419682b8b28f10d30cec8ae8ddfbdc7805cddb0ae120_s390x",
"product_identification_helper": {
"purl": "pkg:oci/hive-rhel9@sha256%3A34b737d8960e90357006419682b8b28f10d30cec8ae8ddfbdc7805cddb0ae120?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777324421"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:75f3f3856b19e3169e534f148048fa0ff34974523723850da22fa982c6771165_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:75f3f3856b19e3169e534f148048fa0ff34974523723850da22fa982c6771165_s390x",
"product_id": "registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:75f3f3856b19e3169e534f148048fa0ff34974523723850da22fa982c6771165_s390x",
"product_identification_helper": {
"purl": "pkg:oci/hypershift-addon-rhel9-operator@sha256%3A75f3f3856b19e3169e534f148048fa0ff34974523723850da22fa982c6771165?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777246708"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:bdb1cb4d3ed7e091b2241e5e279a8b327d3710396597e215b718a677f96878ed_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:bdb1cb4d3ed7e091b2241e5e279a8b327d3710396597e215b718a677f96878ed_s390x",
"product_id": "registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:bdb1cb4d3ed7e091b2241e5e279a8b327d3710396597e215b718a677f96878ed_s390x",
"product_identification_helper": {
"purl": "pkg:oci/hypershift-cli-rhel9@sha256%3Abdb1cb4d3ed7e091b2241e5e279a8b327d3710396597e215b718a677f96878ed?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1776426991"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:49d9b1b412dc6adada0336e6fa9088e732b67a77baa77e802d44d36a31b7b675_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:49d9b1b412dc6adada0336e6fa9088e732b67a77baa77e802d44d36a31b7b675_s390x",
"product_id": "registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:49d9b1b412dc6adada0336e6fa9088e732b67a77baa77e802d44d36a31b7b675_s390x",
"product_identification_helper": {
"purl": "pkg:oci/hypershift-rhel9-operator@sha256%3A49d9b1b412dc6adada0336e6fa9088e732b67a77baa77e802d44d36a31b7b675?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777132402"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:cdbcc2e47b1e2846b1d847bdf1a2e8972e1bcd5a55756feb15def6c20812f0ef_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:cdbcc2e47b1e2846b1d847bdf1a2e8972e1bcd5a55756feb15def6c20812f0ef_s390x",
"product_id": "registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:cdbcc2e47b1e2846b1d847bdf1a2e8972e1bcd5a55756feb15def6c20812f0ef_s390x",
"product_identification_helper": {
"purl": "pkg:oci/image-based-install-rhel9@sha256%3Acdbcc2e47b1e2846b1d847bdf1a2e8972e1bcd5a55756feb15def6c20812f0ef?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777188145"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:e24ccd1d29f5d3019c0b64f8ef9bdcb235eb9555e67d625c06339865727fdd92_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:e24ccd1d29f5d3019c0b64f8ef9bdcb235eb9555e67d625c06339865727fdd92_s390x",
"product_id": "registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:e24ccd1d29f5d3019c0b64f8ef9bdcb235eb9555e67d625c06339865727fdd92_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kube-rbac-proxy-mce-rhel9@sha256%3Ae24ccd1d29f5d3019c0b64f8ef9bdcb235eb9555e67d625c06339865727fdd92?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777374758"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:42cd33038c6dc4f5f60ad6d62a29a3446fe69c632238614005cc2d9ed1d65902_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:42cd33038c6dc4f5f60ad6d62a29a3446fe69c632238614005cc2d9ed1d65902_s390x",
"product_id": "registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:42cd33038c6dc4f5f60ad6d62a29a3446fe69c632238614005cc2d9ed1d65902_s390x",
"product_identification_helper": {
"purl": "pkg:oci/managed-serviceaccount-rhel9@sha256%3A42cd33038c6dc4f5f60ad6d62a29a3446fe69c632238614005cc2d9ed1d65902?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1776824328"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:65d3d04cada5750601d2372642d14e64320cee7b8a5286e11fdd477ba8b5e7ba_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:65d3d04cada5750601d2372642d14e64320cee7b8a5286e11fdd477ba8b5e7ba_s390x",
"product_id": "registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:65d3d04cada5750601d2372642d14e64320cee7b8a5286e11fdd477ba8b5e7ba_s390x",
"product_identification_helper": {
"purl": "pkg:oci/managedcluster-import-controller-rhel9@sha256%3A65d3d04cada5750601d2372642d14e64320cee7b8a5286e11fdd477ba8b5e7ba?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777246644"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:03d39fb027b3d3db514d944e1911266e99b0fb5671cefa7287dc898aa0116ed9_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:03d39fb027b3d3db514d944e1911266e99b0fb5671cefa7287dc898aa0116ed9_s390x",
"product_id": "registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:03d39fb027b3d3db514d944e1911266e99b0fb5671cefa7287dc898aa0116ed9_s390x",
"product_identification_helper": {
"purl": "pkg:oci/multicloud-manager-rhel9@sha256%3A03d39fb027b3d3db514d944e1911266e99b0fb5671cefa7287dc898aa0116ed9?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777073849"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/placement-rhel9@sha256:0adb1f93691c91c098e88d10a5c85bb9c40a86c97ce9da03db4ef046aa729046_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/placement-rhel9@sha256:0adb1f93691c91c098e88d10a5c85bb9c40a86c97ce9da03db4ef046aa729046_s390x",
"product_id": "registry.redhat.io/multicluster-engine/placement-rhel9@sha256:0adb1f93691c91c098e88d10a5c85bb9c40a86c97ce9da03db4ef046aa729046_s390x",
"product_identification_helper": {
"purl": "pkg:oci/placement-rhel9@sha256%3A0adb1f93691c91c098e88d10a5c85bb9c40a86c97ce9da03db4ef046aa729046?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1776737959"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:609b6f5a0f9f1d86d123414bbf80b79afa50d575c8e9d57845db41b798a32369_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:609b6f5a0f9f1d86d123414bbf80b79afa50d575c8e9d57845db41b798a32369_s390x",
"product_id": "registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:609b6f5a0f9f1d86d123414bbf80b79afa50d575c8e9d57845db41b798a32369_s390x",
"product_identification_helper": {
"purl": "pkg:oci/provider-credential-controller-rhel9@sha256%3A609b6f5a0f9f1d86d123414bbf80b79afa50d575c8e9d57845db41b798a32369?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1776901027"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/registration-rhel9@sha256:47b70eda9d66d5ecf0b503b65401907cd6563b9dc1a72ece63ba7ecdcd08487a_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/registration-rhel9@sha256:47b70eda9d66d5ecf0b503b65401907cd6563b9dc1a72ece63ba7ecdcd08487a_s390x",
"product_id": "registry.redhat.io/multicluster-engine/registration-rhel9@sha256:47b70eda9d66d5ecf0b503b65401907cd6563b9dc1a72ece63ba7ecdcd08487a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/registration-rhel9@sha256%3A47b70eda9d66d5ecf0b503b65401907cd6563b9dc1a72ece63ba7ecdcd08487a?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1776881164"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:c97f22fa4f3502f16a68d488692ebf7cc048f49b5c56820670f29d5fdaa7d960_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:c97f22fa4f3502f16a68d488692ebf7cc048f49b5c56820670f29d5fdaa7d960_s390x",
"product_id": "registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:c97f22fa4f3502f16a68d488692ebf7cc048f49b5c56820670f29d5fdaa7d960_s390x",
"product_identification_helper": {
"purl": "pkg:oci/registration-operator-rhel9@sha256%3Ac97f22fa4f3502f16a68d488692ebf7cc048f49b5c56820670f29d5fdaa7d960?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1776881170"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-engine/work-rhel9@sha256:bbfc3a0e887427d11018ac789ff75b6d94167f52fbc756749e3d54391d4355bb_s390x",
"product": {
"name": "registry.redhat.io/multicluster-engine/work-rhel9@sha256:bbfc3a0e887427d11018ac789ff75b6d94167f52fbc756749e3d54391d4355bb_s390x",
"product_id": "registry.redhat.io/multicluster-engine/work-rhel9@sha256:bbfc3a0e887427d11018ac789ff75b6d94167f52fbc756749e3d54391d4355bb_s390x",
"product_identification_helper": {
"purl": "pkg:oci/work-rhel9@sha256%3Abbfc3a0e887427d11018ac789ff75b6d94167f52fbc756749e3d54391d4355bb?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-engine\u0026tag=1777140415"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:6010f1e00ada07c0100468bde8ab20c176610f9d8e7498fc26d46960d63c9984_amd64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:6010f1e00ada07c0100468bde8ab20c176610f9d8e7498fc26d46960d63c9984_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:6010f1e00ada07c0100468bde8ab20c176610f9d8e7498fc26d46960d63c9984_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:9530059a49869e8f1909a7ab06036c7fd36018a14ae2e6f22c5c0c1868eaaf49_arm64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:9530059a49869e8f1909a7ab06036c7fd36018a14ae2e6f22c5c0c1868eaaf49_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:9530059a49869e8f1909a7ab06036c7fd36018a14ae2e6f22c5c0c1868eaaf49_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:b1eb4a408936b8cd0863c04fb7fe3a72e875c06d9f5c33dca4c82dd4a05a027f_s390x as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:b1eb4a408936b8cd0863c04fb7fe3a72e875c06d9f5c33dca4c82dd4a05a027f_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:b1eb4a408936b8cd0863c04fb7fe3a72e875c06d9f5c33dca4c82dd4a05a027f_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:ea9dda951ced7f3641ba5afd651191a75321cb0db5e251f66a510bc6d6f0f090_ppc64le as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:ea9dda951ced7f3641ba5afd651191a75321cb0db5e251f66a510bc6d6f0f090_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:ea9dda951ced7f3641ba5afd651191a75321cb0db5e251f66a510bc6d6f0f090_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:1a9bf49ede874a64c5acbe426e62324b564458e5575db9dd95230a15933e9adc_s390x as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:1a9bf49ede874a64c5acbe426e62324b564458e5575db9dd95230a15933e9adc_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:1a9bf49ede874a64c5acbe426e62324b564458e5575db9dd95230a15933e9adc_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:a464a9d46467012d73772656bd5eb81713bcc2d27b461e1083ba5c00548156a8_amd64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:a464a9d46467012d73772656bd5eb81713bcc2d27b461e1083ba5c00548156a8_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:a464a9d46467012d73772656bd5eb81713bcc2d27b461e1083ba5c00548156a8_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:b3cb1d388c9d992b4721a1087e142255583868d0c855f5603d37b67d2c0ed64c_arm64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:b3cb1d388c9d992b4721a1087e142255583868d0c855f5603d37b67d2c0ed64c_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:b3cb1d388c9d992b4721a1087e142255583868d0c855f5603d37b67d2c0ed64c_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:d66e556ff0b55bf9a54b45dc26e5175a662be785440db589efe01efa9da30d0e_ppc64le as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:d66e556ff0b55bf9a54b45dc26e5175a662be785440db589efe01efa9da30d0e_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:d66e556ff0b55bf9a54b45dc26e5175a662be785440db589efe01efa9da30d0e_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:2b20ddec4825b4224839823ce56183cd163491142b9d613f51f5e15859c0bf2f_amd64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:2b20ddec4825b4224839823ce56183cd163491142b9d613f51f5e15859c0bf2f_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:2b20ddec4825b4224839823ce56183cd163491142b9d613f51f5e15859c0bf2f_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:5cf7bb103490cb1b5423c7d02d5b412f9059dca5455770fb0ecae8e1331493d7_s390x as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:5cf7bb103490cb1b5423c7d02d5b412f9059dca5455770fb0ecae8e1331493d7_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:5cf7bb103490cb1b5423c7d02d5b412f9059dca5455770fb0ecae8e1331493d7_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:c9456c7efa795d600500ab1c05e30ac7ce8f83fd571c5d8cfc0d382fcf575d9f_ppc64le as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:c9456c7efa795d600500ab1c05e30ac7ce8f83fd571c5d8cfc0d382fcf575d9f_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:c9456c7efa795d600500ab1c05e30ac7ce8f83fd571c5d8cfc0d382fcf575d9f_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:d1773b6567bd5ebd6b33e5ff24bafdd17e1d1f4dceb2a93fd4355bad0995b7a9_arm64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:d1773b6567bd5ebd6b33e5ff24bafdd17e1d1f4dceb2a93fd4355bad0995b7a9_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:d1773b6567bd5ebd6b33e5ff24bafdd17e1d1f4dceb2a93fd4355bad0995b7a9_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:4c30c0f1e5ba711350357dbfb9f5048129a90be5c28011f85116a2fb365c6f4c_ppc64le as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:4c30c0f1e5ba711350357dbfb9f5048129a90be5c28011f85116a2fb365c6f4c_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:4c30c0f1e5ba711350357dbfb9f5048129a90be5c28011f85116a2fb365c6f4c_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:88c09914c96a5eeea856d8ec05f7c4d7afff9537990a3508073a98de2977e983_amd64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:88c09914c96a5eeea856d8ec05f7c4d7afff9537990a3508073a98de2977e983_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:88c09914c96a5eeea856d8ec05f7c4d7afff9537990a3508073a98de2977e983_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:a2bbd28144d23264473715038172a92b199f6fb0a1b1f3f1cad2c56a3454fe00_s390x as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:a2bbd28144d23264473715038172a92b199f6fb0a1b1f3f1cad2c56a3454fe00_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:a2bbd28144d23264473715038172a92b199f6fb0a1b1f3f1cad2c56a3454fe00_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:b1619f86a599f1c386e8b487a1855b6f99a3538a619b55479debce224f541544_arm64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:b1619f86a599f1c386e8b487a1855b6f99a3538a619b55479debce224f541544_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:b1619f86a599f1c386e8b487a1855b6f99a3538a619b55479debce224f541544_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:09ddc268aff8a2e20a6678fe200843c4fc98e9e1d305074c5bbef73760ec15a9_arm64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:09ddc268aff8a2e20a6678fe200843c4fc98e9e1d305074c5bbef73760ec15a9_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:09ddc268aff8a2e20a6678fe200843c4fc98e9e1d305074c5bbef73760ec15a9_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:3d1a892c3842daea43ff64fa6bfb2276504003de0c8822412bb403e90c783d1b_s390x as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:3d1a892c3842daea43ff64fa6bfb2276504003de0c8822412bb403e90c783d1b_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:3d1a892c3842daea43ff64fa6bfb2276504003de0c8822412bb403e90c783d1b_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:5606d9e6154e3eb20a6c7b94346881ddedb155f54473f0713d67fe4fa0586ac3_amd64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:5606d9e6154e3eb20a6c7b94346881ddedb155f54473f0713d67fe4fa0586ac3_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:5606d9e6154e3eb20a6c7b94346881ddedb155f54473f0713d67fe4fa0586ac3_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:9e783056352c39529e7315855af6d05cde5b39c009d2e67b9d88fb0210d30ed0_ppc64le as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:9e783056352c39529e7315855af6d05cde5b39c009d2e67b9d88fb0210d30ed0_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:9e783056352c39529e7315855af6d05cde5b39c009d2e67b9d88fb0210d30ed0_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:140b3b9a9526130a50040e355eb02609e0c38bf9ec0a8d5bcefb31862e2024f7_arm64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:140b3b9a9526130a50040e355eb02609e0c38bf9ec0a8d5bcefb31862e2024f7_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:140b3b9a9526130a50040e355eb02609e0c38bf9ec0a8d5bcefb31862e2024f7_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:64efc33fe97ef9bcae490ff0ca61717dd48e6b0b0aab417e8ff252250baed576_s390x as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:64efc33fe97ef9bcae490ff0ca61717dd48e6b0b0aab417e8ff252250baed576_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:64efc33fe97ef9bcae490ff0ca61717dd48e6b0b0aab417e8ff252250baed576_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:994412dd0b9619d215a17d5ac684b11864f12030a399437247dbfa9f26061e31_ppc64le as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:994412dd0b9619d215a17d5ac684b11864f12030a399437247dbfa9f26061e31_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:994412dd0b9619d215a17d5ac684b11864f12030a399437247dbfa9f26061e31_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:f6a4ce6ceab1271e0afab9e60f4ef27745c584341ba944fd10e0b4209c8e4650_amd64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:f6a4ce6ceab1271e0afab9e60f4ef27745c584341ba944fd10e0b4209c8e4650_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:f6a4ce6ceab1271e0afab9e60f4ef27745c584341ba944fd10e0b4209c8e4650_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:13ef7c6b65ffe6a1b434091830aa08fe539d9befd8e55f3177e486e59fdfc9b5_amd64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:13ef7c6b65ffe6a1b434091830aa08fe539d9befd8e55f3177e486e59fdfc9b5_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:13ef7c6b65ffe6a1b434091830aa08fe539d9befd8e55f3177e486e59fdfc9b5_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:67bbdc696225283b4baa550a402fb03d9999ccd471a62622df1bbf0917ac8f52_ppc64le as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:67bbdc696225283b4baa550a402fb03d9999ccd471a62622df1bbf0917ac8f52_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:67bbdc696225283b4baa550a402fb03d9999ccd471a62622df1bbf0917ac8f52_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:8b16aa9760ba4402dfef3eac989432a794af7c1c71f3e1127f6077d54cdf244d_arm64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:8b16aa9760ba4402dfef3eac989432a794af7c1c71f3e1127f6077d54cdf244d_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:8b16aa9760ba4402dfef3eac989432a794af7c1c71f3e1127f6077d54cdf244d_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:dad83ae3c921ff7444f8317fbdc165a43f9177b5d0554b08a960d9752ed1dbf8_s390x as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:dad83ae3c921ff7444f8317fbdc165a43f9177b5d0554b08a960d9752ed1dbf8_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:dad83ae3c921ff7444f8317fbdc165a43f9177b5d0554b08a960d9752ed1dbf8_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:57538de1fa62ef85ff3bcf844e90d44d79bb35bae50b21b2029d5fdcb909520c_s390x as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:57538de1fa62ef85ff3bcf844e90d44d79bb35bae50b21b2029d5fdcb909520c_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:57538de1fa62ef85ff3bcf844e90d44d79bb35bae50b21b2029d5fdcb909520c_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:b0c240f80580258ce2e46a0799839048a13c75ea5f0c1afdeb197f7fa559c2f3_arm64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:b0c240f80580258ce2e46a0799839048a13c75ea5f0c1afdeb197f7fa559c2f3_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:b0c240f80580258ce2e46a0799839048a13c75ea5f0c1afdeb197f7fa559c2f3_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:b7e8f2fc682eb7ae91bb81b41e2b3e0b11fbabf1399e3013cd1353d3e5503423_ppc64le as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:b7e8f2fc682eb7ae91bb81b41e2b3e0b11fbabf1399e3013cd1353d3e5503423_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:b7e8f2fc682eb7ae91bb81b41e2b3e0b11fbabf1399e3013cd1353d3e5503423_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:bb4a9276e2362c620f8db391c796e04e5baedef7e677b58385283ade2cd3210e_amd64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:bb4a9276e2362c620f8db391c796e04e5baedef7e677b58385283ade2cd3210e_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:bb4a9276e2362c620f8db391c796e04e5baedef7e677b58385283ade2cd3210e_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:19521b1b70014a01fa4c7eb5852bd621714246aaa05ea39664357b3ab8f5aae4_amd64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:19521b1b70014a01fa4c7eb5852bd621714246aaa05ea39664357b3ab8f5aae4_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:19521b1b70014a01fa4c7eb5852bd621714246aaa05ea39664357b3ab8f5aae4_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:63056ed45fb5ba627a3cd35d0866d49ebcfa214e1fef12e8005540b656948cbf_s390x as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:63056ed45fb5ba627a3cd35d0866d49ebcfa214e1fef12e8005540b656948cbf_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:63056ed45fb5ba627a3cd35d0866d49ebcfa214e1fef12e8005540b656948cbf_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:b590daae5128cf8d3c83fe406a6c293ed496cd75015dd9c04fe8e75677bcf898_arm64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:b590daae5128cf8d3c83fe406a6c293ed496cd75015dd9c04fe8e75677bcf898_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:b590daae5128cf8d3c83fe406a6c293ed496cd75015dd9c04fe8e75677bcf898_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:c6e7572299b082af41e6354ba0c793961b525df3131710da9b7fa1700864e0ee_ppc64le as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:c6e7572299b082af41e6354ba0c793961b525df3131710da9b7fa1700864e0ee_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:c6e7572299b082af41e6354ba0c793961b525df3131710da9b7fa1700864e0ee_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:1ca6accd21c73a5e7bf04400e042fd1ee84ff7d18754e50fed5f5dd8f92c1208_arm64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:1ca6accd21c73a5e7bf04400e042fd1ee84ff7d18754e50fed5f5dd8f92c1208_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:1ca6accd21c73a5e7bf04400e042fd1ee84ff7d18754e50fed5f5dd8f92c1208_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:385376977c96bac3a56120ec859b410f8eb869d61195ceca2ab6b8602ae60f98_ppc64le as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:385376977c96bac3a56120ec859b410f8eb869d61195ceca2ab6b8602ae60f98_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:385376977c96bac3a56120ec859b410f8eb869d61195ceca2ab6b8602ae60f98_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:486133a133b4eb1886bf64ca623ffedf08b1eb102fa9c129614bb9ac711afdad_amd64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:486133a133b4eb1886bf64ca623ffedf08b1eb102fa9c129614bb9ac711afdad_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:486133a133b4eb1886bf64ca623ffedf08b1eb102fa9c129614bb9ac711afdad_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:87a79c1d5b549de5dd7295ee7e6051a3d31a3d09b016a4904a2f0f29661468f8_s390x as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:87a79c1d5b549de5dd7295ee7e6051a3d31a3d09b016a4904a2f0f29661468f8_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:87a79c1d5b549de5dd7295ee7e6051a3d31a3d09b016a4904a2f0f29661468f8_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:205fb68996e4662d1dc53846fe878f3704caaff051e788b9b8c01c653d2d2dd6_ppc64le as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:205fb68996e4662d1dc53846fe878f3704caaff051e788b9b8c01c653d2d2dd6_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:205fb68996e4662d1dc53846fe878f3704caaff051e788b9b8c01c653d2d2dd6_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:7c2ec1a251c2bf42c2b90a092e3a1e781b0e6b78894574324f559dc3ce05b918_s390x as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:7c2ec1a251c2bf42c2b90a092e3a1e781b0e6b78894574324f559dc3ce05b918_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:7c2ec1a251c2bf42c2b90a092e3a1e781b0e6b78894574324f559dc3ce05b918_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:b94388d2168c576294a666ad688c11058a9120a1f82f46b00e17efc7cac8e283_arm64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:b94388d2168c576294a666ad688c11058a9120a1f82f46b00e17efc7cac8e283_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:b94388d2168c576294a666ad688c11058a9120a1f82f46b00e17efc7cac8e283_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:e89b050a707bd7ce17b43a72bb9a39a3e587dbadb607b16c52848609b0d6ac13_amd64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:e89b050a707bd7ce17b43a72bb9a39a3e587dbadb607b16c52848609b0d6ac13_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:e89b050a707bd7ce17b43a72bb9a39a3e587dbadb607b16c52848609b0d6ac13_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:4961180b0cf3005e3b13596a62d00b5417b79db6763ed6499bbdd33ffc5e7d8f_ppc64le as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:4961180b0cf3005e3b13596a62d00b5417b79db6763ed6499bbdd33ffc5e7d8f_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:4961180b0cf3005e3b13596a62d00b5417b79db6763ed6499bbdd33ffc5e7d8f_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:8f0a22e65065dd0a0d7603d880ba5204f697cab690d48bec4096ac4dfced34eb_arm64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:8f0a22e65065dd0a0d7603d880ba5204f697cab690d48bec4096ac4dfced34eb_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:8f0a22e65065dd0a0d7603d880ba5204f697cab690d48bec4096ac4dfced34eb_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:c531d7b27a6ab1f33e07badfd713ef3fb2c51be09e2a054654d88e634e74211b_amd64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:c531d7b27a6ab1f33e07badfd713ef3fb2c51be09e2a054654d88e634e74211b_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:c531d7b27a6ab1f33e07badfd713ef3fb2c51be09e2a054654d88e634e74211b_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:c6e080ca0bd427202f59aaa22ebbe6c0e605ea826a39a7ae6d31830847a2abb4_s390x as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:c6e080ca0bd427202f59aaa22ebbe6c0e605ea826a39a7ae6d31830847a2abb4_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:c6e080ca0bd427202f59aaa22ebbe6c0e605ea826a39a7ae6d31830847a2abb4_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:657056516c00fda9f925f3a49cb77fbee15bd85744da16eb30fc6d5b50f19cb5_ppc64le as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:657056516c00fda9f925f3a49cb77fbee15bd85744da16eb30fc6d5b50f19cb5_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:657056516c00fda9f925f3a49cb77fbee15bd85744da16eb30fc6d5b50f19cb5_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:8427851fc9e645146de5aa8f1fbc1b43ae774d4373f3523b5236eae17d54976c_s390x as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:8427851fc9e645146de5aa8f1fbc1b43ae774d4373f3523b5236eae17d54976c_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:8427851fc9e645146de5aa8f1fbc1b43ae774d4373f3523b5236eae17d54976c_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:91eb2632f9174d001ccdd904a6b0ee2aa08e31b784fb7854d6e00ef5537797f2_arm64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:91eb2632f9174d001ccdd904a6b0ee2aa08e31b784fb7854d6e00ef5537797f2_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:91eb2632f9174d001ccdd904a6b0ee2aa08e31b784fb7854d6e00ef5537797f2_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:ceacd9e28ebf4e2b8be2915703fcb47739098a1ef0eb47cfd5165ab09ae5f11f_amd64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:ceacd9e28ebf4e2b8be2915703fcb47739098a1ef0eb47cfd5165ab09ae5f11f_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:ceacd9e28ebf4e2b8be2915703fcb47739098a1ef0eb47cfd5165ab09ae5f11f_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:10710f43daa6a7596580e2251a4ce78b9f5f129b69ae86b830fac2ced267dc53_ppc64le as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:10710f43daa6a7596580e2251a4ce78b9f5f129b69ae86b830fac2ced267dc53_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:10710f43daa6a7596580e2251a4ce78b9f5f129b69ae86b830fac2ced267dc53_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:5028095ad4062ba947075e6c1064c6cae11a3a7495bd5ed93a2dd47fa08abf7f_s390x as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:5028095ad4062ba947075e6c1064c6cae11a3a7495bd5ed93a2dd47fa08abf7f_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:5028095ad4062ba947075e6c1064c6cae11a3a7495bd5ed93a2dd47fa08abf7f_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:73343845c72dea40bfa36649b13d1d241f0190aa7b4d4e05952b43710ef8de42_arm64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:73343845c72dea40bfa36649b13d1d241f0190aa7b4d4e05952b43710ef8de42_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:73343845c72dea40bfa36649b13d1d241f0190aa7b4d4e05952b43710ef8de42_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:b683c66057d65b6ca4360a31811944b4083de6b6294cf09a1c841a4498cbfd0e_amd64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:b683c66057d65b6ca4360a31811944b4083de6b6294cf09a1c841a4498cbfd0e_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:b683c66057d65b6ca4360a31811944b4083de6b6294cf09a1c841a4498cbfd0e_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:4909fc1686e26c789c42426b51718ef756c595b25ba7bb372f80cbe76cd81e50_s390x as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:4909fc1686e26c789c42426b51718ef756c595b25ba7bb372f80cbe76cd81e50_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:4909fc1686e26c789c42426b51718ef756c595b25ba7bb372f80cbe76cd81e50_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:647960dd990e5d4b7203450392a03d5e395de52b9a09b7488897f76f9ec16ac3_arm64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:647960dd990e5d4b7203450392a03d5e395de52b9a09b7488897f76f9ec16ac3_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:647960dd990e5d4b7203450392a03d5e395de52b9a09b7488897f76f9ec16ac3_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:98ef84a6f8d90cb09113e6a3431fa00c5910ab5ba9e8263e22f7c2fc39443c20_amd64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:98ef84a6f8d90cb09113e6a3431fa00c5910ab5ba9e8263e22f7c2fc39443c20_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:98ef84a6f8d90cb09113e6a3431fa00c5910ab5ba9e8263e22f7c2fc39443c20_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:f4ec8416deebe2f69231a2d137e05f0b244216826e1c029ff751d46cea8e0e09_ppc64le as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:f4ec8416deebe2f69231a2d137e05f0b244216826e1c029ff751d46cea8e0e09_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:f4ec8416deebe2f69231a2d137e05f0b244216826e1c029ff751d46cea8e0e09_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/hive-rhel9@sha256:34b737d8960e90357006419682b8b28f10d30cec8ae8ddfbdc7805cddb0ae120_s390x as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:34b737d8960e90357006419682b8b28f10d30cec8ae8ddfbdc7805cddb0ae120_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/hive-rhel9@sha256:34b737d8960e90357006419682b8b28f10d30cec8ae8ddfbdc7805cddb0ae120_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/hive-rhel9@sha256:65595440f3d1b49881d658d7fbfc3e48805a010e8b4808a0c113b25725b6d5df_ppc64le as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:65595440f3d1b49881d658d7fbfc3e48805a010e8b4808a0c113b25725b6d5df_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/hive-rhel9@sha256:65595440f3d1b49881d658d7fbfc3e48805a010e8b4808a0c113b25725b6d5df_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/hive-rhel9@sha256:755cea404ea13004e6d142985f6c7607d3d87daec4db4861bd06b6cbbeb62047_amd64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:755cea404ea13004e6d142985f6c7607d3d87daec4db4861bd06b6cbbeb62047_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/hive-rhel9@sha256:755cea404ea13004e6d142985f6c7607d3d87daec4db4861bd06b6cbbeb62047_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/hive-rhel9@sha256:a67877772626c15a61c0c84009c7a4aed49e352d08d1fb518325a5190975cee6_arm64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:a67877772626c15a61c0c84009c7a4aed49e352d08d1fb518325a5190975cee6_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/hive-rhel9@sha256:a67877772626c15a61c0c84009c7a4aed49e352d08d1fb518325a5190975cee6_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:38fc5ff2e94071852aaeafe98394ad26a15384046a3979e731e074c131b0e89c_ppc64le as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:38fc5ff2e94071852aaeafe98394ad26a15384046a3979e731e074c131b0e89c_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:38fc5ff2e94071852aaeafe98394ad26a15384046a3979e731e074c131b0e89c_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:49bc55113a9e69d0555440dab3b73c436fa9c7032f1d22e5cfdb592f5a78bd62_amd64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:49bc55113a9e69d0555440dab3b73c436fa9c7032f1d22e5cfdb592f5a78bd62_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:49bc55113a9e69d0555440dab3b73c436fa9c7032f1d22e5cfdb592f5a78bd62_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:75f3f3856b19e3169e534f148048fa0ff34974523723850da22fa982c6771165_s390x as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:75f3f3856b19e3169e534f148048fa0ff34974523723850da22fa982c6771165_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:75f3f3856b19e3169e534f148048fa0ff34974523723850da22fa982c6771165_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:ba7d02e77d8dd52dd61425b27b400e0b3b2db16a82addb444bf12ec6d30a3364_arm64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:ba7d02e77d8dd52dd61425b27b400e0b3b2db16a82addb444bf12ec6d30a3364_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:ba7d02e77d8dd52dd61425b27b400e0b3b2db16a82addb444bf12ec6d30a3364_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:4a78df0a94677a0eefa21b58a9ce4e277f02ae73b62def3c67ff530a352e3f6c_amd64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:4a78df0a94677a0eefa21b58a9ce4e277f02ae73b62def3c67ff530a352e3f6c_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:4a78df0a94677a0eefa21b58a9ce4e277f02ae73b62def3c67ff530a352e3f6c_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:656d328dab901a6c91acd23695d857c74e513b03424dac9070b013786b5b15d7_ppc64le as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:656d328dab901a6c91acd23695d857c74e513b03424dac9070b013786b5b15d7_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:656d328dab901a6c91acd23695d857c74e513b03424dac9070b013786b5b15d7_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:9b4d478ea1b8f678154eae25a63fa4c5efaf6c6d2af26200bb5fd5d24288c2ce_arm64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:9b4d478ea1b8f678154eae25a63fa4c5efaf6c6d2af26200bb5fd5d24288c2ce_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:9b4d478ea1b8f678154eae25a63fa4c5efaf6c6d2af26200bb5fd5d24288c2ce_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:bdb1cb4d3ed7e091b2241e5e279a8b327d3710396597e215b718a677f96878ed_s390x as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:bdb1cb4d3ed7e091b2241e5e279a8b327d3710396597e215b718a677f96878ed_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:bdb1cb4d3ed7e091b2241e5e279a8b327d3710396597e215b718a677f96878ed_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:3a178a67d25889f7999f738077ed6a9247a77b9507aa7a05921fcff60b9d2636_arm64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:3a178a67d25889f7999f738077ed6a9247a77b9507aa7a05921fcff60b9d2636_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:3a178a67d25889f7999f738077ed6a9247a77b9507aa7a05921fcff60b9d2636_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:3f0158b470e1cd9a76d28d7d3840e722548900b045e23bdd110c0eefae987249_amd64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:3f0158b470e1cd9a76d28d7d3840e722548900b045e23bdd110c0eefae987249_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:3f0158b470e1cd9a76d28d7d3840e722548900b045e23bdd110c0eefae987249_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:49d9b1b412dc6adada0336e6fa9088e732b67a77baa77e802d44d36a31b7b675_s390x as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:49d9b1b412dc6adada0336e6fa9088e732b67a77baa77e802d44d36a31b7b675_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:49d9b1b412dc6adada0336e6fa9088e732b67a77baa77e802d44d36a31b7b675_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:65872b0324e907feaa4e7f2851d29d35306549ce35005259eaf6cb1f560c7a06_ppc64le as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:65872b0324e907feaa4e7f2851d29d35306549ce35005259eaf6cb1f560c7a06_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:65872b0324e907feaa4e7f2851d29d35306549ce35005259eaf6cb1f560c7a06_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:7aafa8c6604fab9ddd9d7e01ce2e32dac0496f3ffe0468aaefca10aba3a02d7f_ppc64le as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:7aafa8c6604fab9ddd9d7e01ce2e32dac0496f3ffe0468aaefca10aba3a02d7f_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:7aafa8c6604fab9ddd9d7e01ce2e32dac0496f3ffe0468aaefca10aba3a02d7f_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:a50ba0fa8810e141d7e0fa31e6f5387c9335ed8fc83f95c4293be0212f15e658_amd64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:a50ba0fa8810e141d7e0fa31e6f5387c9335ed8fc83f95c4293be0212f15e658_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:a50ba0fa8810e141d7e0fa31e6f5387c9335ed8fc83f95c4293be0212f15e658_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:baa6d9bc58f4d70b7207688bd743e940b51a1d677b3ae357e8b81cb739e2790c_arm64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:baa6d9bc58f4d70b7207688bd743e940b51a1d677b3ae357e8b81cb739e2790c_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:baa6d9bc58f4d70b7207688bd743e940b51a1d677b3ae357e8b81cb739e2790c_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:cdbcc2e47b1e2846b1d847bdf1a2e8972e1bcd5a55756feb15def6c20812f0ef_s390x as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:cdbcc2e47b1e2846b1d847bdf1a2e8972e1bcd5a55756feb15def6c20812f0ef_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:cdbcc2e47b1e2846b1d847bdf1a2e8972e1bcd5a55756feb15def6c20812f0ef_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:13c46cc94f63978ae9aad5e5a8e28f05602a165eb264f5d3a36af7b320f40030_arm64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:13c46cc94f63978ae9aad5e5a8e28f05602a165eb264f5d3a36af7b320f40030_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:13c46cc94f63978ae9aad5e5a8e28f05602a165eb264f5d3a36af7b320f40030_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:9e9170e5f4303bb0d664e875656971a359f42100ffcad76cf895db0bee84cb19_amd64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:9e9170e5f4303bb0d664e875656971a359f42100ffcad76cf895db0bee84cb19_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:9e9170e5f4303bb0d664e875656971a359f42100ffcad76cf895db0bee84cb19_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:c8939d68dc4dea211e4aadef72d92cc4be2650407581f807241ccda0bb8960fc_ppc64le as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:c8939d68dc4dea211e4aadef72d92cc4be2650407581f807241ccda0bb8960fc_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:c8939d68dc4dea211e4aadef72d92cc4be2650407581f807241ccda0bb8960fc_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:e24ccd1d29f5d3019c0b64f8ef9bdcb235eb9555e67d625c06339865727fdd92_s390x as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:e24ccd1d29f5d3019c0b64f8ef9bdcb235eb9555e67d625c06339865727fdd92_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:e24ccd1d29f5d3019c0b64f8ef9bdcb235eb9555e67d625c06339865727fdd92_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:101d95caac7754e2a52d604b5458c1e37f243baa00f63270cbed87eb1b070057_ppc64le as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:101d95caac7754e2a52d604b5458c1e37f243baa00f63270cbed87eb1b070057_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:101d95caac7754e2a52d604b5458c1e37f243baa00f63270cbed87eb1b070057_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:17996ed18a7c5946d45802bf31f8a5075c6080f8e5340334d21764f6bd946454_arm64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:17996ed18a7c5946d45802bf31f8a5075c6080f8e5340334d21764f6bd946454_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:17996ed18a7c5946d45802bf31f8a5075c6080f8e5340334d21764f6bd946454_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:42cd33038c6dc4f5f60ad6d62a29a3446fe69c632238614005cc2d9ed1d65902_s390x as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:42cd33038c6dc4f5f60ad6d62a29a3446fe69c632238614005cc2d9ed1d65902_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:42cd33038c6dc4f5f60ad6d62a29a3446fe69c632238614005cc2d9ed1d65902_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:a16813a750131e825a9cae498bbcfd6b377f6762e08e8743ef06f4eb06a7297c_amd64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:a16813a750131e825a9cae498bbcfd6b377f6762e08e8743ef06f4eb06a7297c_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:a16813a750131e825a9cae498bbcfd6b377f6762e08e8743ef06f4eb06a7297c_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:65d3d04cada5750601d2372642d14e64320cee7b8a5286e11fdd477ba8b5e7ba_s390x as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:65d3d04cada5750601d2372642d14e64320cee7b8a5286e11fdd477ba8b5e7ba_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:65d3d04cada5750601d2372642d14e64320cee7b8a5286e11fdd477ba8b5e7ba_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:7e83ecbd9f40272e5359826761a2b6d9f48a299d99ffa245e4343d2a5526b289_arm64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:7e83ecbd9f40272e5359826761a2b6d9f48a299d99ffa245e4343d2a5526b289_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:7e83ecbd9f40272e5359826761a2b6d9f48a299d99ffa245e4343d2a5526b289_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:92c0a5ad9e0f0825cf06b1ffdd753180b60b553a55675b327b34146081c41ae6_ppc64le as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:92c0a5ad9e0f0825cf06b1ffdd753180b60b553a55675b327b34146081c41ae6_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:92c0a5ad9e0f0825cf06b1ffdd753180b60b553a55675b327b34146081c41ae6_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b388e4e313a3e2b766a443b14a7c932ae6aa0b2aa1e39c450c34ec3cb540074d_amd64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b388e4e313a3e2b766a443b14a7c932ae6aa0b2aa1e39c450c34ec3cb540074d_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b388e4e313a3e2b766a443b14a7c932ae6aa0b2aa1e39c450c34ec3cb540074d_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:2389723dc391b58f2b78a873d7b3ce061835dd0851806c0ac1807f1a5fdb1ccf_ppc64le as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:2389723dc391b58f2b78a873d7b3ce061835dd0851806c0ac1807f1a5fdb1ccf_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:2389723dc391b58f2b78a873d7b3ce061835dd0851806c0ac1807f1a5fdb1ccf_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:2d4c85b612c10c09608c6a54cd9e55487439a30635938e018ea66f3562d5995b_s390x as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:2d4c85b612c10c09608c6a54cd9e55487439a30635938e018ea66f3562d5995b_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:2d4c85b612c10c09608c6a54cd9e55487439a30635938e018ea66f3562d5995b_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:30b9c14e2c64f979c5775c331b264223075f8aa29199c9bdbb2365480553a061_amd64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:30b9c14e2c64f979c5775c331b264223075f8aa29199c9bdbb2365480553a061_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:30b9c14e2c64f979c5775c331b264223075f8aa29199c9bdbb2365480553a061_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:853563cd50f8782fbd516fa1d4154593e421757677cd1fdbbf32cd8cb6231a99_arm64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:853563cd50f8782fbd516fa1d4154593e421757677cd1fdbbf32cd8cb6231a99_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:853563cd50f8782fbd516fa1d4154593e421757677cd1fdbbf32cd8cb6231a99_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:03d39fb027b3d3db514d944e1911266e99b0fb5671cefa7287dc898aa0116ed9_s390x as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:03d39fb027b3d3db514d944e1911266e99b0fb5671cefa7287dc898aa0116ed9_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:03d39fb027b3d3db514d944e1911266e99b0fb5671cefa7287dc898aa0116ed9_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:15409fb17ca0e206d33b2819c8459e2ef609cb34ec0f4debd786bb2c8c4162f6_arm64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:15409fb17ca0e206d33b2819c8459e2ef609cb34ec0f4debd786bb2c8c4162f6_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:15409fb17ca0e206d33b2819c8459e2ef609cb34ec0f4debd786bb2c8c4162f6_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:d44f4a854122aad1cf7bd4e5611ee36557a86331cb687236401237858f1150f6_ppc64le as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:d44f4a854122aad1cf7bd4e5611ee36557a86331cb687236401237858f1150f6_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:d44f4a854122aad1cf7bd4e5611ee36557a86331cb687236401237858f1150f6_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:fa649457709bd0d8098b928dc8ff1813169c7abc82af9c4f81e270ef77e83c63_amd64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:fa649457709bd0d8098b928dc8ff1813169c7abc82af9c4f81e270ef77e83c63_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:fa649457709bd0d8098b928dc8ff1813169c7abc82af9c4f81e270ef77e83c63_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:0fb43c8bc323fb5066209cbd990c260096c331a5eca5a695c9715765cb5fcaef_arm64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:0fb43c8bc323fb5066209cbd990c260096c331a5eca5a695c9715765cb5fcaef_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:0fb43c8bc323fb5066209cbd990c260096c331a5eca5a695c9715765cb5fcaef_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:64aefc4a5241b636add963a7ae9c80e89fb6e51c2c70b1340c16c2a396223460_ppc64le as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:64aefc4a5241b636add963a7ae9c80e89fb6e51c2c70b1340c16c2a396223460_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:64aefc4a5241b636add963a7ae9c80e89fb6e51c2c70b1340c16c2a396223460_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:95d4dcb17bfe3ba981ce84a27e79e8bad1f0574b7d287316ac885c3a03b47d0b_s390x as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:95d4dcb17bfe3ba981ce84a27e79e8bad1f0574b7d287316ac885c3a03b47d0b_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:95d4dcb17bfe3ba981ce84a27e79e8bad1f0574b7d287316ac885c3a03b47d0b_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:d37298739aa029391da1e24a052d68fb4d42a654493f3f9c0cf5f84894b2a359_amd64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:d37298739aa029391da1e24a052d68fb4d42a654493f3f9c0cf5f84894b2a359_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:d37298739aa029391da1e24a052d68fb4d42a654493f3f9c0cf5f84894b2a359_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/placement-rhel9@sha256:0adb1f93691c91c098e88d10a5c85bb9c40a86c97ce9da03db4ef046aa729046_s390x as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:0adb1f93691c91c098e88d10a5c85bb9c40a86c97ce9da03db4ef046aa729046_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/placement-rhel9@sha256:0adb1f93691c91c098e88d10a5c85bb9c40a86c97ce9da03db4ef046aa729046_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/placement-rhel9@sha256:20f4edc0c5cec375d29a0d1556f57d107da7300bf9fa0bbb79a03241f8103d0e_arm64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:20f4edc0c5cec375d29a0d1556f57d107da7300bf9fa0bbb79a03241f8103d0e_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/placement-rhel9@sha256:20f4edc0c5cec375d29a0d1556f57d107da7300bf9fa0bbb79a03241f8103d0e_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/placement-rhel9@sha256:a3eb86fccb73f1177cb8ecc0a2f0c34977a51d2e1dc6f206f7d9abcda51a1950_ppc64le as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:a3eb86fccb73f1177cb8ecc0a2f0c34977a51d2e1dc6f206f7d9abcda51a1950_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/placement-rhel9@sha256:a3eb86fccb73f1177cb8ecc0a2f0c34977a51d2e1dc6f206f7d9abcda51a1950_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/placement-rhel9@sha256:b2e406bf1cdc672d655c6805851b6f511a293f3d44c844663a3bab720c3ceff1_amd64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:b2e406bf1cdc672d655c6805851b6f511a293f3d44c844663a3bab720c3ceff1_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/placement-rhel9@sha256:b2e406bf1cdc672d655c6805851b6f511a293f3d44c844663a3bab720c3ceff1_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:609b6f5a0f9f1d86d123414bbf80b79afa50d575c8e9d57845db41b798a32369_s390x as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:609b6f5a0f9f1d86d123414bbf80b79afa50d575c8e9d57845db41b798a32369_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:609b6f5a0f9f1d86d123414bbf80b79afa50d575c8e9d57845db41b798a32369_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:759c3b2c67e24f134f48628adb4c81bb82a060f57821ece082ba043831f6e730_amd64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:759c3b2c67e24f134f48628adb4c81bb82a060f57821ece082ba043831f6e730_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:759c3b2c67e24f134f48628adb4c81bb82a060f57821ece082ba043831f6e730_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:8a14ece050720263b1e66751121324660edae661a27e5401c94082ca5fd2a6aa_ppc64le as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:8a14ece050720263b1e66751121324660edae661a27e5401c94082ca5fd2a6aa_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:8a14ece050720263b1e66751121324660edae661a27e5401c94082ca5fd2a6aa_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:d96ae13c66493e6e82532abb5aa0ca4e97409539ac3d0f0bb8ad25e9b8b84141_arm64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:d96ae13c66493e6e82532abb5aa0ca4e97409539ac3d0f0bb8ad25e9b8b84141_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:d96ae13c66493e6e82532abb5aa0ca4e97409539ac3d0f0bb8ad25e9b8b84141_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:76e7acc3f5083d73cbcfdaf4d59790070ef1b77a202242d661540bbefcc92542_arm64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:76e7acc3f5083d73cbcfdaf4d59790070ef1b77a202242d661540bbefcc92542_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:76e7acc3f5083d73cbcfdaf4d59790070ef1b77a202242d661540bbefcc92542_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:a8583d0cb70c604bcdf595eac14ce3f25ca4ffd98d0ebb7c38ae9601b3906fee_ppc64le as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:a8583d0cb70c604bcdf595eac14ce3f25ca4ffd98d0ebb7c38ae9601b3906fee_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:a8583d0cb70c604bcdf595eac14ce3f25ca4ffd98d0ebb7c38ae9601b3906fee_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:c97f22fa4f3502f16a68d488692ebf7cc048f49b5c56820670f29d5fdaa7d960_s390x as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:c97f22fa4f3502f16a68d488692ebf7cc048f49b5c56820670f29d5fdaa7d960_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:c97f22fa4f3502f16a68d488692ebf7cc048f49b5c56820670f29d5fdaa7d960_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:db050305b80c665ecbd3c205b0acd660487874bfba688bd715e26fb151fd2189_amd64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:db050305b80c665ecbd3c205b0acd660487874bfba688bd715e26fb151fd2189_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:db050305b80c665ecbd3c205b0acd660487874bfba688bd715e26fb151fd2189_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/registration-rhel9@sha256:47b70eda9d66d5ecf0b503b65401907cd6563b9dc1a72ece63ba7ecdcd08487a_s390x as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:47b70eda9d66d5ecf0b503b65401907cd6563b9dc1a72ece63ba7ecdcd08487a_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/registration-rhel9@sha256:47b70eda9d66d5ecf0b503b65401907cd6563b9dc1a72ece63ba7ecdcd08487a_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/registration-rhel9@sha256:6ea72894ba4d2ec772ab6565019f4600234957af802797c650c32516d56ea121_arm64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:6ea72894ba4d2ec772ab6565019f4600234957af802797c650c32516d56ea121_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/registration-rhel9@sha256:6ea72894ba4d2ec772ab6565019f4600234957af802797c650c32516d56ea121_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/registration-rhel9@sha256:7d701a3e0495b98428f1cb072dd1fd655963fa4b4537198d26cd62e3c38fff63_amd64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:7d701a3e0495b98428f1cb072dd1fd655963fa4b4537198d26cd62e3c38fff63_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/registration-rhel9@sha256:7d701a3e0495b98428f1cb072dd1fd655963fa4b4537198d26cd62e3c38fff63_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/registration-rhel9@sha256:dc78fbb014fa97d6ee2b2b32475dc39c7277f132558c7f8b5299b6a85018043a_ppc64le as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:dc78fbb014fa97d6ee2b2b32475dc39c7277f132558c7f8b5299b6a85018043a_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/registration-rhel9@sha256:dc78fbb014fa97d6ee2b2b32475dc39c7277f132558c7f8b5299b6a85018043a_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/work-rhel9@sha256:52cb87eb762d0aeb6fc26335f7416bd1975c64ebc55d37914553178627e4325c_arm64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:52cb87eb762d0aeb6fc26335f7416bd1975c64ebc55d37914553178627e4325c_arm64"
},
"product_reference": "registry.redhat.io/multicluster-engine/work-rhel9@sha256:52cb87eb762d0aeb6fc26335f7416bd1975c64ebc55d37914553178627e4325c_arm64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/work-rhel9@sha256:76e2cca6983c688231e90f11868900ae32fb495032ffdf1a27eaceb34e24d51c_amd64 as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:76e2cca6983c688231e90f11868900ae32fb495032ffdf1a27eaceb34e24d51c_amd64"
},
"product_reference": "registry.redhat.io/multicluster-engine/work-rhel9@sha256:76e2cca6983c688231e90f11868900ae32fb495032ffdf1a27eaceb34e24d51c_amd64",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/work-rhel9@sha256:bbfc3a0e887427d11018ac789ff75b6d94167f52fbc756749e3d54391d4355bb_s390x as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:bbfc3a0e887427d11018ac789ff75b6d94167f52fbc756749e3d54391d4355bb_s390x"
},
"product_reference": "registry.redhat.io/multicluster-engine/work-rhel9@sha256:bbfc3a0e887427d11018ac789ff75b6d94167f52fbc756749e3d54391d4355bb_s390x",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-engine/work-rhel9@sha256:bc9f9494efef5a03e42db6a0da3d79717420b932d176e66f33885beb47ac1f8b_ppc64le as a component of multicluster engine for Kubernetes 2.10",
"product_id": "multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:bc9f9494efef5a03e42db6a0da3d79717420b932d176e66f33885beb47ac1f8b_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-engine/work-rhel9@sha256:bc9f9494efef5a03e42db6a0da3d79717420b932d176e66f33885beb47ac1f8b_ppc64le",
"relates_to_product_reference": "multicluster engine for Kubernetes 2.10"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-13465",
"cwe": {
"id": "CWE-1321",
"name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
},
"discovery_date": "2026-01-21T20:01:28.774829+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:6010f1e00ada07c0100468bde8ab20c176610f9d8e7498fc26d46960d63c9984_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:9530059a49869e8f1909a7ab06036c7fd36018a14ae2e6f22c5c0c1868eaaf49_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:b1eb4a408936b8cd0863c04fb7fe3a72e875c06d9f5c33dca4c82dd4a05a027f_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:ea9dda951ced7f3641ba5afd651191a75321cb0db5e251f66a510bc6d6f0f090_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:1a9bf49ede874a64c5acbe426e62324b564458e5575db9dd95230a15933e9adc_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:a464a9d46467012d73772656bd5eb81713bcc2d27b461e1083ba5c00548156a8_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:b3cb1d388c9d992b4721a1087e142255583868d0c855f5603d37b67d2c0ed64c_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:d66e556ff0b55bf9a54b45dc26e5175a662be785440db589efe01efa9da30d0e_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:2b20ddec4825b4224839823ce56183cd163491142b9d613f51f5e15859c0bf2f_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:5cf7bb103490cb1b5423c7d02d5b412f9059dca5455770fb0ecae8e1331493d7_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:c9456c7efa795d600500ab1c05e30ac7ce8f83fd571c5d8cfc0d382fcf575d9f_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:d1773b6567bd5ebd6b33e5ff24bafdd17e1d1f4dceb2a93fd4355bad0995b7a9_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:4c30c0f1e5ba711350357dbfb9f5048129a90be5c28011f85116a2fb365c6f4c_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:88c09914c96a5eeea856d8ec05f7c4d7afff9537990a3508073a98de2977e983_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:a2bbd28144d23264473715038172a92b199f6fb0a1b1f3f1cad2c56a3454fe00_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:b1619f86a599f1c386e8b487a1855b6f99a3538a619b55479debce224f541544_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:09ddc268aff8a2e20a6678fe200843c4fc98e9e1d305074c5bbef73760ec15a9_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:3d1a892c3842daea43ff64fa6bfb2276504003de0c8822412bb403e90c783d1b_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:5606d9e6154e3eb20a6c7b94346881ddedb155f54473f0713d67fe4fa0586ac3_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:9e783056352c39529e7315855af6d05cde5b39c009d2e67b9d88fb0210d30ed0_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:140b3b9a9526130a50040e355eb02609e0c38bf9ec0a8d5bcefb31862e2024f7_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:64efc33fe97ef9bcae490ff0ca61717dd48e6b0b0aab417e8ff252250baed576_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:994412dd0b9619d215a17d5ac684b11864f12030a399437247dbfa9f26061e31_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:f6a4ce6ceab1271e0afab9e60f4ef27745c584341ba944fd10e0b4209c8e4650_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:13ef7c6b65ffe6a1b434091830aa08fe539d9befd8e55f3177e486e59fdfc9b5_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:67bbdc696225283b4baa550a402fb03d9999ccd471a62622df1bbf0917ac8f52_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:8b16aa9760ba4402dfef3eac989432a794af7c1c71f3e1127f6077d54cdf244d_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:dad83ae3c921ff7444f8317fbdc165a43f9177b5d0554b08a960d9752ed1dbf8_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:57538de1fa62ef85ff3bcf844e90d44d79bb35bae50b21b2029d5fdcb909520c_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:b0c240f80580258ce2e46a0799839048a13c75ea5f0c1afdeb197f7fa559c2f3_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:b7e8f2fc682eb7ae91bb81b41e2b3e0b11fbabf1399e3013cd1353d3e5503423_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:bb4a9276e2362c620f8db391c796e04e5baedef7e677b58385283ade2cd3210e_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:19521b1b70014a01fa4c7eb5852bd621714246aaa05ea39664357b3ab8f5aae4_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:63056ed45fb5ba627a3cd35d0866d49ebcfa214e1fef12e8005540b656948cbf_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:b590daae5128cf8d3c83fe406a6c293ed496cd75015dd9c04fe8e75677bcf898_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:c6e7572299b082af41e6354ba0c793961b525df3131710da9b7fa1700864e0ee_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:1ca6accd21c73a5e7bf04400e042fd1ee84ff7d18754e50fed5f5dd8f92c1208_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:385376977c96bac3a56120ec859b410f8eb869d61195ceca2ab6b8602ae60f98_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:486133a133b4eb1886bf64ca623ffedf08b1eb102fa9c129614bb9ac711afdad_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:87a79c1d5b549de5dd7295ee7e6051a3d31a3d09b016a4904a2f0f29661468f8_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:205fb68996e4662d1dc53846fe878f3704caaff051e788b9b8c01c653d2d2dd6_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:7c2ec1a251c2bf42c2b90a092e3a1e781b0e6b78894574324f559dc3ce05b918_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:b94388d2168c576294a666ad688c11058a9120a1f82f46b00e17efc7cac8e283_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:e89b050a707bd7ce17b43a72bb9a39a3e587dbadb607b16c52848609b0d6ac13_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:4961180b0cf3005e3b13596a62d00b5417b79db6763ed6499bbdd33ffc5e7d8f_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:8f0a22e65065dd0a0d7603d880ba5204f697cab690d48bec4096ac4dfced34eb_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:c531d7b27a6ab1f33e07badfd713ef3fb2c51be09e2a054654d88e634e74211b_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:c6e080ca0bd427202f59aaa22ebbe6c0e605ea826a39a7ae6d31830847a2abb4_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:657056516c00fda9f925f3a49cb77fbee15bd85744da16eb30fc6d5b50f19cb5_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:8427851fc9e645146de5aa8f1fbc1b43ae774d4373f3523b5236eae17d54976c_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:91eb2632f9174d001ccdd904a6b0ee2aa08e31b784fb7854d6e00ef5537797f2_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:ceacd9e28ebf4e2b8be2915703fcb47739098a1ef0eb47cfd5165ab09ae5f11f_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:4909fc1686e26c789c42426b51718ef756c595b25ba7bb372f80cbe76cd81e50_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:647960dd990e5d4b7203450392a03d5e395de52b9a09b7488897f76f9ec16ac3_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:98ef84a6f8d90cb09113e6a3431fa00c5910ab5ba9e8263e22f7c2fc39443c20_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:f4ec8416deebe2f69231a2d137e05f0b244216826e1c029ff751d46cea8e0e09_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:34b737d8960e90357006419682b8b28f10d30cec8ae8ddfbdc7805cddb0ae120_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:65595440f3d1b49881d658d7fbfc3e48805a010e8b4808a0c113b25725b6d5df_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:755cea404ea13004e6d142985f6c7607d3d87daec4db4861bd06b6cbbeb62047_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:a67877772626c15a61c0c84009c7a4aed49e352d08d1fb518325a5190975cee6_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:38fc5ff2e94071852aaeafe98394ad26a15384046a3979e731e074c131b0e89c_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:49bc55113a9e69d0555440dab3b73c436fa9c7032f1d22e5cfdb592f5a78bd62_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:75f3f3856b19e3169e534f148048fa0ff34974523723850da22fa982c6771165_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:ba7d02e77d8dd52dd61425b27b400e0b3b2db16a82addb444bf12ec6d30a3364_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:4a78df0a94677a0eefa21b58a9ce4e277f02ae73b62def3c67ff530a352e3f6c_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:656d328dab901a6c91acd23695d857c74e513b03424dac9070b013786b5b15d7_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:9b4d478ea1b8f678154eae25a63fa4c5efaf6c6d2af26200bb5fd5d24288c2ce_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:bdb1cb4d3ed7e091b2241e5e279a8b327d3710396597e215b718a677f96878ed_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:3a178a67d25889f7999f738077ed6a9247a77b9507aa7a05921fcff60b9d2636_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:3f0158b470e1cd9a76d28d7d3840e722548900b045e23bdd110c0eefae987249_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:49d9b1b412dc6adada0336e6fa9088e732b67a77baa77e802d44d36a31b7b675_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:65872b0324e907feaa4e7f2851d29d35306549ce35005259eaf6cb1f560c7a06_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:7aafa8c6604fab9ddd9d7e01ce2e32dac0496f3ffe0468aaefca10aba3a02d7f_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:a50ba0fa8810e141d7e0fa31e6f5387c9335ed8fc83f95c4293be0212f15e658_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:baa6d9bc58f4d70b7207688bd743e940b51a1d677b3ae357e8b81cb739e2790c_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:cdbcc2e47b1e2846b1d847bdf1a2e8972e1bcd5a55756feb15def6c20812f0ef_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:13c46cc94f63978ae9aad5e5a8e28f05602a165eb264f5d3a36af7b320f40030_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:9e9170e5f4303bb0d664e875656971a359f42100ffcad76cf895db0bee84cb19_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:c8939d68dc4dea211e4aadef72d92cc4be2650407581f807241ccda0bb8960fc_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:e24ccd1d29f5d3019c0b64f8ef9bdcb235eb9555e67d625c06339865727fdd92_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:101d95caac7754e2a52d604b5458c1e37f243baa00f63270cbed87eb1b070057_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:17996ed18a7c5946d45802bf31f8a5075c6080f8e5340334d21764f6bd946454_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:42cd33038c6dc4f5f60ad6d62a29a3446fe69c632238614005cc2d9ed1d65902_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:a16813a750131e825a9cae498bbcfd6b377f6762e08e8743ef06f4eb06a7297c_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:65d3d04cada5750601d2372642d14e64320cee7b8a5286e11fdd477ba8b5e7ba_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:7e83ecbd9f40272e5359826761a2b6d9f48a299d99ffa245e4343d2a5526b289_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:92c0a5ad9e0f0825cf06b1ffdd753180b60b553a55675b327b34146081c41ae6_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b388e4e313a3e2b766a443b14a7c932ae6aa0b2aa1e39c450c34ec3cb540074d_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:2389723dc391b58f2b78a873d7b3ce061835dd0851806c0ac1807f1a5fdb1ccf_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:2d4c85b612c10c09608c6a54cd9e55487439a30635938e018ea66f3562d5995b_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:30b9c14e2c64f979c5775c331b264223075f8aa29199c9bdbb2365480553a061_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:853563cd50f8782fbd516fa1d4154593e421757677cd1fdbbf32cd8cb6231a99_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:03d39fb027b3d3db514d944e1911266e99b0fb5671cefa7287dc898aa0116ed9_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:15409fb17ca0e206d33b2819c8459e2ef609cb34ec0f4debd786bb2c8c4162f6_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:d44f4a854122aad1cf7bd4e5611ee36557a86331cb687236401237858f1150f6_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:fa649457709bd0d8098b928dc8ff1813169c7abc82af9c4f81e270ef77e83c63_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:0fb43c8bc323fb5066209cbd990c260096c331a5eca5a695c9715765cb5fcaef_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:64aefc4a5241b636add963a7ae9c80e89fb6e51c2c70b1340c16c2a396223460_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:95d4dcb17bfe3ba981ce84a27e79e8bad1f0574b7d287316ac885c3a03b47d0b_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:d37298739aa029391da1e24a052d68fb4d42a654493f3f9c0cf5f84894b2a359_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:0adb1f93691c91c098e88d10a5c85bb9c40a86c97ce9da03db4ef046aa729046_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:20f4edc0c5cec375d29a0d1556f57d107da7300bf9fa0bbb79a03241f8103d0e_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:a3eb86fccb73f1177cb8ecc0a2f0c34977a51d2e1dc6f206f7d9abcda51a1950_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:b2e406bf1cdc672d655c6805851b6f511a293f3d44c844663a3bab720c3ceff1_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:609b6f5a0f9f1d86d123414bbf80b79afa50d575c8e9d57845db41b798a32369_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:759c3b2c67e24f134f48628adb4c81bb82a060f57821ece082ba043831f6e730_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:8a14ece050720263b1e66751121324660edae661a27e5401c94082ca5fd2a6aa_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:d96ae13c66493e6e82532abb5aa0ca4e97409539ac3d0f0bb8ad25e9b8b84141_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:76e7acc3f5083d73cbcfdaf4d59790070ef1b77a202242d661540bbefcc92542_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:a8583d0cb70c604bcdf595eac14ce3f25ca4ffd98d0ebb7c38ae9601b3906fee_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:c97f22fa4f3502f16a68d488692ebf7cc048f49b5c56820670f29d5fdaa7d960_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:db050305b80c665ecbd3c205b0acd660487874bfba688bd715e26fb151fd2189_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:47b70eda9d66d5ecf0b503b65401907cd6563b9dc1a72ece63ba7ecdcd08487a_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:6ea72894ba4d2ec772ab6565019f4600234957af802797c650c32516d56ea121_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:7d701a3e0495b98428f1cb072dd1fd655963fa4b4537198d26cd62e3c38fff63_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:dc78fbb014fa97d6ee2b2b32475dc39c7277f132558c7f8b5299b6a85018043a_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:52cb87eb762d0aeb6fc26335f7416bd1975c64ebc55d37914553178627e4325c_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:76e2cca6983c688231e90f11868900ae32fb495032ffdf1a27eaceb34e24d51c_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:bbfc3a0e887427d11018ac789ff75b6d94167f52fbc756749e3d54391d4355bb_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:bc9f9494efef5a03e42db6a0da3d79717420b932d176e66f33885beb47ac1f8b_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2431740"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Lodash. A prototype pollution vulnerability in the _.unset and _.omit functions allows an attacker able to control property paths to delete methods from global prototypes. By removing essential functionalities, this can result in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "lodash: prototype pollution in _.unset and _.omit functions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is only exploitable by applications using the _.unset and _.omit functions on an object and allowing user input to determine the path of the property to be removed. This issue only allows the deletion of properties but does not allow overwriting their behavior, limiting the impact to a denial of service. Due to this reason, this vulnerability has been rated with an important severity.\n\nIn Grafana, JavaScript code runs only in the browser, while the server side is all Golang. Therefore, the worst-case scenario is a loss of functionality in the client application inside the browser. To reflect this, the CVSS availability metric and the severity of the Grafana and the Grafana-PCP component have been updated to low and moderate, respectively.\n\nThe lodash dependency is bundled and used by the pcs-web-ui component of the PCS package. In Red Hat Enterprise Linux 8.10, the pcs-web-ui component is no longer included in the PCS package. As a result, RHEL 8.10 does not ship the vulnerable lodash component within PCS and is therefore not-affected by this CVE.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:10710f43daa6a7596580e2251a4ce78b9f5f129b69ae86b830fac2ced267dc53_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:5028095ad4062ba947075e6c1064c6cae11a3a7495bd5ed93a2dd47fa08abf7f_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:73343845c72dea40bfa36649b13d1d241f0190aa7b4d4e05952b43710ef8de42_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:b683c66057d65b6ca4360a31811944b4083de6b6294cf09a1c841a4498cbfd0e_amd64"
],
"known_not_affected": [
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:6010f1e00ada07c0100468bde8ab20c176610f9d8e7498fc26d46960d63c9984_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:9530059a49869e8f1909a7ab06036c7fd36018a14ae2e6f22c5c0c1868eaaf49_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:b1eb4a408936b8cd0863c04fb7fe3a72e875c06d9f5c33dca4c82dd4a05a027f_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:ea9dda951ced7f3641ba5afd651191a75321cb0db5e251f66a510bc6d6f0f090_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:1a9bf49ede874a64c5acbe426e62324b564458e5575db9dd95230a15933e9adc_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:a464a9d46467012d73772656bd5eb81713bcc2d27b461e1083ba5c00548156a8_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:b3cb1d388c9d992b4721a1087e142255583868d0c855f5603d37b67d2c0ed64c_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:d66e556ff0b55bf9a54b45dc26e5175a662be785440db589efe01efa9da30d0e_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:2b20ddec4825b4224839823ce56183cd163491142b9d613f51f5e15859c0bf2f_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:5cf7bb103490cb1b5423c7d02d5b412f9059dca5455770fb0ecae8e1331493d7_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:c9456c7efa795d600500ab1c05e30ac7ce8f83fd571c5d8cfc0d382fcf575d9f_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:d1773b6567bd5ebd6b33e5ff24bafdd17e1d1f4dceb2a93fd4355bad0995b7a9_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:4c30c0f1e5ba711350357dbfb9f5048129a90be5c28011f85116a2fb365c6f4c_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:88c09914c96a5eeea856d8ec05f7c4d7afff9537990a3508073a98de2977e983_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:a2bbd28144d23264473715038172a92b199f6fb0a1b1f3f1cad2c56a3454fe00_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:b1619f86a599f1c386e8b487a1855b6f99a3538a619b55479debce224f541544_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:09ddc268aff8a2e20a6678fe200843c4fc98e9e1d305074c5bbef73760ec15a9_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:3d1a892c3842daea43ff64fa6bfb2276504003de0c8822412bb403e90c783d1b_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:5606d9e6154e3eb20a6c7b94346881ddedb155f54473f0713d67fe4fa0586ac3_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:9e783056352c39529e7315855af6d05cde5b39c009d2e67b9d88fb0210d30ed0_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:140b3b9a9526130a50040e355eb02609e0c38bf9ec0a8d5bcefb31862e2024f7_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:64efc33fe97ef9bcae490ff0ca61717dd48e6b0b0aab417e8ff252250baed576_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:994412dd0b9619d215a17d5ac684b11864f12030a399437247dbfa9f26061e31_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:f6a4ce6ceab1271e0afab9e60f4ef27745c584341ba944fd10e0b4209c8e4650_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:13ef7c6b65ffe6a1b434091830aa08fe539d9befd8e55f3177e486e59fdfc9b5_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:67bbdc696225283b4baa550a402fb03d9999ccd471a62622df1bbf0917ac8f52_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:8b16aa9760ba4402dfef3eac989432a794af7c1c71f3e1127f6077d54cdf244d_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:dad83ae3c921ff7444f8317fbdc165a43f9177b5d0554b08a960d9752ed1dbf8_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:57538de1fa62ef85ff3bcf844e90d44d79bb35bae50b21b2029d5fdcb909520c_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:b0c240f80580258ce2e46a0799839048a13c75ea5f0c1afdeb197f7fa559c2f3_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:b7e8f2fc682eb7ae91bb81b41e2b3e0b11fbabf1399e3013cd1353d3e5503423_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:bb4a9276e2362c620f8db391c796e04e5baedef7e677b58385283ade2cd3210e_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:19521b1b70014a01fa4c7eb5852bd621714246aaa05ea39664357b3ab8f5aae4_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:63056ed45fb5ba627a3cd35d0866d49ebcfa214e1fef12e8005540b656948cbf_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:b590daae5128cf8d3c83fe406a6c293ed496cd75015dd9c04fe8e75677bcf898_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:c6e7572299b082af41e6354ba0c793961b525df3131710da9b7fa1700864e0ee_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:1ca6accd21c73a5e7bf04400e042fd1ee84ff7d18754e50fed5f5dd8f92c1208_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:385376977c96bac3a56120ec859b410f8eb869d61195ceca2ab6b8602ae60f98_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:486133a133b4eb1886bf64ca623ffedf08b1eb102fa9c129614bb9ac711afdad_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:87a79c1d5b549de5dd7295ee7e6051a3d31a3d09b016a4904a2f0f29661468f8_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:205fb68996e4662d1dc53846fe878f3704caaff051e788b9b8c01c653d2d2dd6_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:7c2ec1a251c2bf42c2b90a092e3a1e781b0e6b78894574324f559dc3ce05b918_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:b94388d2168c576294a666ad688c11058a9120a1f82f46b00e17efc7cac8e283_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:e89b050a707bd7ce17b43a72bb9a39a3e587dbadb607b16c52848609b0d6ac13_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:4961180b0cf3005e3b13596a62d00b5417b79db6763ed6499bbdd33ffc5e7d8f_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:8f0a22e65065dd0a0d7603d880ba5204f697cab690d48bec4096ac4dfced34eb_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:c531d7b27a6ab1f33e07badfd713ef3fb2c51be09e2a054654d88e634e74211b_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:c6e080ca0bd427202f59aaa22ebbe6c0e605ea826a39a7ae6d31830847a2abb4_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:657056516c00fda9f925f3a49cb77fbee15bd85744da16eb30fc6d5b50f19cb5_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:8427851fc9e645146de5aa8f1fbc1b43ae774d4373f3523b5236eae17d54976c_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:91eb2632f9174d001ccdd904a6b0ee2aa08e31b784fb7854d6e00ef5537797f2_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:ceacd9e28ebf4e2b8be2915703fcb47739098a1ef0eb47cfd5165ab09ae5f11f_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:4909fc1686e26c789c42426b51718ef756c595b25ba7bb372f80cbe76cd81e50_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:647960dd990e5d4b7203450392a03d5e395de52b9a09b7488897f76f9ec16ac3_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:98ef84a6f8d90cb09113e6a3431fa00c5910ab5ba9e8263e22f7c2fc39443c20_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:f4ec8416deebe2f69231a2d137e05f0b244216826e1c029ff751d46cea8e0e09_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:34b737d8960e90357006419682b8b28f10d30cec8ae8ddfbdc7805cddb0ae120_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:65595440f3d1b49881d658d7fbfc3e48805a010e8b4808a0c113b25725b6d5df_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:755cea404ea13004e6d142985f6c7607d3d87daec4db4861bd06b6cbbeb62047_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:a67877772626c15a61c0c84009c7a4aed49e352d08d1fb518325a5190975cee6_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:38fc5ff2e94071852aaeafe98394ad26a15384046a3979e731e074c131b0e89c_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:49bc55113a9e69d0555440dab3b73c436fa9c7032f1d22e5cfdb592f5a78bd62_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:75f3f3856b19e3169e534f148048fa0ff34974523723850da22fa982c6771165_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:ba7d02e77d8dd52dd61425b27b400e0b3b2db16a82addb444bf12ec6d30a3364_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:4a78df0a94677a0eefa21b58a9ce4e277f02ae73b62def3c67ff530a352e3f6c_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:656d328dab901a6c91acd23695d857c74e513b03424dac9070b013786b5b15d7_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:9b4d478ea1b8f678154eae25a63fa4c5efaf6c6d2af26200bb5fd5d24288c2ce_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:bdb1cb4d3ed7e091b2241e5e279a8b327d3710396597e215b718a677f96878ed_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:3a178a67d25889f7999f738077ed6a9247a77b9507aa7a05921fcff60b9d2636_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:3f0158b470e1cd9a76d28d7d3840e722548900b045e23bdd110c0eefae987249_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:49d9b1b412dc6adada0336e6fa9088e732b67a77baa77e802d44d36a31b7b675_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:65872b0324e907feaa4e7f2851d29d35306549ce35005259eaf6cb1f560c7a06_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:7aafa8c6604fab9ddd9d7e01ce2e32dac0496f3ffe0468aaefca10aba3a02d7f_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:a50ba0fa8810e141d7e0fa31e6f5387c9335ed8fc83f95c4293be0212f15e658_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:baa6d9bc58f4d70b7207688bd743e940b51a1d677b3ae357e8b81cb739e2790c_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:cdbcc2e47b1e2846b1d847bdf1a2e8972e1bcd5a55756feb15def6c20812f0ef_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:13c46cc94f63978ae9aad5e5a8e28f05602a165eb264f5d3a36af7b320f40030_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:9e9170e5f4303bb0d664e875656971a359f42100ffcad76cf895db0bee84cb19_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:c8939d68dc4dea211e4aadef72d92cc4be2650407581f807241ccda0bb8960fc_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:e24ccd1d29f5d3019c0b64f8ef9bdcb235eb9555e67d625c06339865727fdd92_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:101d95caac7754e2a52d604b5458c1e37f243baa00f63270cbed87eb1b070057_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:17996ed18a7c5946d45802bf31f8a5075c6080f8e5340334d21764f6bd946454_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:42cd33038c6dc4f5f60ad6d62a29a3446fe69c632238614005cc2d9ed1d65902_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:a16813a750131e825a9cae498bbcfd6b377f6762e08e8743ef06f4eb06a7297c_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:65d3d04cada5750601d2372642d14e64320cee7b8a5286e11fdd477ba8b5e7ba_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:7e83ecbd9f40272e5359826761a2b6d9f48a299d99ffa245e4343d2a5526b289_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:92c0a5ad9e0f0825cf06b1ffdd753180b60b553a55675b327b34146081c41ae6_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b388e4e313a3e2b766a443b14a7c932ae6aa0b2aa1e39c450c34ec3cb540074d_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:2389723dc391b58f2b78a873d7b3ce061835dd0851806c0ac1807f1a5fdb1ccf_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:2d4c85b612c10c09608c6a54cd9e55487439a30635938e018ea66f3562d5995b_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:30b9c14e2c64f979c5775c331b264223075f8aa29199c9bdbb2365480553a061_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:853563cd50f8782fbd516fa1d4154593e421757677cd1fdbbf32cd8cb6231a99_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:03d39fb027b3d3db514d944e1911266e99b0fb5671cefa7287dc898aa0116ed9_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:15409fb17ca0e206d33b2819c8459e2ef609cb34ec0f4debd786bb2c8c4162f6_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:d44f4a854122aad1cf7bd4e5611ee36557a86331cb687236401237858f1150f6_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:fa649457709bd0d8098b928dc8ff1813169c7abc82af9c4f81e270ef77e83c63_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:0fb43c8bc323fb5066209cbd990c260096c331a5eca5a695c9715765cb5fcaef_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:64aefc4a5241b636add963a7ae9c80e89fb6e51c2c70b1340c16c2a396223460_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:95d4dcb17bfe3ba981ce84a27e79e8bad1f0574b7d287316ac885c3a03b47d0b_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:d37298739aa029391da1e24a052d68fb4d42a654493f3f9c0cf5f84894b2a359_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:0adb1f93691c91c098e88d10a5c85bb9c40a86c97ce9da03db4ef046aa729046_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:20f4edc0c5cec375d29a0d1556f57d107da7300bf9fa0bbb79a03241f8103d0e_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:a3eb86fccb73f1177cb8ecc0a2f0c34977a51d2e1dc6f206f7d9abcda51a1950_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:b2e406bf1cdc672d655c6805851b6f511a293f3d44c844663a3bab720c3ceff1_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:609b6f5a0f9f1d86d123414bbf80b79afa50d575c8e9d57845db41b798a32369_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:759c3b2c67e24f134f48628adb4c81bb82a060f57821ece082ba043831f6e730_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:8a14ece050720263b1e66751121324660edae661a27e5401c94082ca5fd2a6aa_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:d96ae13c66493e6e82532abb5aa0ca4e97409539ac3d0f0bb8ad25e9b8b84141_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:76e7acc3f5083d73cbcfdaf4d59790070ef1b77a202242d661540bbefcc92542_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:a8583d0cb70c604bcdf595eac14ce3f25ca4ffd98d0ebb7c38ae9601b3906fee_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:c97f22fa4f3502f16a68d488692ebf7cc048f49b5c56820670f29d5fdaa7d960_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:db050305b80c665ecbd3c205b0acd660487874bfba688bd715e26fb151fd2189_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:47b70eda9d66d5ecf0b503b65401907cd6563b9dc1a72ece63ba7ecdcd08487a_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:6ea72894ba4d2ec772ab6565019f4600234957af802797c650c32516d56ea121_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:7d701a3e0495b98428f1cb072dd1fd655963fa4b4537198d26cd62e3c38fff63_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:dc78fbb014fa97d6ee2b2b32475dc39c7277f132558c7f8b5299b6a85018043a_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:52cb87eb762d0aeb6fc26335f7416bd1975c64ebc55d37914553178627e4325c_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:76e2cca6983c688231e90f11868900ae32fb495032ffdf1a27eaceb34e24d51c_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:bbfc3a0e887427d11018ac789ff75b6d94167f52fbc756749e3d54391d4355bb_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:bc9f9494efef5a03e42db6a0da3d79717420b932d176e66f33885beb47ac1f8b_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-13465"
},
{
"category": "external",
"summary": "RHBZ#2431740",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431740"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-13465",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13465"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-13465",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-13465"
},
{
"category": "external",
"summary": "https://github.com/lodash/lodash/security/advisories/GHSA-xxjr-mmjv-4gpg",
"url": "https://github.com/lodash/lodash/security/advisories/GHSA-xxjr-mmjv-4gpg"
}
],
"release_date": "2026-01-21T19:05:28.846000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-04T16:50:36+00:00",
"details": "For multicluster engine for Kubernetes, see the following documentation for\ndetails on how to install the images:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.15/html/clusters/cluster_mce_overview#mce-install-intro",
"product_ids": [
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:10710f43daa6a7596580e2251a4ce78b9f5f129b69ae86b830fac2ced267dc53_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:5028095ad4062ba947075e6c1064c6cae11a3a7495bd5ed93a2dd47fa08abf7f_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:73343845c72dea40bfa36649b13d1d241f0190aa7b4d4e05952b43710ef8de42_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:b683c66057d65b6ca4360a31811944b4083de6b6294cf09a1c841a4498cbfd0e_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:13542"
},
{
"category": "workaround",
"details": "To mitigate this issue, implement strict input validation before passing any property paths to the _.unset and _.omit functions to block attempts to access the prototype chain. Ensure that strings like __proto__, constructor and prototype are blocked, for example.",
"product_ids": [
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:6010f1e00ada07c0100468bde8ab20c176610f9d8e7498fc26d46960d63c9984_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:9530059a49869e8f1909a7ab06036c7fd36018a14ae2e6f22c5c0c1868eaaf49_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:b1eb4a408936b8cd0863c04fb7fe3a72e875c06d9f5c33dca4c82dd4a05a027f_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:ea9dda951ced7f3641ba5afd651191a75321cb0db5e251f66a510bc6d6f0f090_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:1a9bf49ede874a64c5acbe426e62324b564458e5575db9dd95230a15933e9adc_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:a464a9d46467012d73772656bd5eb81713bcc2d27b461e1083ba5c00548156a8_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:b3cb1d388c9d992b4721a1087e142255583868d0c855f5603d37b67d2c0ed64c_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:d66e556ff0b55bf9a54b45dc26e5175a662be785440db589efe01efa9da30d0e_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:2b20ddec4825b4224839823ce56183cd163491142b9d613f51f5e15859c0bf2f_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:5cf7bb103490cb1b5423c7d02d5b412f9059dca5455770fb0ecae8e1331493d7_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:c9456c7efa795d600500ab1c05e30ac7ce8f83fd571c5d8cfc0d382fcf575d9f_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:d1773b6567bd5ebd6b33e5ff24bafdd17e1d1f4dceb2a93fd4355bad0995b7a9_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:4c30c0f1e5ba711350357dbfb9f5048129a90be5c28011f85116a2fb365c6f4c_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:88c09914c96a5eeea856d8ec05f7c4d7afff9537990a3508073a98de2977e983_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:a2bbd28144d23264473715038172a92b199f6fb0a1b1f3f1cad2c56a3454fe00_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:b1619f86a599f1c386e8b487a1855b6f99a3538a619b55479debce224f541544_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:09ddc268aff8a2e20a6678fe200843c4fc98e9e1d305074c5bbef73760ec15a9_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:3d1a892c3842daea43ff64fa6bfb2276504003de0c8822412bb403e90c783d1b_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:5606d9e6154e3eb20a6c7b94346881ddedb155f54473f0713d67fe4fa0586ac3_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:9e783056352c39529e7315855af6d05cde5b39c009d2e67b9d88fb0210d30ed0_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:140b3b9a9526130a50040e355eb02609e0c38bf9ec0a8d5bcefb31862e2024f7_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:64efc33fe97ef9bcae490ff0ca61717dd48e6b0b0aab417e8ff252250baed576_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:994412dd0b9619d215a17d5ac684b11864f12030a399437247dbfa9f26061e31_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:f6a4ce6ceab1271e0afab9e60f4ef27745c584341ba944fd10e0b4209c8e4650_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:13ef7c6b65ffe6a1b434091830aa08fe539d9befd8e55f3177e486e59fdfc9b5_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:67bbdc696225283b4baa550a402fb03d9999ccd471a62622df1bbf0917ac8f52_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:8b16aa9760ba4402dfef3eac989432a794af7c1c71f3e1127f6077d54cdf244d_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:dad83ae3c921ff7444f8317fbdc165a43f9177b5d0554b08a960d9752ed1dbf8_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:57538de1fa62ef85ff3bcf844e90d44d79bb35bae50b21b2029d5fdcb909520c_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:b0c240f80580258ce2e46a0799839048a13c75ea5f0c1afdeb197f7fa559c2f3_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:b7e8f2fc682eb7ae91bb81b41e2b3e0b11fbabf1399e3013cd1353d3e5503423_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:bb4a9276e2362c620f8db391c796e04e5baedef7e677b58385283ade2cd3210e_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:19521b1b70014a01fa4c7eb5852bd621714246aaa05ea39664357b3ab8f5aae4_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:63056ed45fb5ba627a3cd35d0866d49ebcfa214e1fef12e8005540b656948cbf_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:b590daae5128cf8d3c83fe406a6c293ed496cd75015dd9c04fe8e75677bcf898_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:c6e7572299b082af41e6354ba0c793961b525df3131710da9b7fa1700864e0ee_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:1ca6accd21c73a5e7bf04400e042fd1ee84ff7d18754e50fed5f5dd8f92c1208_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:385376977c96bac3a56120ec859b410f8eb869d61195ceca2ab6b8602ae60f98_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:486133a133b4eb1886bf64ca623ffedf08b1eb102fa9c129614bb9ac711afdad_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:87a79c1d5b549de5dd7295ee7e6051a3d31a3d09b016a4904a2f0f29661468f8_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:205fb68996e4662d1dc53846fe878f3704caaff051e788b9b8c01c653d2d2dd6_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:7c2ec1a251c2bf42c2b90a092e3a1e781b0e6b78894574324f559dc3ce05b918_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:b94388d2168c576294a666ad688c11058a9120a1f82f46b00e17efc7cac8e283_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:e89b050a707bd7ce17b43a72bb9a39a3e587dbadb607b16c52848609b0d6ac13_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:4961180b0cf3005e3b13596a62d00b5417b79db6763ed6499bbdd33ffc5e7d8f_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:8f0a22e65065dd0a0d7603d880ba5204f697cab690d48bec4096ac4dfced34eb_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:c531d7b27a6ab1f33e07badfd713ef3fb2c51be09e2a054654d88e634e74211b_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:c6e080ca0bd427202f59aaa22ebbe6c0e605ea826a39a7ae6d31830847a2abb4_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:657056516c00fda9f925f3a49cb77fbee15bd85744da16eb30fc6d5b50f19cb5_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:8427851fc9e645146de5aa8f1fbc1b43ae774d4373f3523b5236eae17d54976c_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:91eb2632f9174d001ccdd904a6b0ee2aa08e31b784fb7854d6e00ef5537797f2_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:ceacd9e28ebf4e2b8be2915703fcb47739098a1ef0eb47cfd5165ab09ae5f11f_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:10710f43daa6a7596580e2251a4ce78b9f5f129b69ae86b830fac2ced267dc53_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:5028095ad4062ba947075e6c1064c6cae11a3a7495bd5ed93a2dd47fa08abf7f_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:73343845c72dea40bfa36649b13d1d241f0190aa7b4d4e05952b43710ef8de42_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:b683c66057d65b6ca4360a31811944b4083de6b6294cf09a1c841a4498cbfd0e_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:4909fc1686e26c789c42426b51718ef756c595b25ba7bb372f80cbe76cd81e50_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:647960dd990e5d4b7203450392a03d5e395de52b9a09b7488897f76f9ec16ac3_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:98ef84a6f8d90cb09113e6a3431fa00c5910ab5ba9e8263e22f7c2fc39443c20_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:f4ec8416deebe2f69231a2d137e05f0b244216826e1c029ff751d46cea8e0e09_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:34b737d8960e90357006419682b8b28f10d30cec8ae8ddfbdc7805cddb0ae120_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:65595440f3d1b49881d658d7fbfc3e48805a010e8b4808a0c113b25725b6d5df_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:755cea404ea13004e6d142985f6c7607d3d87daec4db4861bd06b6cbbeb62047_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:a67877772626c15a61c0c84009c7a4aed49e352d08d1fb518325a5190975cee6_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:38fc5ff2e94071852aaeafe98394ad26a15384046a3979e731e074c131b0e89c_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:49bc55113a9e69d0555440dab3b73c436fa9c7032f1d22e5cfdb592f5a78bd62_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:75f3f3856b19e3169e534f148048fa0ff34974523723850da22fa982c6771165_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:ba7d02e77d8dd52dd61425b27b400e0b3b2db16a82addb444bf12ec6d30a3364_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:4a78df0a94677a0eefa21b58a9ce4e277f02ae73b62def3c67ff530a352e3f6c_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:656d328dab901a6c91acd23695d857c74e513b03424dac9070b013786b5b15d7_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:9b4d478ea1b8f678154eae25a63fa4c5efaf6c6d2af26200bb5fd5d24288c2ce_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:bdb1cb4d3ed7e091b2241e5e279a8b327d3710396597e215b718a677f96878ed_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:3a178a67d25889f7999f738077ed6a9247a77b9507aa7a05921fcff60b9d2636_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:3f0158b470e1cd9a76d28d7d3840e722548900b045e23bdd110c0eefae987249_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:49d9b1b412dc6adada0336e6fa9088e732b67a77baa77e802d44d36a31b7b675_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:65872b0324e907feaa4e7f2851d29d35306549ce35005259eaf6cb1f560c7a06_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:7aafa8c6604fab9ddd9d7e01ce2e32dac0496f3ffe0468aaefca10aba3a02d7f_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:a50ba0fa8810e141d7e0fa31e6f5387c9335ed8fc83f95c4293be0212f15e658_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:baa6d9bc58f4d70b7207688bd743e940b51a1d677b3ae357e8b81cb739e2790c_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:cdbcc2e47b1e2846b1d847bdf1a2e8972e1bcd5a55756feb15def6c20812f0ef_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:13c46cc94f63978ae9aad5e5a8e28f05602a165eb264f5d3a36af7b320f40030_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:9e9170e5f4303bb0d664e875656971a359f42100ffcad76cf895db0bee84cb19_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:c8939d68dc4dea211e4aadef72d92cc4be2650407581f807241ccda0bb8960fc_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:e24ccd1d29f5d3019c0b64f8ef9bdcb235eb9555e67d625c06339865727fdd92_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:101d95caac7754e2a52d604b5458c1e37f243baa00f63270cbed87eb1b070057_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:17996ed18a7c5946d45802bf31f8a5075c6080f8e5340334d21764f6bd946454_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:42cd33038c6dc4f5f60ad6d62a29a3446fe69c632238614005cc2d9ed1d65902_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:a16813a750131e825a9cae498bbcfd6b377f6762e08e8743ef06f4eb06a7297c_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:65d3d04cada5750601d2372642d14e64320cee7b8a5286e11fdd477ba8b5e7ba_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:7e83ecbd9f40272e5359826761a2b6d9f48a299d99ffa245e4343d2a5526b289_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:92c0a5ad9e0f0825cf06b1ffdd753180b60b553a55675b327b34146081c41ae6_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b388e4e313a3e2b766a443b14a7c932ae6aa0b2aa1e39c450c34ec3cb540074d_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:2389723dc391b58f2b78a873d7b3ce061835dd0851806c0ac1807f1a5fdb1ccf_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:2d4c85b612c10c09608c6a54cd9e55487439a30635938e018ea66f3562d5995b_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:30b9c14e2c64f979c5775c331b264223075f8aa29199c9bdbb2365480553a061_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:853563cd50f8782fbd516fa1d4154593e421757677cd1fdbbf32cd8cb6231a99_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:03d39fb027b3d3db514d944e1911266e99b0fb5671cefa7287dc898aa0116ed9_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:15409fb17ca0e206d33b2819c8459e2ef609cb34ec0f4debd786bb2c8c4162f6_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:d44f4a854122aad1cf7bd4e5611ee36557a86331cb687236401237858f1150f6_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:fa649457709bd0d8098b928dc8ff1813169c7abc82af9c4f81e270ef77e83c63_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:0fb43c8bc323fb5066209cbd990c260096c331a5eca5a695c9715765cb5fcaef_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:64aefc4a5241b636add963a7ae9c80e89fb6e51c2c70b1340c16c2a396223460_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:95d4dcb17bfe3ba981ce84a27e79e8bad1f0574b7d287316ac885c3a03b47d0b_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:d37298739aa029391da1e24a052d68fb4d42a654493f3f9c0cf5f84894b2a359_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:0adb1f93691c91c098e88d10a5c85bb9c40a86c97ce9da03db4ef046aa729046_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:20f4edc0c5cec375d29a0d1556f57d107da7300bf9fa0bbb79a03241f8103d0e_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:a3eb86fccb73f1177cb8ecc0a2f0c34977a51d2e1dc6f206f7d9abcda51a1950_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:b2e406bf1cdc672d655c6805851b6f511a293f3d44c844663a3bab720c3ceff1_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:609b6f5a0f9f1d86d123414bbf80b79afa50d575c8e9d57845db41b798a32369_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:759c3b2c67e24f134f48628adb4c81bb82a060f57821ece082ba043831f6e730_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:8a14ece050720263b1e66751121324660edae661a27e5401c94082ca5fd2a6aa_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:d96ae13c66493e6e82532abb5aa0ca4e97409539ac3d0f0bb8ad25e9b8b84141_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:76e7acc3f5083d73cbcfdaf4d59790070ef1b77a202242d661540bbefcc92542_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:a8583d0cb70c604bcdf595eac14ce3f25ca4ffd98d0ebb7c38ae9601b3906fee_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:c97f22fa4f3502f16a68d488692ebf7cc048f49b5c56820670f29d5fdaa7d960_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:db050305b80c665ecbd3c205b0acd660487874bfba688bd715e26fb151fd2189_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:47b70eda9d66d5ecf0b503b65401907cd6563b9dc1a72ece63ba7ecdcd08487a_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:6ea72894ba4d2ec772ab6565019f4600234957af802797c650c32516d56ea121_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:7d701a3e0495b98428f1cb072dd1fd655963fa4b4537198d26cd62e3c38fff63_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:dc78fbb014fa97d6ee2b2b32475dc39c7277f132558c7f8b5299b6a85018043a_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:52cb87eb762d0aeb6fc26335f7416bd1975c64ebc55d37914553178627e4325c_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:76e2cca6983c688231e90f11868900ae32fb495032ffdf1a27eaceb34e24d51c_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:bbfc3a0e887427d11018ac789ff75b6d94167f52fbc756749e3d54391d4355bb_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:bc9f9494efef5a03e42db6a0da3d79717420b932d176e66f33885beb47ac1f8b_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:6010f1e00ada07c0100468bde8ab20c176610f9d8e7498fc26d46960d63c9984_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:9530059a49869e8f1909a7ab06036c7fd36018a14ae2e6f22c5c0c1868eaaf49_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:b1eb4a408936b8cd0863c04fb7fe3a72e875c06d9f5c33dca4c82dd4a05a027f_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:ea9dda951ced7f3641ba5afd651191a75321cb0db5e251f66a510bc6d6f0f090_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:1a9bf49ede874a64c5acbe426e62324b564458e5575db9dd95230a15933e9adc_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:a464a9d46467012d73772656bd5eb81713bcc2d27b461e1083ba5c00548156a8_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:b3cb1d388c9d992b4721a1087e142255583868d0c855f5603d37b67d2c0ed64c_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:d66e556ff0b55bf9a54b45dc26e5175a662be785440db589efe01efa9da30d0e_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:2b20ddec4825b4224839823ce56183cd163491142b9d613f51f5e15859c0bf2f_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:5cf7bb103490cb1b5423c7d02d5b412f9059dca5455770fb0ecae8e1331493d7_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:c9456c7efa795d600500ab1c05e30ac7ce8f83fd571c5d8cfc0d382fcf575d9f_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:d1773b6567bd5ebd6b33e5ff24bafdd17e1d1f4dceb2a93fd4355bad0995b7a9_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:4c30c0f1e5ba711350357dbfb9f5048129a90be5c28011f85116a2fb365c6f4c_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:88c09914c96a5eeea856d8ec05f7c4d7afff9537990a3508073a98de2977e983_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:a2bbd28144d23264473715038172a92b199f6fb0a1b1f3f1cad2c56a3454fe00_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:b1619f86a599f1c386e8b487a1855b6f99a3538a619b55479debce224f541544_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:09ddc268aff8a2e20a6678fe200843c4fc98e9e1d305074c5bbef73760ec15a9_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:3d1a892c3842daea43ff64fa6bfb2276504003de0c8822412bb403e90c783d1b_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:5606d9e6154e3eb20a6c7b94346881ddedb155f54473f0713d67fe4fa0586ac3_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:9e783056352c39529e7315855af6d05cde5b39c009d2e67b9d88fb0210d30ed0_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:140b3b9a9526130a50040e355eb02609e0c38bf9ec0a8d5bcefb31862e2024f7_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:64efc33fe97ef9bcae490ff0ca61717dd48e6b0b0aab417e8ff252250baed576_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:994412dd0b9619d215a17d5ac684b11864f12030a399437247dbfa9f26061e31_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:f6a4ce6ceab1271e0afab9e60f4ef27745c584341ba944fd10e0b4209c8e4650_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:13ef7c6b65ffe6a1b434091830aa08fe539d9befd8e55f3177e486e59fdfc9b5_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:67bbdc696225283b4baa550a402fb03d9999ccd471a62622df1bbf0917ac8f52_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:8b16aa9760ba4402dfef3eac989432a794af7c1c71f3e1127f6077d54cdf244d_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:dad83ae3c921ff7444f8317fbdc165a43f9177b5d0554b08a960d9752ed1dbf8_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:57538de1fa62ef85ff3bcf844e90d44d79bb35bae50b21b2029d5fdcb909520c_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:b0c240f80580258ce2e46a0799839048a13c75ea5f0c1afdeb197f7fa559c2f3_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:b7e8f2fc682eb7ae91bb81b41e2b3e0b11fbabf1399e3013cd1353d3e5503423_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:bb4a9276e2362c620f8db391c796e04e5baedef7e677b58385283ade2cd3210e_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:19521b1b70014a01fa4c7eb5852bd621714246aaa05ea39664357b3ab8f5aae4_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:63056ed45fb5ba627a3cd35d0866d49ebcfa214e1fef12e8005540b656948cbf_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:b590daae5128cf8d3c83fe406a6c293ed496cd75015dd9c04fe8e75677bcf898_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:c6e7572299b082af41e6354ba0c793961b525df3131710da9b7fa1700864e0ee_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:1ca6accd21c73a5e7bf04400e042fd1ee84ff7d18754e50fed5f5dd8f92c1208_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:385376977c96bac3a56120ec859b410f8eb869d61195ceca2ab6b8602ae60f98_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:486133a133b4eb1886bf64ca623ffedf08b1eb102fa9c129614bb9ac711afdad_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:87a79c1d5b549de5dd7295ee7e6051a3d31a3d09b016a4904a2f0f29661468f8_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:205fb68996e4662d1dc53846fe878f3704caaff051e788b9b8c01c653d2d2dd6_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:7c2ec1a251c2bf42c2b90a092e3a1e781b0e6b78894574324f559dc3ce05b918_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:b94388d2168c576294a666ad688c11058a9120a1f82f46b00e17efc7cac8e283_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:e89b050a707bd7ce17b43a72bb9a39a3e587dbadb607b16c52848609b0d6ac13_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:4961180b0cf3005e3b13596a62d00b5417b79db6763ed6499bbdd33ffc5e7d8f_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:8f0a22e65065dd0a0d7603d880ba5204f697cab690d48bec4096ac4dfced34eb_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:c531d7b27a6ab1f33e07badfd713ef3fb2c51be09e2a054654d88e634e74211b_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:c6e080ca0bd427202f59aaa22ebbe6c0e605ea826a39a7ae6d31830847a2abb4_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:657056516c00fda9f925f3a49cb77fbee15bd85744da16eb30fc6d5b50f19cb5_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:8427851fc9e645146de5aa8f1fbc1b43ae774d4373f3523b5236eae17d54976c_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:91eb2632f9174d001ccdd904a6b0ee2aa08e31b784fb7854d6e00ef5537797f2_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:ceacd9e28ebf4e2b8be2915703fcb47739098a1ef0eb47cfd5165ab09ae5f11f_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:10710f43daa6a7596580e2251a4ce78b9f5f129b69ae86b830fac2ced267dc53_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:5028095ad4062ba947075e6c1064c6cae11a3a7495bd5ed93a2dd47fa08abf7f_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:73343845c72dea40bfa36649b13d1d241f0190aa7b4d4e05952b43710ef8de42_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:b683c66057d65b6ca4360a31811944b4083de6b6294cf09a1c841a4498cbfd0e_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:4909fc1686e26c789c42426b51718ef756c595b25ba7bb372f80cbe76cd81e50_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:647960dd990e5d4b7203450392a03d5e395de52b9a09b7488897f76f9ec16ac3_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:98ef84a6f8d90cb09113e6a3431fa00c5910ab5ba9e8263e22f7c2fc39443c20_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:f4ec8416deebe2f69231a2d137e05f0b244216826e1c029ff751d46cea8e0e09_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:34b737d8960e90357006419682b8b28f10d30cec8ae8ddfbdc7805cddb0ae120_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:65595440f3d1b49881d658d7fbfc3e48805a010e8b4808a0c113b25725b6d5df_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:755cea404ea13004e6d142985f6c7607d3d87daec4db4861bd06b6cbbeb62047_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:a67877772626c15a61c0c84009c7a4aed49e352d08d1fb518325a5190975cee6_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:38fc5ff2e94071852aaeafe98394ad26a15384046a3979e731e074c131b0e89c_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:49bc55113a9e69d0555440dab3b73c436fa9c7032f1d22e5cfdb592f5a78bd62_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:75f3f3856b19e3169e534f148048fa0ff34974523723850da22fa982c6771165_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:ba7d02e77d8dd52dd61425b27b400e0b3b2db16a82addb444bf12ec6d30a3364_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:4a78df0a94677a0eefa21b58a9ce4e277f02ae73b62def3c67ff530a352e3f6c_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:656d328dab901a6c91acd23695d857c74e513b03424dac9070b013786b5b15d7_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:9b4d478ea1b8f678154eae25a63fa4c5efaf6c6d2af26200bb5fd5d24288c2ce_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:bdb1cb4d3ed7e091b2241e5e279a8b327d3710396597e215b718a677f96878ed_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:3a178a67d25889f7999f738077ed6a9247a77b9507aa7a05921fcff60b9d2636_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:3f0158b470e1cd9a76d28d7d3840e722548900b045e23bdd110c0eefae987249_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:49d9b1b412dc6adada0336e6fa9088e732b67a77baa77e802d44d36a31b7b675_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:65872b0324e907feaa4e7f2851d29d35306549ce35005259eaf6cb1f560c7a06_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:7aafa8c6604fab9ddd9d7e01ce2e32dac0496f3ffe0468aaefca10aba3a02d7f_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:a50ba0fa8810e141d7e0fa31e6f5387c9335ed8fc83f95c4293be0212f15e658_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:baa6d9bc58f4d70b7207688bd743e940b51a1d677b3ae357e8b81cb739e2790c_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:cdbcc2e47b1e2846b1d847bdf1a2e8972e1bcd5a55756feb15def6c20812f0ef_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:13c46cc94f63978ae9aad5e5a8e28f05602a165eb264f5d3a36af7b320f40030_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:9e9170e5f4303bb0d664e875656971a359f42100ffcad76cf895db0bee84cb19_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:c8939d68dc4dea211e4aadef72d92cc4be2650407581f807241ccda0bb8960fc_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:e24ccd1d29f5d3019c0b64f8ef9bdcb235eb9555e67d625c06339865727fdd92_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:101d95caac7754e2a52d604b5458c1e37f243baa00f63270cbed87eb1b070057_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:17996ed18a7c5946d45802bf31f8a5075c6080f8e5340334d21764f6bd946454_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:42cd33038c6dc4f5f60ad6d62a29a3446fe69c632238614005cc2d9ed1d65902_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:a16813a750131e825a9cae498bbcfd6b377f6762e08e8743ef06f4eb06a7297c_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:65d3d04cada5750601d2372642d14e64320cee7b8a5286e11fdd477ba8b5e7ba_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:7e83ecbd9f40272e5359826761a2b6d9f48a299d99ffa245e4343d2a5526b289_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:92c0a5ad9e0f0825cf06b1ffdd753180b60b553a55675b327b34146081c41ae6_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b388e4e313a3e2b766a443b14a7c932ae6aa0b2aa1e39c450c34ec3cb540074d_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:2389723dc391b58f2b78a873d7b3ce061835dd0851806c0ac1807f1a5fdb1ccf_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:2d4c85b612c10c09608c6a54cd9e55487439a30635938e018ea66f3562d5995b_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:30b9c14e2c64f979c5775c331b264223075f8aa29199c9bdbb2365480553a061_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:853563cd50f8782fbd516fa1d4154593e421757677cd1fdbbf32cd8cb6231a99_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:03d39fb027b3d3db514d944e1911266e99b0fb5671cefa7287dc898aa0116ed9_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:15409fb17ca0e206d33b2819c8459e2ef609cb34ec0f4debd786bb2c8c4162f6_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:d44f4a854122aad1cf7bd4e5611ee36557a86331cb687236401237858f1150f6_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:fa649457709bd0d8098b928dc8ff1813169c7abc82af9c4f81e270ef77e83c63_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:0fb43c8bc323fb5066209cbd990c260096c331a5eca5a695c9715765cb5fcaef_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:64aefc4a5241b636add963a7ae9c80e89fb6e51c2c70b1340c16c2a396223460_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:95d4dcb17bfe3ba981ce84a27e79e8bad1f0574b7d287316ac885c3a03b47d0b_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:d37298739aa029391da1e24a052d68fb4d42a654493f3f9c0cf5f84894b2a359_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:0adb1f93691c91c098e88d10a5c85bb9c40a86c97ce9da03db4ef046aa729046_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:20f4edc0c5cec375d29a0d1556f57d107da7300bf9fa0bbb79a03241f8103d0e_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:a3eb86fccb73f1177cb8ecc0a2f0c34977a51d2e1dc6f206f7d9abcda51a1950_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:b2e406bf1cdc672d655c6805851b6f511a293f3d44c844663a3bab720c3ceff1_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:609b6f5a0f9f1d86d123414bbf80b79afa50d575c8e9d57845db41b798a32369_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:759c3b2c67e24f134f48628adb4c81bb82a060f57821ece082ba043831f6e730_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:8a14ece050720263b1e66751121324660edae661a27e5401c94082ca5fd2a6aa_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:d96ae13c66493e6e82532abb5aa0ca4e97409539ac3d0f0bb8ad25e9b8b84141_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:76e7acc3f5083d73cbcfdaf4d59790070ef1b77a202242d661540bbefcc92542_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:a8583d0cb70c604bcdf595eac14ce3f25ca4ffd98d0ebb7c38ae9601b3906fee_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:c97f22fa4f3502f16a68d488692ebf7cc048f49b5c56820670f29d5fdaa7d960_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:db050305b80c665ecbd3c205b0acd660487874bfba688bd715e26fb151fd2189_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:47b70eda9d66d5ecf0b503b65401907cd6563b9dc1a72ece63ba7ecdcd08487a_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:6ea72894ba4d2ec772ab6565019f4600234957af802797c650c32516d56ea121_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:7d701a3e0495b98428f1cb072dd1fd655963fa4b4537198d26cd62e3c38fff63_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:dc78fbb014fa97d6ee2b2b32475dc39c7277f132558c7f8b5299b6a85018043a_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:52cb87eb762d0aeb6fc26335f7416bd1975c64ebc55d37914553178627e4325c_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:76e2cca6983c688231e90f11868900ae32fb495032ffdf1a27eaceb34e24d51c_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:bbfc3a0e887427d11018ac789ff75b6d94167f52fbc756749e3d54391d4355bb_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:bc9f9494efef5a03e42db6a0da3d79717420b932d176e66f33885beb47ac1f8b_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "lodash: prototype pollution in _.unset and _.omit functions"
},
{
"cve": "CVE-2025-58183",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-10-29T23:01:50.573951+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:6010f1e00ada07c0100468bde8ab20c176610f9d8e7498fc26d46960d63c9984_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:9530059a49869e8f1909a7ab06036c7fd36018a14ae2e6f22c5c0c1868eaaf49_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:b1eb4a408936b8cd0863c04fb7fe3a72e875c06d9f5c33dca4c82dd4a05a027f_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:ea9dda951ced7f3641ba5afd651191a75321cb0db5e251f66a510bc6d6f0f090_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:2b20ddec4825b4224839823ce56183cd163491142b9d613f51f5e15859c0bf2f_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:5cf7bb103490cb1b5423c7d02d5b412f9059dca5455770fb0ecae8e1331493d7_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:c9456c7efa795d600500ab1c05e30ac7ce8f83fd571c5d8cfc0d382fcf575d9f_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:d1773b6567bd5ebd6b33e5ff24bafdd17e1d1f4dceb2a93fd4355bad0995b7a9_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:4c30c0f1e5ba711350357dbfb9f5048129a90be5c28011f85116a2fb365c6f4c_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:88c09914c96a5eeea856d8ec05f7c4d7afff9537990a3508073a98de2977e983_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:a2bbd28144d23264473715038172a92b199f6fb0a1b1f3f1cad2c56a3454fe00_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:b1619f86a599f1c386e8b487a1855b6f99a3538a619b55479debce224f541544_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:09ddc268aff8a2e20a6678fe200843c4fc98e9e1d305074c5bbef73760ec15a9_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:3d1a892c3842daea43ff64fa6bfb2276504003de0c8822412bb403e90c783d1b_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:5606d9e6154e3eb20a6c7b94346881ddedb155f54473f0713d67fe4fa0586ac3_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:9e783056352c39529e7315855af6d05cde5b39c009d2e67b9d88fb0210d30ed0_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:140b3b9a9526130a50040e355eb02609e0c38bf9ec0a8d5bcefb31862e2024f7_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:64efc33fe97ef9bcae490ff0ca61717dd48e6b0b0aab417e8ff252250baed576_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:994412dd0b9619d215a17d5ac684b11864f12030a399437247dbfa9f26061e31_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:f6a4ce6ceab1271e0afab9e60f4ef27745c584341ba944fd10e0b4209c8e4650_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:13ef7c6b65ffe6a1b434091830aa08fe539d9befd8e55f3177e486e59fdfc9b5_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:67bbdc696225283b4baa550a402fb03d9999ccd471a62622df1bbf0917ac8f52_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:8b16aa9760ba4402dfef3eac989432a794af7c1c71f3e1127f6077d54cdf244d_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:dad83ae3c921ff7444f8317fbdc165a43f9177b5d0554b08a960d9752ed1dbf8_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:57538de1fa62ef85ff3bcf844e90d44d79bb35bae50b21b2029d5fdcb909520c_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:b0c240f80580258ce2e46a0799839048a13c75ea5f0c1afdeb197f7fa559c2f3_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:b7e8f2fc682eb7ae91bb81b41e2b3e0b11fbabf1399e3013cd1353d3e5503423_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:bb4a9276e2362c620f8db391c796e04e5baedef7e677b58385283ade2cd3210e_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:19521b1b70014a01fa4c7eb5852bd621714246aaa05ea39664357b3ab8f5aae4_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:63056ed45fb5ba627a3cd35d0866d49ebcfa214e1fef12e8005540b656948cbf_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:b590daae5128cf8d3c83fe406a6c293ed496cd75015dd9c04fe8e75677bcf898_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:c6e7572299b082af41e6354ba0c793961b525df3131710da9b7fa1700864e0ee_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:1ca6accd21c73a5e7bf04400e042fd1ee84ff7d18754e50fed5f5dd8f92c1208_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:385376977c96bac3a56120ec859b410f8eb869d61195ceca2ab6b8602ae60f98_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:486133a133b4eb1886bf64ca623ffedf08b1eb102fa9c129614bb9ac711afdad_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:87a79c1d5b549de5dd7295ee7e6051a3d31a3d09b016a4904a2f0f29661468f8_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:205fb68996e4662d1dc53846fe878f3704caaff051e788b9b8c01c653d2d2dd6_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:7c2ec1a251c2bf42c2b90a092e3a1e781b0e6b78894574324f559dc3ce05b918_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:b94388d2168c576294a666ad688c11058a9120a1f82f46b00e17efc7cac8e283_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:e89b050a707bd7ce17b43a72bb9a39a3e587dbadb607b16c52848609b0d6ac13_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:4961180b0cf3005e3b13596a62d00b5417b79db6763ed6499bbdd33ffc5e7d8f_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:8f0a22e65065dd0a0d7603d880ba5204f697cab690d48bec4096ac4dfced34eb_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:c531d7b27a6ab1f33e07badfd713ef3fb2c51be09e2a054654d88e634e74211b_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:c6e080ca0bd427202f59aaa22ebbe6c0e605ea826a39a7ae6d31830847a2abb4_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:657056516c00fda9f925f3a49cb77fbee15bd85744da16eb30fc6d5b50f19cb5_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:8427851fc9e645146de5aa8f1fbc1b43ae774d4373f3523b5236eae17d54976c_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:91eb2632f9174d001ccdd904a6b0ee2aa08e31b784fb7854d6e00ef5537797f2_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:ceacd9e28ebf4e2b8be2915703fcb47739098a1ef0eb47cfd5165ab09ae5f11f_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:10710f43daa6a7596580e2251a4ce78b9f5f129b69ae86b830fac2ced267dc53_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:5028095ad4062ba947075e6c1064c6cae11a3a7495bd5ed93a2dd47fa08abf7f_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:73343845c72dea40bfa36649b13d1d241f0190aa7b4d4e05952b43710ef8de42_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:b683c66057d65b6ca4360a31811944b4083de6b6294cf09a1c841a4498cbfd0e_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:4909fc1686e26c789c42426b51718ef756c595b25ba7bb372f80cbe76cd81e50_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:647960dd990e5d4b7203450392a03d5e395de52b9a09b7488897f76f9ec16ac3_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:98ef84a6f8d90cb09113e6a3431fa00c5910ab5ba9e8263e22f7c2fc39443c20_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:f4ec8416deebe2f69231a2d137e05f0b244216826e1c029ff751d46cea8e0e09_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:34b737d8960e90357006419682b8b28f10d30cec8ae8ddfbdc7805cddb0ae120_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:65595440f3d1b49881d658d7fbfc3e48805a010e8b4808a0c113b25725b6d5df_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:755cea404ea13004e6d142985f6c7607d3d87daec4db4861bd06b6cbbeb62047_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:a67877772626c15a61c0c84009c7a4aed49e352d08d1fb518325a5190975cee6_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:38fc5ff2e94071852aaeafe98394ad26a15384046a3979e731e074c131b0e89c_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:49bc55113a9e69d0555440dab3b73c436fa9c7032f1d22e5cfdb592f5a78bd62_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:75f3f3856b19e3169e534f148048fa0ff34974523723850da22fa982c6771165_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:ba7d02e77d8dd52dd61425b27b400e0b3b2db16a82addb444bf12ec6d30a3364_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:4a78df0a94677a0eefa21b58a9ce4e277f02ae73b62def3c67ff530a352e3f6c_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:656d328dab901a6c91acd23695d857c74e513b03424dac9070b013786b5b15d7_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:9b4d478ea1b8f678154eae25a63fa4c5efaf6c6d2af26200bb5fd5d24288c2ce_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:bdb1cb4d3ed7e091b2241e5e279a8b327d3710396597e215b718a677f96878ed_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:3a178a67d25889f7999f738077ed6a9247a77b9507aa7a05921fcff60b9d2636_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:3f0158b470e1cd9a76d28d7d3840e722548900b045e23bdd110c0eefae987249_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:49d9b1b412dc6adada0336e6fa9088e732b67a77baa77e802d44d36a31b7b675_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:65872b0324e907feaa4e7f2851d29d35306549ce35005259eaf6cb1f560c7a06_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:7aafa8c6604fab9ddd9d7e01ce2e32dac0496f3ffe0468aaefca10aba3a02d7f_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:a50ba0fa8810e141d7e0fa31e6f5387c9335ed8fc83f95c4293be0212f15e658_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:baa6d9bc58f4d70b7207688bd743e940b51a1d677b3ae357e8b81cb739e2790c_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:cdbcc2e47b1e2846b1d847bdf1a2e8972e1bcd5a55756feb15def6c20812f0ef_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:13c46cc94f63978ae9aad5e5a8e28f05602a165eb264f5d3a36af7b320f40030_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:9e9170e5f4303bb0d664e875656971a359f42100ffcad76cf895db0bee84cb19_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:c8939d68dc4dea211e4aadef72d92cc4be2650407581f807241ccda0bb8960fc_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:e24ccd1d29f5d3019c0b64f8ef9bdcb235eb9555e67d625c06339865727fdd92_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:101d95caac7754e2a52d604b5458c1e37f243baa00f63270cbed87eb1b070057_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:17996ed18a7c5946d45802bf31f8a5075c6080f8e5340334d21764f6bd946454_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:42cd33038c6dc4f5f60ad6d62a29a3446fe69c632238614005cc2d9ed1d65902_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:a16813a750131e825a9cae498bbcfd6b377f6762e08e8743ef06f4eb06a7297c_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:65d3d04cada5750601d2372642d14e64320cee7b8a5286e11fdd477ba8b5e7ba_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:7e83ecbd9f40272e5359826761a2b6d9f48a299d99ffa245e4343d2a5526b289_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:92c0a5ad9e0f0825cf06b1ffdd753180b60b553a55675b327b34146081c41ae6_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b388e4e313a3e2b766a443b14a7c932ae6aa0b2aa1e39c450c34ec3cb540074d_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:2389723dc391b58f2b78a873d7b3ce061835dd0851806c0ac1807f1a5fdb1ccf_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:2d4c85b612c10c09608c6a54cd9e55487439a30635938e018ea66f3562d5995b_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:30b9c14e2c64f979c5775c331b264223075f8aa29199c9bdbb2365480553a061_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:853563cd50f8782fbd516fa1d4154593e421757677cd1fdbbf32cd8cb6231a99_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:03d39fb027b3d3db514d944e1911266e99b0fb5671cefa7287dc898aa0116ed9_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:15409fb17ca0e206d33b2819c8459e2ef609cb34ec0f4debd786bb2c8c4162f6_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:d44f4a854122aad1cf7bd4e5611ee36557a86331cb687236401237858f1150f6_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:fa649457709bd0d8098b928dc8ff1813169c7abc82af9c4f81e270ef77e83c63_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:0fb43c8bc323fb5066209cbd990c260096c331a5eca5a695c9715765cb5fcaef_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:64aefc4a5241b636add963a7ae9c80e89fb6e51c2c70b1340c16c2a396223460_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:95d4dcb17bfe3ba981ce84a27e79e8bad1f0574b7d287316ac885c3a03b47d0b_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:d37298739aa029391da1e24a052d68fb4d42a654493f3f9c0cf5f84894b2a359_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:0adb1f93691c91c098e88d10a5c85bb9c40a86c97ce9da03db4ef046aa729046_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:20f4edc0c5cec375d29a0d1556f57d107da7300bf9fa0bbb79a03241f8103d0e_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:a3eb86fccb73f1177cb8ecc0a2f0c34977a51d2e1dc6f206f7d9abcda51a1950_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:b2e406bf1cdc672d655c6805851b6f511a293f3d44c844663a3bab720c3ceff1_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:609b6f5a0f9f1d86d123414bbf80b79afa50d575c8e9d57845db41b798a32369_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:759c3b2c67e24f134f48628adb4c81bb82a060f57821ece082ba043831f6e730_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:8a14ece050720263b1e66751121324660edae661a27e5401c94082ca5fd2a6aa_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:d96ae13c66493e6e82532abb5aa0ca4e97409539ac3d0f0bb8ad25e9b8b84141_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:76e7acc3f5083d73cbcfdaf4d59790070ef1b77a202242d661540bbefcc92542_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:a8583d0cb70c604bcdf595eac14ce3f25ca4ffd98d0ebb7c38ae9601b3906fee_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:c97f22fa4f3502f16a68d488692ebf7cc048f49b5c56820670f29d5fdaa7d960_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:db050305b80c665ecbd3c205b0acd660487874bfba688bd715e26fb151fd2189_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:47b70eda9d66d5ecf0b503b65401907cd6563b9dc1a72ece63ba7ecdcd08487a_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:6ea72894ba4d2ec772ab6565019f4600234957af802797c650c32516d56ea121_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:7d701a3e0495b98428f1cb072dd1fd655963fa4b4537198d26cd62e3c38fff63_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:dc78fbb014fa97d6ee2b2b32475dc39c7277f132558c7f8b5299b6a85018043a_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:52cb87eb762d0aeb6fc26335f7416bd1975c64ebc55d37914553178627e4325c_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:76e2cca6983c688231e90f11868900ae32fb495032ffdf1a27eaceb34e24d51c_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:bbfc3a0e887427d11018ac789ff75b6d94167f52fbc756749e3d54391d4355bb_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:bc9f9494efef5a03e42db6a0da3d79717420b932d176e66f33885beb47ac1f8b_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2407258"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the archive/tar package in the Go standard library. tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A specially crafted tar archive with a pax header indicating a big number of sparse regions can cause a Go program to try to allocate a large amount of memory, causing an out-of-memory condition and resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: archive/tar: Unbounded allocation when parsing GNU sparse map",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, an attacker needs to be able to process a specially crafted GNU tar pax 1.0 archive with the application using the archive/tar package. Additionally, this issue can cause the Go application to allocate a large amount of memory, eventually leading to an out-of-memory condition and resulting in a denial of service with no other security impact. Due to these reasons, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:1a9bf49ede874a64c5acbe426e62324b564458e5575db9dd95230a15933e9adc_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:a464a9d46467012d73772656bd5eb81713bcc2d27b461e1083ba5c00548156a8_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:b3cb1d388c9d992b4721a1087e142255583868d0c855f5603d37b67d2c0ed64c_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:d66e556ff0b55bf9a54b45dc26e5175a662be785440db589efe01efa9da30d0e_ppc64le"
],
"known_not_affected": [
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:6010f1e00ada07c0100468bde8ab20c176610f9d8e7498fc26d46960d63c9984_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:9530059a49869e8f1909a7ab06036c7fd36018a14ae2e6f22c5c0c1868eaaf49_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:b1eb4a408936b8cd0863c04fb7fe3a72e875c06d9f5c33dca4c82dd4a05a027f_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:ea9dda951ced7f3641ba5afd651191a75321cb0db5e251f66a510bc6d6f0f090_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:2b20ddec4825b4224839823ce56183cd163491142b9d613f51f5e15859c0bf2f_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:5cf7bb103490cb1b5423c7d02d5b412f9059dca5455770fb0ecae8e1331493d7_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:c9456c7efa795d600500ab1c05e30ac7ce8f83fd571c5d8cfc0d382fcf575d9f_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:d1773b6567bd5ebd6b33e5ff24bafdd17e1d1f4dceb2a93fd4355bad0995b7a9_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:4c30c0f1e5ba711350357dbfb9f5048129a90be5c28011f85116a2fb365c6f4c_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:88c09914c96a5eeea856d8ec05f7c4d7afff9537990a3508073a98de2977e983_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:a2bbd28144d23264473715038172a92b199f6fb0a1b1f3f1cad2c56a3454fe00_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:b1619f86a599f1c386e8b487a1855b6f99a3538a619b55479debce224f541544_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:09ddc268aff8a2e20a6678fe200843c4fc98e9e1d305074c5bbef73760ec15a9_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:3d1a892c3842daea43ff64fa6bfb2276504003de0c8822412bb403e90c783d1b_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:5606d9e6154e3eb20a6c7b94346881ddedb155f54473f0713d67fe4fa0586ac3_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:9e783056352c39529e7315855af6d05cde5b39c009d2e67b9d88fb0210d30ed0_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:140b3b9a9526130a50040e355eb02609e0c38bf9ec0a8d5bcefb31862e2024f7_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:64efc33fe97ef9bcae490ff0ca61717dd48e6b0b0aab417e8ff252250baed576_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:994412dd0b9619d215a17d5ac684b11864f12030a399437247dbfa9f26061e31_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:f6a4ce6ceab1271e0afab9e60f4ef27745c584341ba944fd10e0b4209c8e4650_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:13ef7c6b65ffe6a1b434091830aa08fe539d9befd8e55f3177e486e59fdfc9b5_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:67bbdc696225283b4baa550a402fb03d9999ccd471a62622df1bbf0917ac8f52_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:8b16aa9760ba4402dfef3eac989432a794af7c1c71f3e1127f6077d54cdf244d_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:dad83ae3c921ff7444f8317fbdc165a43f9177b5d0554b08a960d9752ed1dbf8_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:57538de1fa62ef85ff3bcf844e90d44d79bb35bae50b21b2029d5fdcb909520c_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:b0c240f80580258ce2e46a0799839048a13c75ea5f0c1afdeb197f7fa559c2f3_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:b7e8f2fc682eb7ae91bb81b41e2b3e0b11fbabf1399e3013cd1353d3e5503423_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:bb4a9276e2362c620f8db391c796e04e5baedef7e677b58385283ade2cd3210e_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:19521b1b70014a01fa4c7eb5852bd621714246aaa05ea39664357b3ab8f5aae4_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:63056ed45fb5ba627a3cd35d0866d49ebcfa214e1fef12e8005540b656948cbf_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:b590daae5128cf8d3c83fe406a6c293ed496cd75015dd9c04fe8e75677bcf898_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:c6e7572299b082af41e6354ba0c793961b525df3131710da9b7fa1700864e0ee_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:1ca6accd21c73a5e7bf04400e042fd1ee84ff7d18754e50fed5f5dd8f92c1208_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:385376977c96bac3a56120ec859b410f8eb869d61195ceca2ab6b8602ae60f98_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:486133a133b4eb1886bf64ca623ffedf08b1eb102fa9c129614bb9ac711afdad_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:87a79c1d5b549de5dd7295ee7e6051a3d31a3d09b016a4904a2f0f29661468f8_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:205fb68996e4662d1dc53846fe878f3704caaff051e788b9b8c01c653d2d2dd6_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:7c2ec1a251c2bf42c2b90a092e3a1e781b0e6b78894574324f559dc3ce05b918_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:b94388d2168c576294a666ad688c11058a9120a1f82f46b00e17efc7cac8e283_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:e89b050a707bd7ce17b43a72bb9a39a3e587dbadb607b16c52848609b0d6ac13_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:4961180b0cf3005e3b13596a62d00b5417b79db6763ed6499bbdd33ffc5e7d8f_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:8f0a22e65065dd0a0d7603d880ba5204f697cab690d48bec4096ac4dfced34eb_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:c531d7b27a6ab1f33e07badfd713ef3fb2c51be09e2a054654d88e634e74211b_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:c6e080ca0bd427202f59aaa22ebbe6c0e605ea826a39a7ae6d31830847a2abb4_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:657056516c00fda9f925f3a49cb77fbee15bd85744da16eb30fc6d5b50f19cb5_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:8427851fc9e645146de5aa8f1fbc1b43ae774d4373f3523b5236eae17d54976c_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:91eb2632f9174d001ccdd904a6b0ee2aa08e31b784fb7854d6e00ef5537797f2_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:ceacd9e28ebf4e2b8be2915703fcb47739098a1ef0eb47cfd5165ab09ae5f11f_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:10710f43daa6a7596580e2251a4ce78b9f5f129b69ae86b830fac2ced267dc53_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:5028095ad4062ba947075e6c1064c6cae11a3a7495bd5ed93a2dd47fa08abf7f_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:73343845c72dea40bfa36649b13d1d241f0190aa7b4d4e05952b43710ef8de42_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:b683c66057d65b6ca4360a31811944b4083de6b6294cf09a1c841a4498cbfd0e_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:4909fc1686e26c789c42426b51718ef756c595b25ba7bb372f80cbe76cd81e50_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:647960dd990e5d4b7203450392a03d5e395de52b9a09b7488897f76f9ec16ac3_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:98ef84a6f8d90cb09113e6a3431fa00c5910ab5ba9e8263e22f7c2fc39443c20_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:f4ec8416deebe2f69231a2d137e05f0b244216826e1c029ff751d46cea8e0e09_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:34b737d8960e90357006419682b8b28f10d30cec8ae8ddfbdc7805cddb0ae120_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:65595440f3d1b49881d658d7fbfc3e48805a010e8b4808a0c113b25725b6d5df_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:755cea404ea13004e6d142985f6c7607d3d87daec4db4861bd06b6cbbeb62047_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:a67877772626c15a61c0c84009c7a4aed49e352d08d1fb518325a5190975cee6_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:38fc5ff2e94071852aaeafe98394ad26a15384046a3979e731e074c131b0e89c_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:49bc55113a9e69d0555440dab3b73c436fa9c7032f1d22e5cfdb592f5a78bd62_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:75f3f3856b19e3169e534f148048fa0ff34974523723850da22fa982c6771165_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:ba7d02e77d8dd52dd61425b27b400e0b3b2db16a82addb444bf12ec6d30a3364_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:4a78df0a94677a0eefa21b58a9ce4e277f02ae73b62def3c67ff530a352e3f6c_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:656d328dab901a6c91acd23695d857c74e513b03424dac9070b013786b5b15d7_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:9b4d478ea1b8f678154eae25a63fa4c5efaf6c6d2af26200bb5fd5d24288c2ce_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:bdb1cb4d3ed7e091b2241e5e279a8b327d3710396597e215b718a677f96878ed_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:3a178a67d25889f7999f738077ed6a9247a77b9507aa7a05921fcff60b9d2636_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:3f0158b470e1cd9a76d28d7d3840e722548900b045e23bdd110c0eefae987249_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:49d9b1b412dc6adada0336e6fa9088e732b67a77baa77e802d44d36a31b7b675_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:65872b0324e907feaa4e7f2851d29d35306549ce35005259eaf6cb1f560c7a06_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:7aafa8c6604fab9ddd9d7e01ce2e32dac0496f3ffe0468aaefca10aba3a02d7f_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:a50ba0fa8810e141d7e0fa31e6f5387c9335ed8fc83f95c4293be0212f15e658_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:baa6d9bc58f4d70b7207688bd743e940b51a1d677b3ae357e8b81cb739e2790c_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:cdbcc2e47b1e2846b1d847bdf1a2e8972e1bcd5a55756feb15def6c20812f0ef_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:13c46cc94f63978ae9aad5e5a8e28f05602a165eb264f5d3a36af7b320f40030_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:9e9170e5f4303bb0d664e875656971a359f42100ffcad76cf895db0bee84cb19_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:c8939d68dc4dea211e4aadef72d92cc4be2650407581f807241ccda0bb8960fc_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:e24ccd1d29f5d3019c0b64f8ef9bdcb235eb9555e67d625c06339865727fdd92_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:101d95caac7754e2a52d604b5458c1e37f243baa00f63270cbed87eb1b070057_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:17996ed18a7c5946d45802bf31f8a5075c6080f8e5340334d21764f6bd946454_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:42cd33038c6dc4f5f60ad6d62a29a3446fe69c632238614005cc2d9ed1d65902_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:a16813a750131e825a9cae498bbcfd6b377f6762e08e8743ef06f4eb06a7297c_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:65d3d04cada5750601d2372642d14e64320cee7b8a5286e11fdd477ba8b5e7ba_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:7e83ecbd9f40272e5359826761a2b6d9f48a299d99ffa245e4343d2a5526b289_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:92c0a5ad9e0f0825cf06b1ffdd753180b60b553a55675b327b34146081c41ae6_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b388e4e313a3e2b766a443b14a7c932ae6aa0b2aa1e39c450c34ec3cb540074d_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:2389723dc391b58f2b78a873d7b3ce061835dd0851806c0ac1807f1a5fdb1ccf_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:2d4c85b612c10c09608c6a54cd9e55487439a30635938e018ea66f3562d5995b_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:30b9c14e2c64f979c5775c331b264223075f8aa29199c9bdbb2365480553a061_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:853563cd50f8782fbd516fa1d4154593e421757677cd1fdbbf32cd8cb6231a99_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:03d39fb027b3d3db514d944e1911266e99b0fb5671cefa7287dc898aa0116ed9_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:15409fb17ca0e206d33b2819c8459e2ef609cb34ec0f4debd786bb2c8c4162f6_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:d44f4a854122aad1cf7bd4e5611ee36557a86331cb687236401237858f1150f6_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:fa649457709bd0d8098b928dc8ff1813169c7abc82af9c4f81e270ef77e83c63_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:0fb43c8bc323fb5066209cbd990c260096c331a5eca5a695c9715765cb5fcaef_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:64aefc4a5241b636add963a7ae9c80e89fb6e51c2c70b1340c16c2a396223460_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:95d4dcb17bfe3ba981ce84a27e79e8bad1f0574b7d287316ac885c3a03b47d0b_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:d37298739aa029391da1e24a052d68fb4d42a654493f3f9c0cf5f84894b2a359_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:0adb1f93691c91c098e88d10a5c85bb9c40a86c97ce9da03db4ef046aa729046_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:20f4edc0c5cec375d29a0d1556f57d107da7300bf9fa0bbb79a03241f8103d0e_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:a3eb86fccb73f1177cb8ecc0a2f0c34977a51d2e1dc6f206f7d9abcda51a1950_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:b2e406bf1cdc672d655c6805851b6f511a293f3d44c844663a3bab720c3ceff1_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:609b6f5a0f9f1d86d123414bbf80b79afa50d575c8e9d57845db41b798a32369_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:759c3b2c67e24f134f48628adb4c81bb82a060f57821ece082ba043831f6e730_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:8a14ece050720263b1e66751121324660edae661a27e5401c94082ca5fd2a6aa_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:d96ae13c66493e6e82532abb5aa0ca4e97409539ac3d0f0bb8ad25e9b8b84141_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:76e7acc3f5083d73cbcfdaf4d59790070ef1b77a202242d661540bbefcc92542_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:a8583d0cb70c604bcdf595eac14ce3f25ca4ffd98d0ebb7c38ae9601b3906fee_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:c97f22fa4f3502f16a68d488692ebf7cc048f49b5c56820670f29d5fdaa7d960_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:db050305b80c665ecbd3c205b0acd660487874bfba688bd715e26fb151fd2189_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:47b70eda9d66d5ecf0b503b65401907cd6563b9dc1a72ece63ba7ecdcd08487a_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:6ea72894ba4d2ec772ab6565019f4600234957af802797c650c32516d56ea121_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:7d701a3e0495b98428f1cb072dd1fd655963fa4b4537198d26cd62e3c38fff63_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:dc78fbb014fa97d6ee2b2b32475dc39c7277f132558c7f8b5299b6a85018043a_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:52cb87eb762d0aeb6fc26335f7416bd1975c64ebc55d37914553178627e4325c_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:76e2cca6983c688231e90f11868900ae32fb495032ffdf1a27eaceb34e24d51c_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:bbfc3a0e887427d11018ac789ff75b6d94167f52fbc756749e3d54391d4355bb_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:bc9f9494efef5a03e42db6a0da3d79717420b932d176e66f33885beb47ac1f8b_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-58183"
},
{
"category": "external",
"summary": "RHBZ#2407258",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2407258"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-58183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58183"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"category": "external",
"summary": "https://go.dev/cl/709861",
"url": "https://go.dev/cl/709861"
},
{
"category": "external",
"summary": "https://go.dev/issue/75677",
"url": "https://go.dev/issue/75677"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI",
"url": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4014",
"url": "https://pkg.go.dev/vuln/GO-2025-4014"
}
],
"release_date": "2025-10-29T22:10:14.376000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-04T16:50:36+00:00",
"details": "For multicluster engine for Kubernetes, see the following documentation for\ndetails on how to install the images:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.15/html/clusters/cluster_mce_overview#mce-install-intro",
"product_ids": [
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:1a9bf49ede874a64c5acbe426e62324b564458e5575db9dd95230a15933e9adc_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:a464a9d46467012d73772656bd5eb81713bcc2d27b461e1083ba5c00548156a8_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:b3cb1d388c9d992b4721a1087e142255583868d0c855f5603d37b67d2c0ed64c_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:d66e556ff0b55bf9a54b45dc26e5175a662be785440db589efe01efa9da30d0e_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:13542"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:6010f1e00ada07c0100468bde8ab20c176610f9d8e7498fc26d46960d63c9984_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:9530059a49869e8f1909a7ab06036c7fd36018a14ae2e6f22c5c0c1868eaaf49_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:b1eb4a408936b8cd0863c04fb7fe3a72e875c06d9f5c33dca4c82dd4a05a027f_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:ea9dda951ced7f3641ba5afd651191a75321cb0db5e251f66a510bc6d6f0f090_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:1a9bf49ede874a64c5acbe426e62324b564458e5575db9dd95230a15933e9adc_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:a464a9d46467012d73772656bd5eb81713bcc2d27b461e1083ba5c00548156a8_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:b3cb1d388c9d992b4721a1087e142255583868d0c855f5603d37b67d2c0ed64c_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:d66e556ff0b55bf9a54b45dc26e5175a662be785440db589efe01efa9da30d0e_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:2b20ddec4825b4224839823ce56183cd163491142b9d613f51f5e15859c0bf2f_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:5cf7bb103490cb1b5423c7d02d5b412f9059dca5455770fb0ecae8e1331493d7_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:c9456c7efa795d600500ab1c05e30ac7ce8f83fd571c5d8cfc0d382fcf575d9f_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:d1773b6567bd5ebd6b33e5ff24bafdd17e1d1f4dceb2a93fd4355bad0995b7a9_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:4c30c0f1e5ba711350357dbfb9f5048129a90be5c28011f85116a2fb365c6f4c_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:88c09914c96a5eeea856d8ec05f7c4d7afff9537990a3508073a98de2977e983_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:a2bbd28144d23264473715038172a92b199f6fb0a1b1f3f1cad2c56a3454fe00_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:b1619f86a599f1c386e8b487a1855b6f99a3538a619b55479debce224f541544_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:09ddc268aff8a2e20a6678fe200843c4fc98e9e1d305074c5bbef73760ec15a9_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:3d1a892c3842daea43ff64fa6bfb2276504003de0c8822412bb403e90c783d1b_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:5606d9e6154e3eb20a6c7b94346881ddedb155f54473f0713d67fe4fa0586ac3_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:9e783056352c39529e7315855af6d05cde5b39c009d2e67b9d88fb0210d30ed0_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:140b3b9a9526130a50040e355eb02609e0c38bf9ec0a8d5bcefb31862e2024f7_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:64efc33fe97ef9bcae490ff0ca61717dd48e6b0b0aab417e8ff252250baed576_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:994412dd0b9619d215a17d5ac684b11864f12030a399437247dbfa9f26061e31_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:f6a4ce6ceab1271e0afab9e60f4ef27745c584341ba944fd10e0b4209c8e4650_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:13ef7c6b65ffe6a1b434091830aa08fe539d9befd8e55f3177e486e59fdfc9b5_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:67bbdc696225283b4baa550a402fb03d9999ccd471a62622df1bbf0917ac8f52_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:8b16aa9760ba4402dfef3eac989432a794af7c1c71f3e1127f6077d54cdf244d_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:dad83ae3c921ff7444f8317fbdc165a43f9177b5d0554b08a960d9752ed1dbf8_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:57538de1fa62ef85ff3bcf844e90d44d79bb35bae50b21b2029d5fdcb909520c_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:b0c240f80580258ce2e46a0799839048a13c75ea5f0c1afdeb197f7fa559c2f3_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:b7e8f2fc682eb7ae91bb81b41e2b3e0b11fbabf1399e3013cd1353d3e5503423_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:bb4a9276e2362c620f8db391c796e04e5baedef7e677b58385283ade2cd3210e_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:19521b1b70014a01fa4c7eb5852bd621714246aaa05ea39664357b3ab8f5aae4_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:63056ed45fb5ba627a3cd35d0866d49ebcfa214e1fef12e8005540b656948cbf_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:b590daae5128cf8d3c83fe406a6c293ed496cd75015dd9c04fe8e75677bcf898_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:c6e7572299b082af41e6354ba0c793961b525df3131710da9b7fa1700864e0ee_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:1ca6accd21c73a5e7bf04400e042fd1ee84ff7d18754e50fed5f5dd8f92c1208_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:385376977c96bac3a56120ec859b410f8eb869d61195ceca2ab6b8602ae60f98_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:486133a133b4eb1886bf64ca623ffedf08b1eb102fa9c129614bb9ac711afdad_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:87a79c1d5b549de5dd7295ee7e6051a3d31a3d09b016a4904a2f0f29661468f8_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:205fb68996e4662d1dc53846fe878f3704caaff051e788b9b8c01c653d2d2dd6_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:7c2ec1a251c2bf42c2b90a092e3a1e781b0e6b78894574324f559dc3ce05b918_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:b94388d2168c576294a666ad688c11058a9120a1f82f46b00e17efc7cac8e283_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:e89b050a707bd7ce17b43a72bb9a39a3e587dbadb607b16c52848609b0d6ac13_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:4961180b0cf3005e3b13596a62d00b5417b79db6763ed6499bbdd33ffc5e7d8f_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:8f0a22e65065dd0a0d7603d880ba5204f697cab690d48bec4096ac4dfced34eb_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:c531d7b27a6ab1f33e07badfd713ef3fb2c51be09e2a054654d88e634e74211b_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:c6e080ca0bd427202f59aaa22ebbe6c0e605ea826a39a7ae6d31830847a2abb4_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:657056516c00fda9f925f3a49cb77fbee15bd85744da16eb30fc6d5b50f19cb5_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:8427851fc9e645146de5aa8f1fbc1b43ae774d4373f3523b5236eae17d54976c_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:91eb2632f9174d001ccdd904a6b0ee2aa08e31b784fb7854d6e00ef5537797f2_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:ceacd9e28ebf4e2b8be2915703fcb47739098a1ef0eb47cfd5165ab09ae5f11f_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:10710f43daa6a7596580e2251a4ce78b9f5f129b69ae86b830fac2ced267dc53_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:5028095ad4062ba947075e6c1064c6cae11a3a7495bd5ed93a2dd47fa08abf7f_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:73343845c72dea40bfa36649b13d1d241f0190aa7b4d4e05952b43710ef8de42_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:b683c66057d65b6ca4360a31811944b4083de6b6294cf09a1c841a4498cbfd0e_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:4909fc1686e26c789c42426b51718ef756c595b25ba7bb372f80cbe76cd81e50_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:647960dd990e5d4b7203450392a03d5e395de52b9a09b7488897f76f9ec16ac3_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:98ef84a6f8d90cb09113e6a3431fa00c5910ab5ba9e8263e22f7c2fc39443c20_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:f4ec8416deebe2f69231a2d137e05f0b244216826e1c029ff751d46cea8e0e09_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:34b737d8960e90357006419682b8b28f10d30cec8ae8ddfbdc7805cddb0ae120_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:65595440f3d1b49881d658d7fbfc3e48805a010e8b4808a0c113b25725b6d5df_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:755cea404ea13004e6d142985f6c7607d3d87daec4db4861bd06b6cbbeb62047_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:a67877772626c15a61c0c84009c7a4aed49e352d08d1fb518325a5190975cee6_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:38fc5ff2e94071852aaeafe98394ad26a15384046a3979e731e074c131b0e89c_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:49bc55113a9e69d0555440dab3b73c436fa9c7032f1d22e5cfdb592f5a78bd62_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:75f3f3856b19e3169e534f148048fa0ff34974523723850da22fa982c6771165_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:ba7d02e77d8dd52dd61425b27b400e0b3b2db16a82addb444bf12ec6d30a3364_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:4a78df0a94677a0eefa21b58a9ce4e277f02ae73b62def3c67ff530a352e3f6c_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:656d328dab901a6c91acd23695d857c74e513b03424dac9070b013786b5b15d7_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:9b4d478ea1b8f678154eae25a63fa4c5efaf6c6d2af26200bb5fd5d24288c2ce_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:bdb1cb4d3ed7e091b2241e5e279a8b327d3710396597e215b718a677f96878ed_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:3a178a67d25889f7999f738077ed6a9247a77b9507aa7a05921fcff60b9d2636_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:3f0158b470e1cd9a76d28d7d3840e722548900b045e23bdd110c0eefae987249_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:49d9b1b412dc6adada0336e6fa9088e732b67a77baa77e802d44d36a31b7b675_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:65872b0324e907feaa4e7f2851d29d35306549ce35005259eaf6cb1f560c7a06_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:7aafa8c6604fab9ddd9d7e01ce2e32dac0496f3ffe0468aaefca10aba3a02d7f_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:a50ba0fa8810e141d7e0fa31e6f5387c9335ed8fc83f95c4293be0212f15e658_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:baa6d9bc58f4d70b7207688bd743e940b51a1d677b3ae357e8b81cb739e2790c_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:cdbcc2e47b1e2846b1d847bdf1a2e8972e1bcd5a55756feb15def6c20812f0ef_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:13c46cc94f63978ae9aad5e5a8e28f05602a165eb264f5d3a36af7b320f40030_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:9e9170e5f4303bb0d664e875656971a359f42100ffcad76cf895db0bee84cb19_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:c8939d68dc4dea211e4aadef72d92cc4be2650407581f807241ccda0bb8960fc_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:e24ccd1d29f5d3019c0b64f8ef9bdcb235eb9555e67d625c06339865727fdd92_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:101d95caac7754e2a52d604b5458c1e37f243baa00f63270cbed87eb1b070057_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:17996ed18a7c5946d45802bf31f8a5075c6080f8e5340334d21764f6bd946454_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:42cd33038c6dc4f5f60ad6d62a29a3446fe69c632238614005cc2d9ed1d65902_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:a16813a750131e825a9cae498bbcfd6b377f6762e08e8743ef06f4eb06a7297c_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:65d3d04cada5750601d2372642d14e64320cee7b8a5286e11fdd477ba8b5e7ba_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:7e83ecbd9f40272e5359826761a2b6d9f48a299d99ffa245e4343d2a5526b289_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:92c0a5ad9e0f0825cf06b1ffdd753180b60b553a55675b327b34146081c41ae6_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b388e4e313a3e2b766a443b14a7c932ae6aa0b2aa1e39c450c34ec3cb540074d_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:2389723dc391b58f2b78a873d7b3ce061835dd0851806c0ac1807f1a5fdb1ccf_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:2d4c85b612c10c09608c6a54cd9e55487439a30635938e018ea66f3562d5995b_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:30b9c14e2c64f979c5775c331b264223075f8aa29199c9bdbb2365480553a061_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:853563cd50f8782fbd516fa1d4154593e421757677cd1fdbbf32cd8cb6231a99_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:03d39fb027b3d3db514d944e1911266e99b0fb5671cefa7287dc898aa0116ed9_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:15409fb17ca0e206d33b2819c8459e2ef609cb34ec0f4debd786bb2c8c4162f6_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:d44f4a854122aad1cf7bd4e5611ee36557a86331cb687236401237858f1150f6_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:fa649457709bd0d8098b928dc8ff1813169c7abc82af9c4f81e270ef77e83c63_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:0fb43c8bc323fb5066209cbd990c260096c331a5eca5a695c9715765cb5fcaef_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:64aefc4a5241b636add963a7ae9c80e89fb6e51c2c70b1340c16c2a396223460_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:95d4dcb17bfe3ba981ce84a27e79e8bad1f0574b7d287316ac885c3a03b47d0b_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:d37298739aa029391da1e24a052d68fb4d42a654493f3f9c0cf5f84894b2a359_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:0adb1f93691c91c098e88d10a5c85bb9c40a86c97ce9da03db4ef046aa729046_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:20f4edc0c5cec375d29a0d1556f57d107da7300bf9fa0bbb79a03241f8103d0e_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:a3eb86fccb73f1177cb8ecc0a2f0c34977a51d2e1dc6f206f7d9abcda51a1950_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:b2e406bf1cdc672d655c6805851b6f511a293f3d44c844663a3bab720c3ceff1_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:609b6f5a0f9f1d86d123414bbf80b79afa50d575c8e9d57845db41b798a32369_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:759c3b2c67e24f134f48628adb4c81bb82a060f57821ece082ba043831f6e730_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:8a14ece050720263b1e66751121324660edae661a27e5401c94082ca5fd2a6aa_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:d96ae13c66493e6e82532abb5aa0ca4e97409539ac3d0f0bb8ad25e9b8b84141_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:76e7acc3f5083d73cbcfdaf4d59790070ef1b77a202242d661540bbefcc92542_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:a8583d0cb70c604bcdf595eac14ce3f25ca4ffd98d0ebb7c38ae9601b3906fee_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:c97f22fa4f3502f16a68d488692ebf7cc048f49b5c56820670f29d5fdaa7d960_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:db050305b80c665ecbd3c205b0acd660487874bfba688bd715e26fb151fd2189_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:47b70eda9d66d5ecf0b503b65401907cd6563b9dc1a72ece63ba7ecdcd08487a_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:6ea72894ba4d2ec772ab6565019f4600234957af802797c650c32516d56ea121_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:7d701a3e0495b98428f1cb072dd1fd655963fa4b4537198d26cd62e3c38fff63_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:dc78fbb014fa97d6ee2b2b32475dc39c7277f132558c7f8b5299b6a85018043a_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:52cb87eb762d0aeb6fc26335f7416bd1975c64ebc55d37914553178627e4325c_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:76e2cca6983c688231e90f11868900ae32fb495032ffdf1a27eaceb34e24d51c_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:bbfc3a0e887427d11018ac789ff75b6d94167f52fbc756749e3d54391d4355bb_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:bc9f9494efef5a03e42db6a0da3d79717420b932d176e66f33885beb47ac1f8b_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:6010f1e00ada07c0100468bde8ab20c176610f9d8e7498fc26d46960d63c9984_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:9530059a49869e8f1909a7ab06036c7fd36018a14ae2e6f22c5c0c1868eaaf49_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:b1eb4a408936b8cd0863c04fb7fe3a72e875c06d9f5c33dca4c82dd4a05a027f_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:ea9dda951ced7f3641ba5afd651191a75321cb0db5e251f66a510bc6d6f0f090_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:1a9bf49ede874a64c5acbe426e62324b564458e5575db9dd95230a15933e9adc_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:a464a9d46467012d73772656bd5eb81713bcc2d27b461e1083ba5c00548156a8_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:b3cb1d388c9d992b4721a1087e142255583868d0c855f5603d37b67d2c0ed64c_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:d66e556ff0b55bf9a54b45dc26e5175a662be785440db589efe01efa9da30d0e_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:2b20ddec4825b4224839823ce56183cd163491142b9d613f51f5e15859c0bf2f_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:5cf7bb103490cb1b5423c7d02d5b412f9059dca5455770fb0ecae8e1331493d7_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:c9456c7efa795d600500ab1c05e30ac7ce8f83fd571c5d8cfc0d382fcf575d9f_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:d1773b6567bd5ebd6b33e5ff24bafdd17e1d1f4dceb2a93fd4355bad0995b7a9_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:4c30c0f1e5ba711350357dbfb9f5048129a90be5c28011f85116a2fb365c6f4c_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:88c09914c96a5eeea856d8ec05f7c4d7afff9537990a3508073a98de2977e983_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:a2bbd28144d23264473715038172a92b199f6fb0a1b1f3f1cad2c56a3454fe00_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:b1619f86a599f1c386e8b487a1855b6f99a3538a619b55479debce224f541544_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:09ddc268aff8a2e20a6678fe200843c4fc98e9e1d305074c5bbef73760ec15a9_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:3d1a892c3842daea43ff64fa6bfb2276504003de0c8822412bb403e90c783d1b_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:5606d9e6154e3eb20a6c7b94346881ddedb155f54473f0713d67fe4fa0586ac3_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:9e783056352c39529e7315855af6d05cde5b39c009d2e67b9d88fb0210d30ed0_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:140b3b9a9526130a50040e355eb02609e0c38bf9ec0a8d5bcefb31862e2024f7_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:64efc33fe97ef9bcae490ff0ca61717dd48e6b0b0aab417e8ff252250baed576_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:994412dd0b9619d215a17d5ac684b11864f12030a399437247dbfa9f26061e31_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:f6a4ce6ceab1271e0afab9e60f4ef27745c584341ba944fd10e0b4209c8e4650_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:13ef7c6b65ffe6a1b434091830aa08fe539d9befd8e55f3177e486e59fdfc9b5_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:67bbdc696225283b4baa550a402fb03d9999ccd471a62622df1bbf0917ac8f52_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:8b16aa9760ba4402dfef3eac989432a794af7c1c71f3e1127f6077d54cdf244d_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:dad83ae3c921ff7444f8317fbdc165a43f9177b5d0554b08a960d9752ed1dbf8_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:57538de1fa62ef85ff3bcf844e90d44d79bb35bae50b21b2029d5fdcb909520c_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:b0c240f80580258ce2e46a0799839048a13c75ea5f0c1afdeb197f7fa559c2f3_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:b7e8f2fc682eb7ae91bb81b41e2b3e0b11fbabf1399e3013cd1353d3e5503423_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:bb4a9276e2362c620f8db391c796e04e5baedef7e677b58385283ade2cd3210e_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:19521b1b70014a01fa4c7eb5852bd621714246aaa05ea39664357b3ab8f5aae4_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:63056ed45fb5ba627a3cd35d0866d49ebcfa214e1fef12e8005540b656948cbf_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:b590daae5128cf8d3c83fe406a6c293ed496cd75015dd9c04fe8e75677bcf898_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:c6e7572299b082af41e6354ba0c793961b525df3131710da9b7fa1700864e0ee_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:1ca6accd21c73a5e7bf04400e042fd1ee84ff7d18754e50fed5f5dd8f92c1208_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:385376977c96bac3a56120ec859b410f8eb869d61195ceca2ab6b8602ae60f98_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:486133a133b4eb1886bf64ca623ffedf08b1eb102fa9c129614bb9ac711afdad_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:87a79c1d5b549de5dd7295ee7e6051a3d31a3d09b016a4904a2f0f29661468f8_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:205fb68996e4662d1dc53846fe878f3704caaff051e788b9b8c01c653d2d2dd6_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:7c2ec1a251c2bf42c2b90a092e3a1e781b0e6b78894574324f559dc3ce05b918_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:b94388d2168c576294a666ad688c11058a9120a1f82f46b00e17efc7cac8e283_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:e89b050a707bd7ce17b43a72bb9a39a3e587dbadb607b16c52848609b0d6ac13_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:4961180b0cf3005e3b13596a62d00b5417b79db6763ed6499bbdd33ffc5e7d8f_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:8f0a22e65065dd0a0d7603d880ba5204f697cab690d48bec4096ac4dfced34eb_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:c531d7b27a6ab1f33e07badfd713ef3fb2c51be09e2a054654d88e634e74211b_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:c6e080ca0bd427202f59aaa22ebbe6c0e605ea826a39a7ae6d31830847a2abb4_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:657056516c00fda9f925f3a49cb77fbee15bd85744da16eb30fc6d5b50f19cb5_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:8427851fc9e645146de5aa8f1fbc1b43ae774d4373f3523b5236eae17d54976c_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:91eb2632f9174d001ccdd904a6b0ee2aa08e31b784fb7854d6e00ef5537797f2_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:ceacd9e28ebf4e2b8be2915703fcb47739098a1ef0eb47cfd5165ab09ae5f11f_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:10710f43daa6a7596580e2251a4ce78b9f5f129b69ae86b830fac2ced267dc53_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:5028095ad4062ba947075e6c1064c6cae11a3a7495bd5ed93a2dd47fa08abf7f_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:73343845c72dea40bfa36649b13d1d241f0190aa7b4d4e05952b43710ef8de42_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:b683c66057d65b6ca4360a31811944b4083de6b6294cf09a1c841a4498cbfd0e_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:4909fc1686e26c789c42426b51718ef756c595b25ba7bb372f80cbe76cd81e50_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:647960dd990e5d4b7203450392a03d5e395de52b9a09b7488897f76f9ec16ac3_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:98ef84a6f8d90cb09113e6a3431fa00c5910ab5ba9e8263e22f7c2fc39443c20_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:f4ec8416deebe2f69231a2d137e05f0b244216826e1c029ff751d46cea8e0e09_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:34b737d8960e90357006419682b8b28f10d30cec8ae8ddfbdc7805cddb0ae120_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:65595440f3d1b49881d658d7fbfc3e48805a010e8b4808a0c113b25725b6d5df_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:755cea404ea13004e6d142985f6c7607d3d87daec4db4861bd06b6cbbeb62047_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:a67877772626c15a61c0c84009c7a4aed49e352d08d1fb518325a5190975cee6_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:38fc5ff2e94071852aaeafe98394ad26a15384046a3979e731e074c131b0e89c_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:49bc55113a9e69d0555440dab3b73c436fa9c7032f1d22e5cfdb592f5a78bd62_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:75f3f3856b19e3169e534f148048fa0ff34974523723850da22fa982c6771165_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:ba7d02e77d8dd52dd61425b27b400e0b3b2db16a82addb444bf12ec6d30a3364_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:4a78df0a94677a0eefa21b58a9ce4e277f02ae73b62def3c67ff530a352e3f6c_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:656d328dab901a6c91acd23695d857c74e513b03424dac9070b013786b5b15d7_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:9b4d478ea1b8f678154eae25a63fa4c5efaf6c6d2af26200bb5fd5d24288c2ce_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:bdb1cb4d3ed7e091b2241e5e279a8b327d3710396597e215b718a677f96878ed_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:3a178a67d25889f7999f738077ed6a9247a77b9507aa7a05921fcff60b9d2636_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:3f0158b470e1cd9a76d28d7d3840e722548900b045e23bdd110c0eefae987249_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:49d9b1b412dc6adada0336e6fa9088e732b67a77baa77e802d44d36a31b7b675_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:65872b0324e907feaa4e7f2851d29d35306549ce35005259eaf6cb1f560c7a06_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:7aafa8c6604fab9ddd9d7e01ce2e32dac0496f3ffe0468aaefca10aba3a02d7f_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:a50ba0fa8810e141d7e0fa31e6f5387c9335ed8fc83f95c4293be0212f15e658_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:baa6d9bc58f4d70b7207688bd743e940b51a1d677b3ae357e8b81cb739e2790c_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:cdbcc2e47b1e2846b1d847bdf1a2e8972e1bcd5a55756feb15def6c20812f0ef_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:13c46cc94f63978ae9aad5e5a8e28f05602a165eb264f5d3a36af7b320f40030_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:9e9170e5f4303bb0d664e875656971a359f42100ffcad76cf895db0bee84cb19_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:c8939d68dc4dea211e4aadef72d92cc4be2650407581f807241ccda0bb8960fc_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:e24ccd1d29f5d3019c0b64f8ef9bdcb235eb9555e67d625c06339865727fdd92_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:101d95caac7754e2a52d604b5458c1e37f243baa00f63270cbed87eb1b070057_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:17996ed18a7c5946d45802bf31f8a5075c6080f8e5340334d21764f6bd946454_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:42cd33038c6dc4f5f60ad6d62a29a3446fe69c632238614005cc2d9ed1d65902_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:a16813a750131e825a9cae498bbcfd6b377f6762e08e8743ef06f4eb06a7297c_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:65d3d04cada5750601d2372642d14e64320cee7b8a5286e11fdd477ba8b5e7ba_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:7e83ecbd9f40272e5359826761a2b6d9f48a299d99ffa245e4343d2a5526b289_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:92c0a5ad9e0f0825cf06b1ffdd753180b60b553a55675b327b34146081c41ae6_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b388e4e313a3e2b766a443b14a7c932ae6aa0b2aa1e39c450c34ec3cb540074d_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:2389723dc391b58f2b78a873d7b3ce061835dd0851806c0ac1807f1a5fdb1ccf_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:2d4c85b612c10c09608c6a54cd9e55487439a30635938e018ea66f3562d5995b_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:30b9c14e2c64f979c5775c331b264223075f8aa29199c9bdbb2365480553a061_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:853563cd50f8782fbd516fa1d4154593e421757677cd1fdbbf32cd8cb6231a99_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:03d39fb027b3d3db514d944e1911266e99b0fb5671cefa7287dc898aa0116ed9_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:15409fb17ca0e206d33b2819c8459e2ef609cb34ec0f4debd786bb2c8c4162f6_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:d44f4a854122aad1cf7bd4e5611ee36557a86331cb687236401237858f1150f6_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:fa649457709bd0d8098b928dc8ff1813169c7abc82af9c4f81e270ef77e83c63_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:0fb43c8bc323fb5066209cbd990c260096c331a5eca5a695c9715765cb5fcaef_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:64aefc4a5241b636add963a7ae9c80e89fb6e51c2c70b1340c16c2a396223460_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:95d4dcb17bfe3ba981ce84a27e79e8bad1f0574b7d287316ac885c3a03b47d0b_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:d37298739aa029391da1e24a052d68fb4d42a654493f3f9c0cf5f84894b2a359_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:0adb1f93691c91c098e88d10a5c85bb9c40a86c97ce9da03db4ef046aa729046_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:20f4edc0c5cec375d29a0d1556f57d107da7300bf9fa0bbb79a03241f8103d0e_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:a3eb86fccb73f1177cb8ecc0a2f0c34977a51d2e1dc6f206f7d9abcda51a1950_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:b2e406bf1cdc672d655c6805851b6f511a293f3d44c844663a3bab720c3ceff1_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:609b6f5a0f9f1d86d123414bbf80b79afa50d575c8e9d57845db41b798a32369_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:759c3b2c67e24f134f48628adb4c81bb82a060f57821ece082ba043831f6e730_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:8a14ece050720263b1e66751121324660edae661a27e5401c94082ca5fd2a6aa_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:d96ae13c66493e6e82532abb5aa0ca4e97409539ac3d0f0bb8ad25e9b8b84141_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:76e7acc3f5083d73cbcfdaf4d59790070ef1b77a202242d661540bbefcc92542_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:a8583d0cb70c604bcdf595eac14ce3f25ca4ffd98d0ebb7c38ae9601b3906fee_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:c97f22fa4f3502f16a68d488692ebf7cc048f49b5c56820670f29d5fdaa7d960_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:db050305b80c665ecbd3c205b0acd660487874bfba688bd715e26fb151fd2189_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:47b70eda9d66d5ecf0b503b65401907cd6563b9dc1a72ece63ba7ecdcd08487a_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:6ea72894ba4d2ec772ab6565019f4600234957af802797c650c32516d56ea121_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:7d701a3e0495b98428f1cb072dd1fd655963fa4b4537198d26cd62e3c38fff63_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:dc78fbb014fa97d6ee2b2b32475dc39c7277f132558c7f8b5299b6a85018043a_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:52cb87eb762d0aeb6fc26335f7416bd1975c64ebc55d37914553178627e4325c_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:76e2cca6983c688231e90f11868900ae32fb495032ffdf1a27eaceb34e24d51c_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:bbfc3a0e887427d11018ac789ff75b6d94167f52fbc756749e3d54391d4355bb_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:bc9f9494efef5a03e42db6a0da3d79717420b932d176e66f33885beb47ac1f8b_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: archive/tar: Unbounded allocation when parsing GNU sparse map"
},
{
"cve": "CVE-2025-61726",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-28T20:01:42.791305+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:6010f1e00ada07c0100468bde8ab20c176610f9d8e7498fc26d46960d63c9984_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:9530059a49869e8f1909a7ab06036c7fd36018a14ae2e6f22c5c0c1868eaaf49_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:b1eb4a408936b8cd0863c04fb7fe3a72e875c06d9f5c33dca4c82dd4a05a027f_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:ea9dda951ced7f3641ba5afd651191a75321cb0db5e251f66a510bc6d6f0f090_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:2b20ddec4825b4224839823ce56183cd163491142b9d613f51f5e15859c0bf2f_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:5cf7bb103490cb1b5423c7d02d5b412f9059dca5455770fb0ecae8e1331493d7_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:c9456c7efa795d600500ab1c05e30ac7ce8f83fd571c5d8cfc0d382fcf575d9f_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:d1773b6567bd5ebd6b33e5ff24bafdd17e1d1f4dceb2a93fd4355bad0995b7a9_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:4c30c0f1e5ba711350357dbfb9f5048129a90be5c28011f85116a2fb365c6f4c_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:88c09914c96a5eeea856d8ec05f7c4d7afff9537990a3508073a98de2977e983_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:a2bbd28144d23264473715038172a92b199f6fb0a1b1f3f1cad2c56a3454fe00_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:b1619f86a599f1c386e8b487a1855b6f99a3538a619b55479debce224f541544_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:09ddc268aff8a2e20a6678fe200843c4fc98e9e1d305074c5bbef73760ec15a9_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:3d1a892c3842daea43ff64fa6bfb2276504003de0c8822412bb403e90c783d1b_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:5606d9e6154e3eb20a6c7b94346881ddedb155f54473f0713d67fe4fa0586ac3_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:9e783056352c39529e7315855af6d05cde5b39c009d2e67b9d88fb0210d30ed0_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:140b3b9a9526130a50040e355eb02609e0c38bf9ec0a8d5bcefb31862e2024f7_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:64efc33fe97ef9bcae490ff0ca61717dd48e6b0b0aab417e8ff252250baed576_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:994412dd0b9619d215a17d5ac684b11864f12030a399437247dbfa9f26061e31_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:f6a4ce6ceab1271e0afab9e60f4ef27745c584341ba944fd10e0b4209c8e4650_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:13ef7c6b65ffe6a1b434091830aa08fe539d9befd8e55f3177e486e59fdfc9b5_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:67bbdc696225283b4baa550a402fb03d9999ccd471a62622df1bbf0917ac8f52_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:8b16aa9760ba4402dfef3eac989432a794af7c1c71f3e1127f6077d54cdf244d_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:dad83ae3c921ff7444f8317fbdc165a43f9177b5d0554b08a960d9752ed1dbf8_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:57538de1fa62ef85ff3bcf844e90d44d79bb35bae50b21b2029d5fdcb909520c_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:b0c240f80580258ce2e46a0799839048a13c75ea5f0c1afdeb197f7fa559c2f3_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:b7e8f2fc682eb7ae91bb81b41e2b3e0b11fbabf1399e3013cd1353d3e5503423_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:bb4a9276e2362c620f8db391c796e04e5baedef7e677b58385283ade2cd3210e_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:19521b1b70014a01fa4c7eb5852bd621714246aaa05ea39664357b3ab8f5aae4_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:63056ed45fb5ba627a3cd35d0866d49ebcfa214e1fef12e8005540b656948cbf_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:b590daae5128cf8d3c83fe406a6c293ed496cd75015dd9c04fe8e75677bcf898_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:c6e7572299b082af41e6354ba0c793961b525df3131710da9b7fa1700864e0ee_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:1ca6accd21c73a5e7bf04400e042fd1ee84ff7d18754e50fed5f5dd8f92c1208_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:385376977c96bac3a56120ec859b410f8eb869d61195ceca2ab6b8602ae60f98_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:486133a133b4eb1886bf64ca623ffedf08b1eb102fa9c129614bb9ac711afdad_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:87a79c1d5b549de5dd7295ee7e6051a3d31a3d09b016a4904a2f0f29661468f8_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:205fb68996e4662d1dc53846fe878f3704caaff051e788b9b8c01c653d2d2dd6_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:7c2ec1a251c2bf42c2b90a092e3a1e781b0e6b78894574324f559dc3ce05b918_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:b94388d2168c576294a666ad688c11058a9120a1f82f46b00e17efc7cac8e283_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:e89b050a707bd7ce17b43a72bb9a39a3e587dbadb607b16c52848609b0d6ac13_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:4961180b0cf3005e3b13596a62d00b5417b79db6763ed6499bbdd33ffc5e7d8f_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:8f0a22e65065dd0a0d7603d880ba5204f697cab690d48bec4096ac4dfced34eb_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:c531d7b27a6ab1f33e07badfd713ef3fb2c51be09e2a054654d88e634e74211b_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:c6e080ca0bd427202f59aaa22ebbe6c0e605ea826a39a7ae6d31830847a2abb4_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:657056516c00fda9f925f3a49cb77fbee15bd85744da16eb30fc6d5b50f19cb5_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:8427851fc9e645146de5aa8f1fbc1b43ae774d4373f3523b5236eae17d54976c_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:91eb2632f9174d001ccdd904a6b0ee2aa08e31b784fb7854d6e00ef5537797f2_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:ceacd9e28ebf4e2b8be2915703fcb47739098a1ef0eb47cfd5165ab09ae5f11f_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:10710f43daa6a7596580e2251a4ce78b9f5f129b69ae86b830fac2ced267dc53_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:5028095ad4062ba947075e6c1064c6cae11a3a7495bd5ed93a2dd47fa08abf7f_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:73343845c72dea40bfa36649b13d1d241f0190aa7b4d4e05952b43710ef8de42_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:b683c66057d65b6ca4360a31811944b4083de6b6294cf09a1c841a4498cbfd0e_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:34b737d8960e90357006419682b8b28f10d30cec8ae8ddfbdc7805cddb0ae120_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:65595440f3d1b49881d658d7fbfc3e48805a010e8b4808a0c113b25725b6d5df_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:755cea404ea13004e6d142985f6c7607d3d87daec4db4861bd06b6cbbeb62047_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:a67877772626c15a61c0c84009c7a4aed49e352d08d1fb518325a5190975cee6_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:38fc5ff2e94071852aaeafe98394ad26a15384046a3979e731e074c131b0e89c_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:49bc55113a9e69d0555440dab3b73c436fa9c7032f1d22e5cfdb592f5a78bd62_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:75f3f3856b19e3169e534f148048fa0ff34974523723850da22fa982c6771165_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:ba7d02e77d8dd52dd61425b27b400e0b3b2db16a82addb444bf12ec6d30a3364_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:4a78df0a94677a0eefa21b58a9ce4e277f02ae73b62def3c67ff530a352e3f6c_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:656d328dab901a6c91acd23695d857c74e513b03424dac9070b013786b5b15d7_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:9b4d478ea1b8f678154eae25a63fa4c5efaf6c6d2af26200bb5fd5d24288c2ce_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:bdb1cb4d3ed7e091b2241e5e279a8b327d3710396597e215b718a677f96878ed_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:3a178a67d25889f7999f738077ed6a9247a77b9507aa7a05921fcff60b9d2636_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:3f0158b470e1cd9a76d28d7d3840e722548900b045e23bdd110c0eefae987249_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:49d9b1b412dc6adada0336e6fa9088e732b67a77baa77e802d44d36a31b7b675_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:65872b0324e907feaa4e7f2851d29d35306549ce35005259eaf6cb1f560c7a06_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:7aafa8c6604fab9ddd9d7e01ce2e32dac0496f3ffe0468aaefca10aba3a02d7f_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:a50ba0fa8810e141d7e0fa31e6f5387c9335ed8fc83f95c4293be0212f15e658_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:baa6d9bc58f4d70b7207688bd743e940b51a1d677b3ae357e8b81cb739e2790c_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:cdbcc2e47b1e2846b1d847bdf1a2e8972e1bcd5a55756feb15def6c20812f0ef_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:13c46cc94f63978ae9aad5e5a8e28f05602a165eb264f5d3a36af7b320f40030_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:9e9170e5f4303bb0d664e875656971a359f42100ffcad76cf895db0bee84cb19_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:c8939d68dc4dea211e4aadef72d92cc4be2650407581f807241ccda0bb8960fc_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:e24ccd1d29f5d3019c0b64f8ef9bdcb235eb9555e67d625c06339865727fdd92_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:101d95caac7754e2a52d604b5458c1e37f243baa00f63270cbed87eb1b070057_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:17996ed18a7c5946d45802bf31f8a5075c6080f8e5340334d21764f6bd946454_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:42cd33038c6dc4f5f60ad6d62a29a3446fe69c632238614005cc2d9ed1d65902_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:a16813a750131e825a9cae498bbcfd6b377f6762e08e8743ef06f4eb06a7297c_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:65d3d04cada5750601d2372642d14e64320cee7b8a5286e11fdd477ba8b5e7ba_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:7e83ecbd9f40272e5359826761a2b6d9f48a299d99ffa245e4343d2a5526b289_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:92c0a5ad9e0f0825cf06b1ffdd753180b60b553a55675b327b34146081c41ae6_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b388e4e313a3e2b766a443b14a7c932ae6aa0b2aa1e39c450c34ec3cb540074d_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:2389723dc391b58f2b78a873d7b3ce061835dd0851806c0ac1807f1a5fdb1ccf_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:2d4c85b612c10c09608c6a54cd9e55487439a30635938e018ea66f3562d5995b_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:30b9c14e2c64f979c5775c331b264223075f8aa29199c9bdbb2365480553a061_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:853563cd50f8782fbd516fa1d4154593e421757677cd1fdbbf32cd8cb6231a99_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:03d39fb027b3d3db514d944e1911266e99b0fb5671cefa7287dc898aa0116ed9_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:15409fb17ca0e206d33b2819c8459e2ef609cb34ec0f4debd786bb2c8c4162f6_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:d44f4a854122aad1cf7bd4e5611ee36557a86331cb687236401237858f1150f6_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:fa649457709bd0d8098b928dc8ff1813169c7abc82af9c4f81e270ef77e83c63_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:0fb43c8bc323fb5066209cbd990c260096c331a5eca5a695c9715765cb5fcaef_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:64aefc4a5241b636add963a7ae9c80e89fb6e51c2c70b1340c16c2a396223460_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:95d4dcb17bfe3ba981ce84a27e79e8bad1f0574b7d287316ac885c3a03b47d0b_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:d37298739aa029391da1e24a052d68fb4d42a654493f3f9c0cf5f84894b2a359_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:0adb1f93691c91c098e88d10a5c85bb9c40a86c97ce9da03db4ef046aa729046_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:20f4edc0c5cec375d29a0d1556f57d107da7300bf9fa0bbb79a03241f8103d0e_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:a3eb86fccb73f1177cb8ecc0a2f0c34977a51d2e1dc6f206f7d9abcda51a1950_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:b2e406bf1cdc672d655c6805851b6f511a293f3d44c844663a3bab720c3ceff1_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:609b6f5a0f9f1d86d123414bbf80b79afa50d575c8e9d57845db41b798a32369_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:759c3b2c67e24f134f48628adb4c81bb82a060f57821ece082ba043831f6e730_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:8a14ece050720263b1e66751121324660edae661a27e5401c94082ca5fd2a6aa_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:d96ae13c66493e6e82532abb5aa0ca4e97409539ac3d0f0bb8ad25e9b8b84141_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:76e7acc3f5083d73cbcfdaf4d59790070ef1b77a202242d661540bbefcc92542_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:a8583d0cb70c604bcdf595eac14ce3f25ca4ffd98d0ebb7c38ae9601b3906fee_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:c97f22fa4f3502f16a68d488692ebf7cc048f49b5c56820670f29d5fdaa7d960_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:db050305b80c665ecbd3c205b0acd660487874bfba688bd715e26fb151fd2189_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:47b70eda9d66d5ecf0b503b65401907cd6563b9dc1a72ece63ba7ecdcd08487a_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:6ea72894ba4d2ec772ab6565019f4600234957af802797c650c32516d56ea121_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:7d701a3e0495b98428f1cb072dd1fd655963fa4b4537198d26cd62e3c38fff63_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:dc78fbb014fa97d6ee2b2b32475dc39c7277f132558c7f8b5299b6a85018043a_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:52cb87eb762d0aeb6fc26335f7416bd1975c64ebc55d37914553178627e4325c_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:76e2cca6983c688231e90f11868900ae32fb495032ffdf1a27eaceb34e24d51c_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:bbfc3a0e887427d11018ac789ff75b6d94167f52fbc756749e3d54391d4355bb_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:bc9f9494efef5a03e42db6a0da3d79717420b932d176e66f33885beb47ac1f8b_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2434432"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/url: Memory exhaustion in query parameter parsing in net/url",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker must be able to send a specially crafted HTTP request to an application parsing URL-encoded forms with net/url, specifically a request containing a large number of unique query parameters. The request will cause the application to consume an excessive amount of memory and eventually result in a denial of service, with no impact to confidentiality or integrity. Due to this reason, this vulnerability has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:1a9bf49ede874a64c5acbe426e62324b564458e5575db9dd95230a15933e9adc_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:a464a9d46467012d73772656bd5eb81713bcc2d27b461e1083ba5c00548156a8_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:b3cb1d388c9d992b4721a1087e142255583868d0c855f5603d37b67d2c0ed64c_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:d66e556ff0b55bf9a54b45dc26e5175a662be785440db589efe01efa9da30d0e_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:4909fc1686e26c789c42426b51718ef756c595b25ba7bb372f80cbe76cd81e50_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:647960dd990e5d4b7203450392a03d5e395de52b9a09b7488897f76f9ec16ac3_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:98ef84a6f8d90cb09113e6a3431fa00c5910ab5ba9e8263e22f7c2fc39443c20_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:f4ec8416deebe2f69231a2d137e05f0b244216826e1c029ff751d46cea8e0e09_ppc64le"
],
"known_not_affected": [
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:6010f1e00ada07c0100468bde8ab20c176610f9d8e7498fc26d46960d63c9984_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:9530059a49869e8f1909a7ab06036c7fd36018a14ae2e6f22c5c0c1868eaaf49_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:b1eb4a408936b8cd0863c04fb7fe3a72e875c06d9f5c33dca4c82dd4a05a027f_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:ea9dda951ced7f3641ba5afd651191a75321cb0db5e251f66a510bc6d6f0f090_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:2b20ddec4825b4224839823ce56183cd163491142b9d613f51f5e15859c0bf2f_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:5cf7bb103490cb1b5423c7d02d5b412f9059dca5455770fb0ecae8e1331493d7_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:c9456c7efa795d600500ab1c05e30ac7ce8f83fd571c5d8cfc0d382fcf575d9f_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:d1773b6567bd5ebd6b33e5ff24bafdd17e1d1f4dceb2a93fd4355bad0995b7a9_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:4c30c0f1e5ba711350357dbfb9f5048129a90be5c28011f85116a2fb365c6f4c_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:88c09914c96a5eeea856d8ec05f7c4d7afff9537990a3508073a98de2977e983_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:a2bbd28144d23264473715038172a92b199f6fb0a1b1f3f1cad2c56a3454fe00_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:b1619f86a599f1c386e8b487a1855b6f99a3538a619b55479debce224f541544_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:09ddc268aff8a2e20a6678fe200843c4fc98e9e1d305074c5bbef73760ec15a9_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:3d1a892c3842daea43ff64fa6bfb2276504003de0c8822412bb403e90c783d1b_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:5606d9e6154e3eb20a6c7b94346881ddedb155f54473f0713d67fe4fa0586ac3_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:9e783056352c39529e7315855af6d05cde5b39c009d2e67b9d88fb0210d30ed0_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:140b3b9a9526130a50040e355eb02609e0c38bf9ec0a8d5bcefb31862e2024f7_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:64efc33fe97ef9bcae490ff0ca61717dd48e6b0b0aab417e8ff252250baed576_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:994412dd0b9619d215a17d5ac684b11864f12030a399437247dbfa9f26061e31_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:f6a4ce6ceab1271e0afab9e60f4ef27745c584341ba944fd10e0b4209c8e4650_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:13ef7c6b65ffe6a1b434091830aa08fe539d9befd8e55f3177e486e59fdfc9b5_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:67bbdc696225283b4baa550a402fb03d9999ccd471a62622df1bbf0917ac8f52_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:8b16aa9760ba4402dfef3eac989432a794af7c1c71f3e1127f6077d54cdf244d_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:dad83ae3c921ff7444f8317fbdc165a43f9177b5d0554b08a960d9752ed1dbf8_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:57538de1fa62ef85ff3bcf844e90d44d79bb35bae50b21b2029d5fdcb909520c_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:b0c240f80580258ce2e46a0799839048a13c75ea5f0c1afdeb197f7fa559c2f3_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:b7e8f2fc682eb7ae91bb81b41e2b3e0b11fbabf1399e3013cd1353d3e5503423_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:bb4a9276e2362c620f8db391c796e04e5baedef7e677b58385283ade2cd3210e_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:19521b1b70014a01fa4c7eb5852bd621714246aaa05ea39664357b3ab8f5aae4_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:63056ed45fb5ba627a3cd35d0866d49ebcfa214e1fef12e8005540b656948cbf_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:b590daae5128cf8d3c83fe406a6c293ed496cd75015dd9c04fe8e75677bcf898_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:c6e7572299b082af41e6354ba0c793961b525df3131710da9b7fa1700864e0ee_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:1ca6accd21c73a5e7bf04400e042fd1ee84ff7d18754e50fed5f5dd8f92c1208_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:385376977c96bac3a56120ec859b410f8eb869d61195ceca2ab6b8602ae60f98_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:486133a133b4eb1886bf64ca623ffedf08b1eb102fa9c129614bb9ac711afdad_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:87a79c1d5b549de5dd7295ee7e6051a3d31a3d09b016a4904a2f0f29661468f8_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:205fb68996e4662d1dc53846fe878f3704caaff051e788b9b8c01c653d2d2dd6_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:7c2ec1a251c2bf42c2b90a092e3a1e781b0e6b78894574324f559dc3ce05b918_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:b94388d2168c576294a666ad688c11058a9120a1f82f46b00e17efc7cac8e283_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:e89b050a707bd7ce17b43a72bb9a39a3e587dbadb607b16c52848609b0d6ac13_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:4961180b0cf3005e3b13596a62d00b5417b79db6763ed6499bbdd33ffc5e7d8f_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:8f0a22e65065dd0a0d7603d880ba5204f697cab690d48bec4096ac4dfced34eb_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:c531d7b27a6ab1f33e07badfd713ef3fb2c51be09e2a054654d88e634e74211b_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:c6e080ca0bd427202f59aaa22ebbe6c0e605ea826a39a7ae6d31830847a2abb4_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:657056516c00fda9f925f3a49cb77fbee15bd85744da16eb30fc6d5b50f19cb5_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:8427851fc9e645146de5aa8f1fbc1b43ae774d4373f3523b5236eae17d54976c_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:91eb2632f9174d001ccdd904a6b0ee2aa08e31b784fb7854d6e00ef5537797f2_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:ceacd9e28ebf4e2b8be2915703fcb47739098a1ef0eb47cfd5165ab09ae5f11f_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:10710f43daa6a7596580e2251a4ce78b9f5f129b69ae86b830fac2ced267dc53_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:5028095ad4062ba947075e6c1064c6cae11a3a7495bd5ed93a2dd47fa08abf7f_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:73343845c72dea40bfa36649b13d1d241f0190aa7b4d4e05952b43710ef8de42_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:b683c66057d65b6ca4360a31811944b4083de6b6294cf09a1c841a4498cbfd0e_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:34b737d8960e90357006419682b8b28f10d30cec8ae8ddfbdc7805cddb0ae120_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:65595440f3d1b49881d658d7fbfc3e48805a010e8b4808a0c113b25725b6d5df_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:755cea404ea13004e6d142985f6c7607d3d87daec4db4861bd06b6cbbeb62047_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:a67877772626c15a61c0c84009c7a4aed49e352d08d1fb518325a5190975cee6_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:38fc5ff2e94071852aaeafe98394ad26a15384046a3979e731e074c131b0e89c_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:49bc55113a9e69d0555440dab3b73c436fa9c7032f1d22e5cfdb592f5a78bd62_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:75f3f3856b19e3169e534f148048fa0ff34974523723850da22fa982c6771165_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:ba7d02e77d8dd52dd61425b27b400e0b3b2db16a82addb444bf12ec6d30a3364_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:4a78df0a94677a0eefa21b58a9ce4e277f02ae73b62def3c67ff530a352e3f6c_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:656d328dab901a6c91acd23695d857c74e513b03424dac9070b013786b5b15d7_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:9b4d478ea1b8f678154eae25a63fa4c5efaf6c6d2af26200bb5fd5d24288c2ce_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:bdb1cb4d3ed7e091b2241e5e279a8b327d3710396597e215b718a677f96878ed_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:3a178a67d25889f7999f738077ed6a9247a77b9507aa7a05921fcff60b9d2636_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:3f0158b470e1cd9a76d28d7d3840e722548900b045e23bdd110c0eefae987249_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:49d9b1b412dc6adada0336e6fa9088e732b67a77baa77e802d44d36a31b7b675_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:65872b0324e907feaa4e7f2851d29d35306549ce35005259eaf6cb1f560c7a06_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:7aafa8c6604fab9ddd9d7e01ce2e32dac0496f3ffe0468aaefca10aba3a02d7f_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:a50ba0fa8810e141d7e0fa31e6f5387c9335ed8fc83f95c4293be0212f15e658_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:baa6d9bc58f4d70b7207688bd743e940b51a1d677b3ae357e8b81cb739e2790c_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:cdbcc2e47b1e2846b1d847bdf1a2e8972e1bcd5a55756feb15def6c20812f0ef_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:13c46cc94f63978ae9aad5e5a8e28f05602a165eb264f5d3a36af7b320f40030_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:9e9170e5f4303bb0d664e875656971a359f42100ffcad76cf895db0bee84cb19_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:c8939d68dc4dea211e4aadef72d92cc4be2650407581f807241ccda0bb8960fc_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:e24ccd1d29f5d3019c0b64f8ef9bdcb235eb9555e67d625c06339865727fdd92_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:101d95caac7754e2a52d604b5458c1e37f243baa00f63270cbed87eb1b070057_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:17996ed18a7c5946d45802bf31f8a5075c6080f8e5340334d21764f6bd946454_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:42cd33038c6dc4f5f60ad6d62a29a3446fe69c632238614005cc2d9ed1d65902_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:a16813a750131e825a9cae498bbcfd6b377f6762e08e8743ef06f4eb06a7297c_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:65d3d04cada5750601d2372642d14e64320cee7b8a5286e11fdd477ba8b5e7ba_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:7e83ecbd9f40272e5359826761a2b6d9f48a299d99ffa245e4343d2a5526b289_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:92c0a5ad9e0f0825cf06b1ffdd753180b60b553a55675b327b34146081c41ae6_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b388e4e313a3e2b766a443b14a7c932ae6aa0b2aa1e39c450c34ec3cb540074d_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:2389723dc391b58f2b78a873d7b3ce061835dd0851806c0ac1807f1a5fdb1ccf_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:2d4c85b612c10c09608c6a54cd9e55487439a30635938e018ea66f3562d5995b_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:30b9c14e2c64f979c5775c331b264223075f8aa29199c9bdbb2365480553a061_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:853563cd50f8782fbd516fa1d4154593e421757677cd1fdbbf32cd8cb6231a99_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:03d39fb027b3d3db514d944e1911266e99b0fb5671cefa7287dc898aa0116ed9_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:15409fb17ca0e206d33b2819c8459e2ef609cb34ec0f4debd786bb2c8c4162f6_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:d44f4a854122aad1cf7bd4e5611ee36557a86331cb687236401237858f1150f6_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:fa649457709bd0d8098b928dc8ff1813169c7abc82af9c4f81e270ef77e83c63_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:0fb43c8bc323fb5066209cbd990c260096c331a5eca5a695c9715765cb5fcaef_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:64aefc4a5241b636add963a7ae9c80e89fb6e51c2c70b1340c16c2a396223460_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:95d4dcb17bfe3ba981ce84a27e79e8bad1f0574b7d287316ac885c3a03b47d0b_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:d37298739aa029391da1e24a052d68fb4d42a654493f3f9c0cf5f84894b2a359_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:0adb1f93691c91c098e88d10a5c85bb9c40a86c97ce9da03db4ef046aa729046_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:20f4edc0c5cec375d29a0d1556f57d107da7300bf9fa0bbb79a03241f8103d0e_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:a3eb86fccb73f1177cb8ecc0a2f0c34977a51d2e1dc6f206f7d9abcda51a1950_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:b2e406bf1cdc672d655c6805851b6f511a293f3d44c844663a3bab720c3ceff1_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:609b6f5a0f9f1d86d123414bbf80b79afa50d575c8e9d57845db41b798a32369_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:759c3b2c67e24f134f48628adb4c81bb82a060f57821ece082ba043831f6e730_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:8a14ece050720263b1e66751121324660edae661a27e5401c94082ca5fd2a6aa_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:d96ae13c66493e6e82532abb5aa0ca4e97409539ac3d0f0bb8ad25e9b8b84141_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:76e7acc3f5083d73cbcfdaf4d59790070ef1b77a202242d661540bbefcc92542_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:a8583d0cb70c604bcdf595eac14ce3f25ca4ffd98d0ebb7c38ae9601b3906fee_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:c97f22fa4f3502f16a68d488692ebf7cc048f49b5c56820670f29d5fdaa7d960_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:db050305b80c665ecbd3c205b0acd660487874bfba688bd715e26fb151fd2189_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:47b70eda9d66d5ecf0b503b65401907cd6563b9dc1a72ece63ba7ecdcd08487a_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:6ea72894ba4d2ec772ab6565019f4600234957af802797c650c32516d56ea121_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:7d701a3e0495b98428f1cb072dd1fd655963fa4b4537198d26cd62e3c38fff63_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:dc78fbb014fa97d6ee2b2b32475dc39c7277f132558c7f8b5299b6a85018043a_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:52cb87eb762d0aeb6fc26335f7416bd1975c64ebc55d37914553178627e4325c_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:76e2cca6983c688231e90f11868900ae32fb495032ffdf1a27eaceb34e24d51c_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:bbfc3a0e887427d11018ac789ff75b6d94167f52fbc756749e3d54391d4355bb_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:bc9f9494efef5a03e42db6a0da3d79717420b932d176e66f33885beb47ac1f8b_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61726"
},
{
"category": "external",
"summary": "RHBZ#2434432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434432"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61726"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"category": "external",
"summary": "https://go.dev/cl/736712",
"url": "https://go.dev/cl/736712"
},
{
"category": "external",
"summary": "https://go.dev/issue/77101",
"url": "https://go.dev/issue/77101"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
"url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4341",
"url": "https://pkg.go.dev/vuln/GO-2026-4341"
}
],
"release_date": "2026-01-28T19:30:31.215000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-04T16:50:36+00:00",
"details": "For multicluster engine for Kubernetes, see the following documentation for\ndetails on how to install the images:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.15/html/clusters/cluster_mce_overview#mce-install-intro",
"product_ids": [
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:1a9bf49ede874a64c5acbe426e62324b564458e5575db9dd95230a15933e9adc_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:a464a9d46467012d73772656bd5eb81713bcc2d27b461e1083ba5c00548156a8_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:b3cb1d388c9d992b4721a1087e142255583868d0c855f5603d37b67d2c0ed64c_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:d66e556ff0b55bf9a54b45dc26e5175a662be785440db589efe01efa9da30d0e_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:4909fc1686e26c789c42426b51718ef756c595b25ba7bb372f80cbe76cd81e50_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:647960dd990e5d4b7203450392a03d5e395de52b9a09b7488897f76f9ec16ac3_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:98ef84a6f8d90cb09113e6a3431fa00c5910ab5ba9e8263e22f7c2fc39443c20_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:f4ec8416deebe2f69231a2d137e05f0b244216826e1c029ff751d46cea8e0e09_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:13542"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:6010f1e00ada07c0100468bde8ab20c176610f9d8e7498fc26d46960d63c9984_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:9530059a49869e8f1909a7ab06036c7fd36018a14ae2e6f22c5c0c1868eaaf49_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:b1eb4a408936b8cd0863c04fb7fe3a72e875c06d9f5c33dca4c82dd4a05a027f_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:ea9dda951ced7f3641ba5afd651191a75321cb0db5e251f66a510bc6d6f0f090_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:1a9bf49ede874a64c5acbe426e62324b564458e5575db9dd95230a15933e9adc_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:a464a9d46467012d73772656bd5eb81713bcc2d27b461e1083ba5c00548156a8_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:b3cb1d388c9d992b4721a1087e142255583868d0c855f5603d37b67d2c0ed64c_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:d66e556ff0b55bf9a54b45dc26e5175a662be785440db589efe01efa9da30d0e_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:2b20ddec4825b4224839823ce56183cd163491142b9d613f51f5e15859c0bf2f_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:5cf7bb103490cb1b5423c7d02d5b412f9059dca5455770fb0ecae8e1331493d7_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:c9456c7efa795d600500ab1c05e30ac7ce8f83fd571c5d8cfc0d382fcf575d9f_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:d1773b6567bd5ebd6b33e5ff24bafdd17e1d1f4dceb2a93fd4355bad0995b7a9_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:4c30c0f1e5ba711350357dbfb9f5048129a90be5c28011f85116a2fb365c6f4c_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:88c09914c96a5eeea856d8ec05f7c4d7afff9537990a3508073a98de2977e983_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:a2bbd28144d23264473715038172a92b199f6fb0a1b1f3f1cad2c56a3454fe00_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:b1619f86a599f1c386e8b487a1855b6f99a3538a619b55479debce224f541544_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:09ddc268aff8a2e20a6678fe200843c4fc98e9e1d305074c5bbef73760ec15a9_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:3d1a892c3842daea43ff64fa6bfb2276504003de0c8822412bb403e90c783d1b_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:5606d9e6154e3eb20a6c7b94346881ddedb155f54473f0713d67fe4fa0586ac3_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:9e783056352c39529e7315855af6d05cde5b39c009d2e67b9d88fb0210d30ed0_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:140b3b9a9526130a50040e355eb02609e0c38bf9ec0a8d5bcefb31862e2024f7_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:64efc33fe97ef9bcae490ff0ca61717dd48e6b0b0aab417e8ff252250baed576_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:994412dd0b9619d215a17d5ac684b11864f12030a399437247dbfa9f26061e31_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:f6a4ce6ceab1271e0afab9e60f4ef27745c584341ba944fd10e0b4209c8e4650_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:13ef7c6b65ffe6a1b434091830aa08fe539d9befd8e55f3177e486e59fdfc9b5_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:67bbdc696225283b4baa550a402fb03d9999ccd471a62622df1bbf0917ac8f52_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:8b16aa9760ba4402dfef3eac989432a794af7c1c71f3e1127f6077d54cdf244d_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:dad83ae3c921ff7444f8317fbdc165a43f9177b5d0554b08a960d9752ed1dbf8_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:57538de1fa62ef85ff3bcf844e90d44d79bb35bae50b21b2029d5fdcb909520c_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:b0c240f80580258ce2e46a0799839048a13c75ea5f0c1afdeb197f7fa559c2f3_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:b7e8f2fc682eb7ae91bb81b41e2b3e0b11fbabf1399e3013cd1353d3e5503423_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:bb4a9276e2362c620f8db391c796e04e5baedef7e677b58385283ade2cd3210e_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:19521b1b70014a01fa4c7eb5852bd621714246aaa05ea39664357b3ab8f5aae4_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:63056ed45fb5ba627a3cd35d0866d49ebcfa214e1fef12e8005540b656948cbf_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:b590daae5128cf8d3c83fe406a6c293ed496cd75015dd9c04fe8e75677bcf898_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:c6e7572299b082af41e6354ba0c793961b525df3131710da9b7fa1700864e0ee_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:1ca6accd21c73a5e7bf04400e042fd1ee84ff7d18754e50fed5f5dd8f92c1208_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:385376977c96bac3a56120ec859b410f8eb869d61195ceca2ab6b8602ae60f98_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:486133a133b4eb1886bf64ca623ffedf08b1eb102fa9c129614bb9ac711afdad_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:87a79c1d5b549de5dd7295ee7e6051a3d31a3d09b016a4904a2f0f29661468f8_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:205fb68996e4662d1dc53846fe878f3704caaff051e788b9b8c01c653d2d2dd6_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:7c2ec1a251c2bf42c2b90a092e3a1e781b0e6b78894574324f559dc3ce05b918_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:b94388d2168c576294a666ad688c11058a9120a1f82f46b00e17efc7cac8e283_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:e89b050a707bd7ce17b43a72bb9a39a3e587dbadb607b16c52848609b0d6ac13_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:4961180b0cf3005e3b13596a62d00b5417b79db6763ed6499bbdd33ffc5e7d8f_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:8f0a22e65065dd0a0d7603d880ba5204f697cab690d48bec4096ac4dfced34eb_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:c531d7b27a6ab1f33e07badfd713ef3fb2c51be09e2a054654d88e634e74211b_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:c6e080ca0bd427202f59aaa22ebbe6c0e605ea826a39a7ae6d31830847a2abb4_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:657056516c00fda9f925f3a49cb77fbee15bd85744da16eb30fc6d5b50f19cb5_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:8427851fc9e645146de5aa8f1fbc1b43ae774d4373f3523b5236eae17d54976c_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:91eb2632f9174d001ccdd904a6b0ee2aa08e31b784fb7854d6e00ef5537797f2_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:ceacd9e28ebf4e2b8be2915703fcb47739098a1ef0eb47cfd5165ab09ae5f11f_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:10710f43daa6a7596580e2251a4ce78b9f5f129b69ae86b830fac2ced267dc53_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:5028095ad4062ba947075e6c1064c6cae11a3a7495bd5ed93a2dd47fa08abf7f_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:73343845c72dea40bfa36649b13d1d241f0190aa7b4d4e05952b43710ef8de42_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:b683c66057d65b6ca4360a31811944b4083de6b6294cf09a1c841a4498cbfd0e_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:4909fc1686e26c789c42426b51718ef756c595b25ba7bb372f80cbe76cd81e50_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:647960dd990e5d4b7203450392a03d5e395de52b9a09b7488897f76f9ec16ac3_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:98ef84a6f8d90cb09113e6a3431fa00c5910ab5ba9e8263e22f7c2fc39443c20_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:f4ec8416deebe2f69231a2d137e05f0b244216826e1c029ff751d46cea8e0e09_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:34b737d8960e90357006419682b8b28f10d30cec8ae8ddfbdc7805cddb0ae120_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:65595440f3d1b49881d658d7fbfc3e48805a010e8b4808a0c113b25725b6d5df_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:755cea404ea13004e6d142985f6c7607d3d87daec4db4861bd06b6cbbeb62047_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:a67877772626c15a61c0c84009c7a4aed49e352d08d1fb518325a5190975cee6_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:38fc5ff2e94071852aaeafe98394ad26a15384046a3979e731e074c131b0e89c_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:49bc55113a9e69d0555440dab3b73c436fa9c7032f1d22e5cfdb592f5a78bd62_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:75f3f3856b19e3169e534f148048fa0ff34974523723850da22fa982c6771165_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:ba7d02e77d8dd52dd61425b27b400e0b3b2db16a82addb444bf12ec6d30a3364_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:4a78df0a94677a0eefa21b58a9ce4e277f02ae73b62def3c67ff530a352e3f6c_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:656d328dab901a6c91acd23695d857c74e513b03424dac9070b013786b5b15d7_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:9b4d478ea1b8f678154eae25a63fa4c5efaf6c6d2af26200bb5fd5d24288c2ce_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:bdb1cb4d3ed7e091b2241e5e279a8b327d3710396597e215b718a677f96878ed_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:3a178a67d25889f7999f738077ed6a9247a77b9507aa7a05921fcff60b9d2636_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:3f0158b470e1cd9a76d28d7d3840e722548900b045e23bdd110c0eefae987249_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:49d9b1b412dc6adada0336e6fa9088e732b67a77baa77e802d44d36a31b7b675_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:65872b0324e907feaa4e7f2851d29d35306549ce35005259eaf6cb1f560c7a06_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:7aafa8c6604fab9ddd9d7e01ce2e32dac0496f3ffe0468aaefca10aba3a02d7f_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:a50ba0fa8810e141d7e0fa31e6f5387c9335ed8fc83f95c4293be0212f15e658_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:baa6d9bc58f4d70b7207688bd743e940b51a1d677b3ae357e8b81cb739e2790c_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:cdbcc2e47b1e2846b1d847bdf1a2e8972e1bcd5a55756feb15def6c20812f0ef_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:13c46cc94f63978ae9aad5e5a8e28f05602a165eb264f5d3a36af7b320f40030_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:9e9170e5f4303bb0d664e875656971a359f42100ffcad76cf895db0bee84cb19_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:c8939d68dc4dea211e4aadef72d92cc4be2650407581f807241ccda0bb8960fc_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:e24ccd1d29f5d3019c0b64f8ef9bdcb235eb9555e67d625c06339865727fdd92_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:101d95caac7754e2a52d604b5458c1e37f243baa00f63270cbed87eb1b070057_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:17996ed18a7c5946d45802bf31f8a5075c6080f8e5340334d21764f6bd946454_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:42cd33038c6dc4f5f60ad6d62a29a3446fe69c632238614005cc2d9ed1d65902_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:a16813a750131e825a9cae498bbcfd6b377f6762e08e8743ef06f4eb06a7297c_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:65d3d04cada5750601d2372642d14e64320cee7b8a5286e11fdd477ba8b5e7ba_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:7e83ecbd9f40272e5359826761a2b6d9f48a299d99ffa245e4343d2a5526b289_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:92c0a5ad9e0f0825cf06b1ffdd753180b60b553a55675b327b34146081c41ae6_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b388e4e313a3e2b766a443b14a7c932ae6aa0b2aa1e39c450c34ec3cb540074d_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:2389723dc391b58f2b78a873d7b3ce061835dd0851806c0ac1807f1a5fdb1ccf_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:2d4c85b612c10c09608c6a54cd9e55487439a30635938e018ea66f3562d5995b_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:30b9c14e2c64f979c5775c331b264223075f8aa29199c9bdbb2365480553a061_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:853563cd50f8782fbd516fa1d4154593e421757677cd1fdbbf32cd8cb6231a99_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:03d39fb027b3d3db514d944e1911266e99b0fb5671cefa7287dc898aa0116ed9_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:15409fb17ca0e206d33b2819c8459e2ef609cb34ec0f4debd786bb2c8c4162f6_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:d44f4a854122aad1cf7bd4e5611ee36557a86331cb687236401237858f1150f6_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:fa649457709bd0d8098b928dc8ff1813169c7abc82af9c4f81e270ef77e83c63_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:0fb43c8bc323fb5066209cbd990c260096c331a5eca5a695c9715765cb5fcaef_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:64aefc4a5241b636add963a7ae9c80e89fb6e51c2c70b1340c16c2a396223460_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:95d4dcb17bfe3ba981ce84a27e79e8bad1f0574b7d287316ac885c3a03b47d0b_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:d37298739aa029391da1e24a052d68fb4d42a654493f3f9c0cf5f84894b2a359_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:0adb1f93691c91c098e88d10a5c85bb9c40a86c97ce9da03db4ef046aa729046_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:20f4edc0c5cec375d29a0d1556f57d107da7300bf9fa0bbb79a03241f8103d0e_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:a3eb86fccb73f1177cb8ecc0a2f0c34977a51d2e1dc6f206f7d9abcda51a1950_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:b2e406bf1cdc672d655c6805851b6f511a293f3d44c844663a3bab720c3ceff1_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:609b6f5a0f9f1d86d123414bbf80b79afa50d575c8e9d57845db41b798a32369_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:759c3b2c67e24f134f48628adb4c81bb82a060f57821ece082ba043831f6e730_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:8a14ece050720263b1e66751121324660edae661a27e5401c94082ca5fd2a6aa_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:d96ae13c66493e6e82532abb5aa0ca4e97409539ac3d0f0bb8ad25e9b8b84141_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:76e7acc3f5083d73cbcfdaf4d59790070ef1b77a202242d661540bbefcc92542_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:a8583d0cb70c604bcdf595eac14ce3f25ca4ffd98d0ebb7c38ae9601b3906fee_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:c97f22fa4f3502f16a68d488692ebf7cc048f49b5c56820670f29d5fdaa7d960_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:db050305b80c665ecbd3c205b0acd660487874bfba688bd715e26fb151fd2189_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:47b70eda9d66d5ecf0b503b65401907cd6563b9dc1a72ece63ba7ecdcd08487a_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:6ea72894ba4d2ec772ab6565019f4600234957af802797c650c32516d56ea121_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:7d701a3e0495b98428f1cb072dd1fd655963fa4b4537198d26cd62e3c38fff63_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:dc78fbb014fa97d6ee2b2b32475dc39c7277f132558c7f8b5299b6a85018043a_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:52cb87eb762d0aeb6fc26335f7416bd1975c64ebc55d37914553178627e4325c_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:76e2cca6983c688231e90f11868900ae32fb495032ffdf1a27eaceb34e24d51c_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:bbfc3a0e887427d11018ac789ff75b6d94167f52fbc756749e3d54391d4355bb_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:bc9f9494efef5a03e42db6a0da3d79717420b932d176e66f33885beb47ac1f8b_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:6010f1e00ada07c0100468bde8ab20c176610f9d8e7498fc26d46960d63c9984_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:9530059a49869e8f1909a7ab06036c7fd36018a14ae2e6f22c5c0c1868eaaf49_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:b1eb4a408936b8cd0863c04fb7fe3a72e875c06d9f5c33dca4c82dd4a05a027f_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:ea9dda951ced7f3641ba5afd651191a75321cb0db5e251f66a510bc6d6f0f090_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:1a9bf49ede874a64c5acbe426e62324b564458e5575db9dd95230a15933e9adc_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:a464a9d46467012d73772656bd5eb81713bcc2d27b461e1083ba5c00548156a8_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:b3cb1d388c9d992b4721a1087e142255583868d0c855f5603d37b67d2c0ed64c_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:d66e556ff0b55bf9a54b45dc26e5175a662be785440db589efe01efa9da30d0e_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:2b20ddec4825b4224839823ce56183cd163491142b9d613f51f5e15859c0bf2f_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:5cf7bb103490cb1b5423c7d02d5b412f9059dca5455770fb0ecae8e1331493d7_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:c9456c7efa795d600500ab1c05e30ac7ce8f83fd571c5d8cfc0d382fcf575d9f_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:d1773b6567bd5ebd6b33e5ff24bafdd17e1d1f4dceb2a93fd4355bad0995b7a9_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:4c30c0f1e5ba711350357dbfb9f5048129a90be5c28011f85116a2fb365c6f4c_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:88c09914c96a5eeea856d8ec05f7c4d7afff9537990a3508073a98de2977e983_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:a2bbd28144d23264473715038172a92b199f6fb0a1b1f3f1cad2c56a3454fe00_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:b1619f86a599f1c386e8b487a1855b6f99a3538a619b55479debce224f541544_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:09ddc268aff8a2e20a6678fe200843c4fc98e9e1d305074c5bbef73760ec15a9_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:3d1a892c3842daea43ff64fa6bfb2276504003de0c8822412bb403e90c783d1b_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:5606d9e6154e3eb20a6c7b94346881ddedb155f54473f0713d67fe4fa0586ac3_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:9e783056352c39529e7315855af6d05cde5b39c009d2e67b9d88fb0210d30ed0_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:140b3b9a9526130a50040e355eb02609e0c38bf9ec0a8d5bcefb31862e2024f7_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:64efc33fe97ef9bcae490ff0ca61717dd48e6b0b0aab417e8ff252250baed576_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:994412dd0b9619d215a17d5ac684b11864f12030a399437247dbfa9f26061e31_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:f6a4ce6ceab1271e0afab9e60f4ef27745c584341ba944fd10e0b4209c8e4650_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:13ef7c6b65ffe6a1b434091830aa08fe539d9befd8e55f3177e486e59fdfc9b5_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:67bbdc696225283b4baa550a402fb03d9999ccd471a62622df1bbf0917ac8f52_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:8b16aa9760ba4402dfef3eac989432a794af7c1c71f3e1127f6077d54cdf244d_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:dad83ae3c921ff7444f8317fbdc165a43f9177b5d0554b08a960d9752ed1dbf8_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:57538de1fa62ef85ff3bcf844e90d44d79bb35bae50b21b2029d5fdcb909520c_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:b0c240f80580258ce2e46a0799839048a13c75ea5f0c1afdeb197f7fa559c2f3_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:b7e8f2fc682eb7ae91bb81b41e2b3e0b11fbabf1399e3013cd1353d3e5503423_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:bb4a9276e2362c620f8db391c796e04e5baedef7e677b58385283ade2cd3210e_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:19521b1b70014a01fa4c7eb5852bd621714246aaa05ea39664357b3ab8f5aae4_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:63056ed45fb5ba627a3cd35d0866d49ebcfa214e1fef12e8005540b656948cbf_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:b590daae5128cf8d3c83fe406a6c293ed496cd75015dd9c04fe8e75677bcf898_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:c6e7572299b082af41e6354ba0c793961b525df3131710da9b7fa1700864e0ee_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:1ca6accd21c73a5e7bf04400e042fd1ee84ff7d18754e50fed5f5dd8f92c1208_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:385376977c96bac3a56120ec859b410f8eb869d61195ceca2ab6b8602ae60f98_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:486133a133b4eb1886bf64ca623ffedf08b1eb102fa9c129614bb9ac711afdad_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:87a79c1d5b549de5dd7295ee7e6051a3d31a3d09b016a4904a2f0f29661468f8_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:205fb68996e4662d1dc53846fe878f3704caaff051e788b9b8c01c653d2d2dd6_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:7c2ec1a251c2bf42c2b90a092e3a1e781b0e6b78894574324f559dc3ce05b918_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:b94388d2168c576294a666ad688c11058a9120a1f82f46b00e17efc7cac8e283_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:e89b050a707bd7ce17b43a72bb9a39a3e587dbadb607b16c52848609b0d6ac13_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:4961180b0cf3005e3b13596a62d00b5417b79db6763ed6499bbdd33ffc5e7d8f_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:8f0a22e65065dd0a0d7603d880ba5204f697cab690d48bec4096ac4dfced34eb_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:c531d7b27a6ab1f33e07badfd713ef3fb2c51be09e2a054654d88e634e74211b_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:c6e080ca0bd427202f59aaa22ebbe6c0e605ea826a39a7ae6d31830847a2abb4_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:657056516c00fda9f925f3a49cb77fbee15bd85744da16eb30fc6d5b50f19cb5_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:8427851fc9e645146de5aa8f1fbc1b43ae774d4373f3523b5236eae17d54976c_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:91eb2632f9174d001ccdd904a6b0ee2aa08e31b784fb7854d6e00ef5537797f2_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:ceacd9e28ebf4e2b8be2915703fcb47739098a1ef0eb47cfd5165ab09ae5f11f_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:10710f43daa6a7596580e2251a4ce78b9f5f129b69ae86b830fac2ced267dc53_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:5028095ad4062ba947075e6c1064c6cae11a3a7495bd5ed93a2dd47fa08abf7f_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:73343845c72dea40bfa36649b13d1d241f0190aa7b4d4e05952b43710ef8de42_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:b683c66057d65b6ca4360a31811944b4083de6b6294cf09a1c841a4498cbfd0e_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:4909fc1686e26c789c42426b51718ef756c595b25ba7bb372f80cbe76cd81e50_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:647960dd990e5d4b7203450392a03d5e395de52b9a09b7488897f76f9ec16ac3_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:98ef84a6f8d90cb09113e6a3431fa00c5910ab5ba9e8263e22f7c2fc39443c20_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:f4ec8416deebe2f69231a2d137e05f0b244216826e1c029ff751d46cea8e0e09_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:34b737d8960e90357006419682b8b28f10d30cec8ae8ddfbdc7805cddb0ae120_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:65595440f3d1b49881d658d7fbfc3e48805a010e8b4808a0c113b25725b6d5df_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:755cea404ea13004e6d142985f6c7607d3d87daec4db4861bd06b6cbbeb62047_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:a67877772626c15a61c0c84009c7a4aed49e352d08d1fb518325a5190975cee6_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:38fc5ff2e94071852aaeafe98394ad26a15384046a3979e731e074c131b0e89c_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:49bc55113a9e69d0555440dab3b73c436fa9c7032f1d22e5cfdb592f5a78bd62_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:75f3f3856b19e3169e534f148048fa0ff34974523723850da22fa982c6771165_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:ba7d02e77d8dd52dd61425b27b400e0b3b2db16a82addb444bf12ec6d30a3364_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:4a78df0a94677a0eefa21b58a9ce4e277f02ae73b62def3c67ff530a352e3f6c_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:656d328dab901a6c91acd23695d857c74e513b03424dac9070b013786b5b15d7_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:9b4d478ea1b8f678154eae25a63fa4c5efaf6c6d2af26200bb5fd5d24288c2ce_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:bdb1cb4d3ed7e091b2241e5e279a8b327d3710396597e215b718a677f96878ed_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:3a178a67d25889f7999f738077ed6a9247a77b9507aa7a05921fcff60b9d2636_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:3f0158b470e1cd9a76d28d7d3840e722548900b045e23bdd110c0eefae987249_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:49d9b1b412dc6adada0336e6fa9088e732b67a77baa77e802d44d36a31b7b675_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:65872b0324e907feaa4e7f2851d29d35306549ce35005259eaf6cb1f560c7a06_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:7aafa8c6604fab9ddd9d7e01ce2e32dac0496f3ffe0468aaefca10aba3a02d7f_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:a50ba0fa8810e141d7e0fa31e6f5387c9335ed8fc83f95c4293be0212f15e658_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:baa6d9bc58f4d70b7207688bd743e940b51a1d677b3ae357e8b81cb739e2790c_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:cdbcc2e47b1e2846b1d847bdf1a2e8972e1bcd5a55756feb15def6c20812f0ef_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:13c46cc94f63978ae9aad5e5a8e28f05602a165eb264f5d3a36af7b320f40030_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:9e9170e5f4303bb0d664e875656971a359f42100ffcad76cf895db0bee84cb19_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:c8939d68dc4dea211e4aadef72d92cc4be2650407581f807241ccda0bb8960fc_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:e24ccd1d29f5d3019c0b64f8ef9bdcb235eb9555e67d625c06339865727fdd92_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:101d95caac7754e2a52d604b5458c1e37f243baa00f63270cbed87eb1b070057_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:17996ed18a7c5946d45802bf31f8a5075c6080f8e5340334d21764f6bd946454_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:42cd33038c6dc4f5f60ad6d62a29a3446fe69c632238614005cc2d9ed1d65902_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:a16813a750131e825a9cae498bbcfd6b377f6762e08e8743ef06f4eb06a7297c_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:65d3d04cada5750601d2372642d14e64320cee7b8a5286e11fdd477ba8b5e7ba_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:7e83ecbd9f40272e5359826761a2b6d9f48a299d99ffa245e4343d2a5526b289_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:92c0a5ad9e0f0825cf06b1ffdd753180b60b553a55675b327b34146081c41ae6_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b388e4e313a3e2b766a443b14a7c932ae6aa0b2aa1e39c450c34ec3cb540074d_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:2389723dc391b58f2b78a873d7b3ce061835dd0851806c0ac1807f1a5fdb1ccf_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:2d4c85b612c10c09608c6a54cd9e55487439a30635938e018ea66f3562d5995b_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:30b9c14e2c64f979c5775c331b264223075f8aa29199c9bdbb2365480553a061_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:853563cd50f8782fbd516fa1d4154593e421757677cd1fdbbf32cd8cb6231a99_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:03d39fb027b3d3db514d944e1911266e99b0fb5671cefa7287dc898aa0116ed9_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:15409fb17ca0e206d33b2819c8459e2ef609cb34ec0f4debd786bb2c8c4162f6_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:d44f4a854122aad1cf7bd4e5611ee36557a86331cb687236401237858f1150f6_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:fa649457709bd0d8098b928dc8ff1813169c7abc82af9c4f81e270ef77e83c63_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:0fb43c8bc323fb5066209cbd990c260096c331a5eca5a695c9715765cb5fcaef_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:64aefc4a5241b636add963a7ae9c80e89fb6e51c2c70b1340c16c2a396223460_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:95d4dcb17bfe3ba981ce84a27e79e8bad1f0574b7d287316ac885c3a03b47d0b_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:d37298739aa029391da1e24a052d68fb4d42a654493f3f9c0cf5f84894b2a359_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:0adb1f93691c91c098e88d10a5c85bb9c40a86c97ce9da03db4ef046aa729046_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:20f4edc0c5cec375d29a0d1556f57d107da7300bf9fa0bbb79a03241f8103d0e_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:a3eb86fccb73f1177cb8ecc0a2f0c34977a51d2e1dc6f206f7d9abcda51a1950_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:b2e406bf1cdc672d655c6805851b6f511a293f3d44c844663a3bab720c3ceff1_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:609b6f5a0f9f1d86d123414bbf80b79afa50d575c8e9d57845db41b798a32369_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:759c3b2c67e24f134f48628adb4c81bb82a060f57821ece082ba043831f6e730_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:8a14ece050720263b1e66751121324660edae661a27e5401c94082ca5fd2a6aa_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:d96ae13c66493e6e82532abb5aa0ca4e97409539ac3d0f0bb8ad25e9b8b84141_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:76e7acc3f5083d73cbcfdaf4d59790070ef1b77a202242d661540bbefcc92542_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:a8583d0cb70c604bcdf595eac14ce3f25ca4ffd98d0ebb7c38ae9601b3906fee_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:c97f22fa4f3502f16a68d488692ebf7cc048f49b5c56820670f29d5fdaa7d960_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:db050305b80c665ecbd3c205b0acd660487874bfba688bd715e26fb151fd2189_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:47b70eda9d66d5ecf0b503b65401907cd6563b9dc1a72ece63ba7ecdcd08487a_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:6ea72894ba4d2ec772ab6565019f4600234957af802797c650c32516d56ea121_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:7d701a3e0495b98428f1cb072dd1fd655963fa4b4537198d26cd62e3c38fff63_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:dc78fbb014fa97d6ee2b2b32475dc39c7277f132558c7f8b5299b6a85018043a_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:52cb87eb762d0aeb6fc26335f7416bd1975c64ebc55d37914553178627e4325c_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:76e2cca6983c688231e90f11868900ae32fb495032ffdf1a27eaceb34e24d51c_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:bbfc3a0e887427d11018ac789ff75b6d94167f52fbc756749e3d54391d4355bb_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:bc9f9494efef5a03e42db6a0da3d79717420b932d176e66f33885beb47ac1f8b_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/url: Memory exhaustion in query parameter parsing in net/url"
},
{
"cve": "CVE-2025-61729",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2025-12-02T20:01:45.330964+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:6010f1e00ada07c0100468bde8ab20c176610f9d8e7498fc26d46960d63c9984_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:9530059a49869e8f1909a7ab06036c7fd36018a14ae2e6f22c5c0c1868eaaf49_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:b1eb4a408936b8cd0863c04fb7fe3a72e875c06d9f5c33dca4c82dd4a05a027f_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:ea9dda951ced7f3641ba5afd651191a75321cb0db5e251f66a510bc6d6f0f090_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:1a9bf49ede874a64c5acbe426e62324b564458e5575db9dd95230a15933e9adc_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:a464a9d46467012d73772656bd5eb81713bcc2d27b461e1083ba5c00548156a8_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:b3cb1d388c9d992b4721a1087e142255583868d0c855f5603d37b67d2c0ed64c_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:d66e556ff0b55bf9a54b45dc26e5175a662be785440db589efe01efa9da30d0e_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:2b20ddec4825b4224839823ce56183cd163491142b9d613f51f5e15859c0bf2f_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:5cf7bb103490cb1b5423c7d02d5b412f9059dca5455770fb0ecae8e1331493d7_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:c9456c7efa795d600500ab1c05e30ac7ce8f83fd571c5d8cfc0d382fcf575d9f_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:d1773b6567bd5ebd6b33e5ff24bafdd17e1d1f4dceb2a93fd4355bad0995b7a9_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:4c30c0f1e5ba711350357dbfb9f5048129a90be5c28011f85116a2fb365c6f4c_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:88c09914c96a5eeea856d8ec05f7c4d7afff9537990a3508073a98de2977e983_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:a2bbd28144d23264473715038172a92b199f6fb0a1b1f3f1cad2c56a3454fe00_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:b1619f86a599f1c386e8b487a1855b6f99a3538a619b55479debce224f541544_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:09ddc268aff8a2e20a6678fe200843c4fc98e9e1d305074c5bbef73760ec15a9_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:3d1a892c3842daea43ff64fa6bfb2276504003de0c8822412bb403e90c783d1b_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:5606d9e6154e3eb20a6c7b94346881ddedb155f54473f0713d67fe4fa0586ac3_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:9e783056352c39529e7315855af6d05cde5b39c009d2e67b9d88fb0210d30ed0_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:140b3b9a9526130a50040e355eb02609e0c38bf9ec0a8d5bcefb31862e2024f7_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:64efc33fe97ef9bcae490ff0ca61717dd48e6b0b0aab417e8ff252250baed576_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:994412dd0b9619d215a17d5ac684b11864f12030a399437247dbfa9f26061e31_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:f6a4ce6ceab1271e0afab9e60f4ef27745c584341ba944fd10e0b4209c8e4650_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:13ef7c6b65ffe6a1b434091830aa08fe539d9befd8e55f3177e486e59fdfc9b5_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:67bbdc696225283b4baa550a402fb03d9999ccd471a62622df1bbf0917ac8f52_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:8b16aa9760ba4402dfef3eac989432a794af7c1c71f3e1127f6077d54cdf244d_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:dad83ae3c921ff7444f8317fbdc165a43f9177b5d0554b08a960d9752ed1dbf8_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:57538de1fa62ef85ff3bcf844e90d44d79bb35bae50b21b2029d5fdcb909520c_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:b0c240f80580258ce2e46a0799839048a13c75ea5f0c1afdeb197f7fa559c2f3_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:b7e8f2fc682eb7ae91bb81b41e2b3e0b11fbabf1399e3013cd1353d3e5503423_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:bb4a9276e2362c620f8db391c796e04e5baedef7e677b58385283ade2cd3210e_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:19521b1b70014a01fa4c7eb5852bd621714246aaa05ea39664357b3ab8f5aae4_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:63056ed45fb5ba627a3cd35d0866d49ebcfa214e1fef12e8005540b656948cbf_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:b590daae5128cf8d3c83fe406a6c293ed496cd75015dd9c04fe8e75677bcf898_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:c6e7572299b082af41e6354ba0c793961b525df3131710da9b7fa1700864e0ee_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:1ca6accd21c73a5e7bf04400e042fd1ee84ff7d18754e50fed5f5dd8f92c1208_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:385376977c96bac3a56120ec859b410f8eb869d61195ceca2ab6b8602ae60f98_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:486133a133b4eb1886bf64ca623ffedf08b1eb102fa9c129614bb9ac711afdad_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:87a79c1d5b549de5dd7295ee7e6051a3d31a3d09b016a4904a2f0f29661468f8_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:205fb68996e4662d1dc53846fe878f3704caaff051e788b9b8c01c653d2d2dd6_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:7c2ec1a251c2bf42c2b90a092e3a1e781b0e6b78894574324f559dc3ce05b918_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:b94388d2168c576294a666ad688c11058a9120a1f82f46b00e17efc7cac8e283_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:e89b050a707bd7ce17b43a72bb9a39a3e587dbadb607b16c52848609b0d6ac13_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:4961180b0cf3005e3b13596a62d00b5417b79db6763ed6499bbdd33ffc5e7d8f_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:8f0a22e65065dd0a0d7603d880ba5204f697cab690d48bec4096ac4dfced34eb_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:c531d7b27a6ab1f33e07badfd713ef3fb2c51be09e2a054654d88e634e74211b_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:c6e080ca0bd427202f59aaa22ebbe6c0e605ea826a39a7ae6d31830847a2abb4_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:657056516c00fda9f925f3a49cb77fbee15bd85744da16eb30fc6d5b50f19cb5_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:8427851fc9e645146de5aa8f1fbc1b43ae774d4373f3523b5236eae17d54976c_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:91eb2632f9174d001ccdd904a6b0ee2aa08e31b784fb7854d6e00ef5537797f2_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:ceacd9e28ebf4e2b8be2915703fcb47739098a1ef0eb47cfd5165ab09ae5f11f_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:10710f43daa6a7596580e2251a4ce78b9f5f129b69ae86b830fac2ced267dc53_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:5028095ad4062ba947075e6c1064c6cae11a3a7495bd5ed93a2dd47fa08abf7f_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:73343845c72dea40bfa36649b13d1d241f0190aa7b4d4e05952b43710ef8de42_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:b683c66057d65b6ca4360a31811944b4083de6b6294cf09a1c841a4498cbfd0e_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:34b737d8960e90357006419682b8b28f10d30cec8ae8ddfbdc7805cddb0ae120_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:65595440f3d1b49881d658d7fbfc3e48805a010e8b4808a0c113b25725b6d5df_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:755cea404ea13004e6d142985f6c7607d3d87daec4db4861bd06b6cbbeb62047_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:a67877772626c15a61c0c84009c7a4aed49e352d08d1fb518325a5190975cee6_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:38fc5ff2e94071852aaeafe98394ad26a15384046a3979e731e074c131b0e89c_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:49bc55113a9e69d0555440dab3b73c436fa9c7032f1d22e5cfdb592f5a78bd62_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:75f3f3856b19e3169e534f148048fa0ff34974523723850da22fa982c6771165_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:ba7d02e77d8dd52dd61425b27b400e0b3b2db16a82addb444bf12ec6d30a3364_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:4a78df0a94677a0eefa21b58a9ce4e277f02ae73b62def3c67ff530a352e3f6c_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:656d328dab901a6c91acd23695d857c74e513b03424dac9070b013786b5b15d7_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:9b4d478ea1b8f678154eae25a63fa4c5efaf6c6d2af26200bb5fd5d24288c2ce_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:bdb1cb4d3ed7e091b2241e5e279a8b327d3710396597e215b718a677f96878ed_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:3a178a67d25889f7999f738077ed6a9247a77b9507aa7a05921fcff60b9d2636_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:3f0158b470e1cd9a76d28d7d3840e722548900b045e23bdd110c0eefae987249_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:49d9b1b412dc6adada0336e6fa9088e732b67a77baa77e802d44d36a31b7b675_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:65872b0324e907feaa4e7f2851d29d35306549ce35005259eaf6cb1f560c7a06_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:7aafa8c6604fab9ddd9d7e01ce2e32dac0496f3ffe0468aaefca10aba3a02d7f_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:a50ba0fa8810e141d7e0fa31e6f5387c9335ed8fc83f95c4293be0212f15e658_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:baa6d9bc58f4d70b7207688bd743e940b51a1d677b3ae357e8b81cb739e2790c_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:cdbcc2e47b1e2846b1d847bdf1a2e8972e1bcd5a55756feb15def6c20812f0ef_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:13c46cc94f63978ae9aad5e5a8e28f05602a165eb264f5d3a36af7b320f40030_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:9e9170e5f4303bb0d664e875656971a359f42100ffcad76cf895db0bee84cb19_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:c8939d68dc4dea211e4aadef72d92cc4be2650407581f807241ccda0bb8960fc_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:e24ccd1d29f5d3019c0b64f8ef9bdcb235eb9555e67d625c06339865727fdd92_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:101d95caac7754e2a52d604b5458c1e37f243baa00f63270cbed87eb1b070057_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:17996ed18a7c5946d45802bf31f8a5075c6080f8e5340334d21764f6bd946454_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:42cd33038c6dc4f5f60ad6d62a29a3446fe69c632238614005cc2d9ed1d65902_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:a16813a750131e825a9cae498bbcfd6b377f6762e08e8743ef06f4eb06a7297c_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:65d3d04cada5750601d2372642d14e64320cee7b8a5286e11fdd477ba8b5e7ba_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:7e83ecbd9f40272e5359826761a2b6d9f48a299d99ffa245e4343d2a5526b289_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:92c0a5ad9e0f0825cf06b1ffdd753180b60b553a55675b327b34146081c41ae6_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b388e4e313a3e2b766a443b14a7c932ae6aa0b2aa1e39c450c34ec3cb540074d_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:2389723dc391b58f2b78a873d7b3ce061835dd0851806c0ac1807f1a5fdb1ccf_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:2d4c85b612c10c09608c6a54cd9e55487439a30635938e018ea66f3562d5995b_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:30b9c14e2c64f979c5775c331b264223075f8aa29199c9bdbb2365480553a061_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:853563cd50f8782fbd516fa1d4154593e421757677cd1fdbbf32cd8cb6231a99_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:03d39fb027b3d3db514d944e1911266e99b0fb5671cefa7287dc898aa0116ed9_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:15409fb17ca0e206d33b2819c8459e2ef609cb34ec0f4debd786bb2c8c4162f6_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:d44f4a854122aad1cf7bd4e5611ee36557a86331cb687236401237858f1150f6_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:fa649457709bd0d8098b928dc8ff1813169c7abc82af9c4f81e270ef77e83c63_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:0fb43c8bc323fb5066209cbd990c260096c331a5eca5a695c9715765cb5fcaef_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:64aefc4a5241b636add963a7ae9c80e89fb6e51c2c70b1340c16c2a396223460_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:95d4dcb17bfe3ba981ce84a27e79e8bad1f0574b7d287316ac885c3a03b47d0b_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:d37298739aa029391da1e24a052d68fb4d42a654493f3f9c0cf5f84894b2a359_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:0adb1f93691c91c098e88d10a5c85bb9c40a86c97ce9da03db4ef046aa729046_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:20f4edc0c5cec375d29a0d1556f57d107da7300bf9fa0bbb79a03241f8103d0e_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:a3eb86fccb73f1177cb8ecc0a2f0c34977a51d2e1dc6f206f7d9abcda51a1950_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:b2e406bf1cdc672d655c6805851b6f511a293f3d44c844663a3bab720c3ceff1_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:609b6f5a0f9f1d86d123414bbf80b79afa50d575c8e9d57845db41b798a32369_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:759c3b2c67e24f134f48628adb4c81bb82a060f57821ece082ba043831f6e730_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:8a14ece050720263b1e66751121324660edae661a27e5401c94082ca5fd2a6aa_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:d96ae13c66493e6e82532abb5aa0ca4e97409539ac3d0f0bb8ad25e9b8b84141_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:76e7acc3f5083d73cbcfdaf4d59790070ef1b77a202242d661540bbefcc92542_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:a8583d0cb70c604bcdf595eac14ce3f25ca4ffd98d0ebb7c38ae9601b3906fee_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:c97f22fa4f3502f16a68d488692ebf7cc048f49b5c56820670f29d5fdaa7d960_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:db050305b80c665ecbd3c205b0acd660487874bfba688bd715e26fb151fd2189_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:47b70eda9d66d5ecf0b503b65401907cd6563b9dc1a72ece63ba7ecdcd08487a_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:6ea72894ba4d2ec772ab6565019f4600234957af802797c650c32516d56ea121_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:7d701a3e0495b98428f1cb072dd1fd655963fa4b4537198d26cd62e3c38fff63_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:dc78fbb014fa97d6ee2b2b32475dc39c7277f132558c7f8b5299b6a85018043a_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:52cb87eb762d0aeb6fc26335f7416bd1975c64ebc55d37914553178627e4325c_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:76e2cca6983c688231e90f11868900ae32fb495032ffdf1a27eaceb34e24d51c_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:bbfc3a0e887427d11018ac789ff75b6d94167f52fbc756749e3d54391d4355bb_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:bc9f9494efef5a03e42db6a0da3d79717420b932d176e66f33885beb47ac1f8b_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418462"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:4909fc1686e26c789c42426b51718ef756c595b25ba7bb372f80cbe76cd81e50_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:647960dd990e5d4b7203450392a03d5e395de52b9a09b7488897f76f9ec16ac3_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:98ef84a6f8d90cb09113e6a3431fa00c5910ab5ba9e8263e22f7c2fc39443c20_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:f4ec8416deebe2f69231a2d137e05f0b244216826e1c029ff751d46cea8e0e09_ppc64le"
],
"known_not_affected": [
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:6010f1e00ada07c0100468bde8ab20c176610f9d8e7498fc26d46960d63c9984_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:9530059a49869e8f1909a7ab06036c7fd36018a14ae2e6f22c5c0c1868eaaf49_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:b1eb4a408936b8cd0863c04fb7fe3a72e875c06d9f5c33dca4c82dd4a05a027f_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:ea9dda951ced7f3641ba5afd651191a75321cb0db5e251f66a510bc6d6f0f090_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:1a9bf49ede874a64c5acbe426e62324b564458e5575db9dd95230a15933e9adc_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:a464a9d46467012d73772656bd5eb81713bcc2d27b461e1083ba5c00548156a8_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:b3cb1d388c9d992b4721a1087e142255583868d0c855f5603d37b67d2c0ed64c_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:d66e556ff0b55bf9a54b45dc26e5175a662be785440db589efe01efa9da30d0e_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:2b20ddec4825b4224839823ce56183cd163491142b9d613f51f5e15859c0bf2f_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:5cf7bb103490cb1b5423c7d02d5b412f9059dca5455770fb0ecae8e1331493d7_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:c9456c7efa795d600500ab1c05e30ac7ce8f83fd571c5d8cfc0d382fcf575d9f_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:d1773b6567bd5ebd6b33e5ff24bafdd17e1d1f4dceb2a93fd4355bad0995b7a9_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:4c30c0f1e5ba711350357dbfb9f5048129a90be5c28011f85116a2fb365c6f4c_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:88c09914c96a5eeea856d8ec05f7c4d7afff9537990a3508073a98de2977e983_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:a2bbd28144d23264473715038172a92b199f6fb0a1b1f3f1cad2c56a3454fe00_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:b1619f86a599f1c386e8b487a1855b6f99a3538a619b55479debce224f541544_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:09ddc268aff8a2e20a6678fe200843c4fc98e9e1d305074c5bbef73760ec15a9_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:3d1a892c3842daea43ff64fa6bfb2276504003de0c8822412bb403e90c783d1b_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:5606d9e6154e3eb20a6c7b94346881ddedb155f54473f0713d67fe4fa0586ac3_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:9e783056352c39529e7315855af6d05cde5b39c009d2e67b9d88fb0210d30ed0_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:140b3b9a9526130a50040e355eb02609e0c38bf9ec0a8d5bcefb31862e2024f7_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:64efc33fe97ef9bcae490ff0ca61717dd48e6b0b0aab417e8ff252250baed576_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:994412dd0b9619d215a17d5ac684b11864f12030a399437247dbfa9f26061e31_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:f6a4ce6ceab1271e0afab9e60f4ef27745c584341ba944fd10e0b4209c8e4650_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:13ef7c6b65ffe6a1b434091830aa08fe539d9befd8e55f3177e486e59fdfc9b5_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:67bbdc696225283b4baa550a402fb03d9999ccd471a62622df1bbf0917ac8f52_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:8b16aa9760ba4402dfef3eac989432a794af7c1c71f3e1127f6077d54cdf244d_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:dad83ae3c921ff7444f8317fbdc165a43f9177b5d0554b08a960d9752ed1dbf8_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:57538de1fa62ef85ff3bcf844e90d44d79bb35bae50b21b2029d5fdcb909520c_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:b0c240f80580258ce2e46a0799839048a13c75ea5f0c1afdeb197f7fa559c2f3_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:b7e8f2fc682eb7ae91bb81b41e2b3e0b11fbabf1399e3013cd1353d3e5503423_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:bb4a9276e2362c620f8db391c796e04e5baedef7e677b58385283ade2cd3210e_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:19521b1b70014a01fa4c7eb5852bd621714246aaa05ea39664357b3ab8f5aae4_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:63056ed45fb5ba627a3cd35d0866d49ebcfa214e1fef12e8005540b656948cbf_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:b590daae5128cf8d3c83fe406a6c293ed496cd75015dd9c04fe8e75677bcf898_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:c6e7572299b082af41e6354ba0c793961b525df3131710da9b7fa1700864e0ee_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:1ca6accd21c73a5e7bf04400e042fd1ee84ff7d18754e50fed5f5dd8f92c1208_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:385376977c96bac3a56120ec859b410f8eb869d61195ceca2ab6b8602ae60f98_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:486133a133b4eb1886bf64ca623ffedf08b1eb102fa9c129614bb9ac711afdad_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:87a79c1d5b549de5dd7295ee7e6051a3d31a3d09b016a4904a2f0f29661468f8_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:205fb68996e4662d1dc53846fe878f3704caaff051e788b9b8c01c653d2d2dd6_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:7c2ec1a251c2bf42c2b90a092e3a1e781b0e6b78894574324f559dc3ce05b918_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:b94388d2168c576294a666ad688c11058a9120a1f82f46b00e17efc7cac8e283_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:e89b050a707bd7ce17b43a72bb9a39a3e587dbadb607b16c52848609b0d6ac13_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:4961180b0cf3005e3b13596a62d00b5417b79db6763ed6499bbdd33ffc5e7d8f_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:8f0a22e65065dd0a0d7603d880ba5204f697cab690d48bec4096ac4dfced34eb_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:c531d7b27a6ab1f33e07badfd713ef3fb2c51be09e2a054654d88e634e74211b_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:c6e080ca0bd427202f59aaa22ebbe6c0e605ea826a39a7ae6d31830847a2abb4_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:657056516c00fda9f925f3a49cb77fbee15bd85744da16eb30fc6d5b50f19cb5_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:8427851fc9e645146de5aa8f1fbc1b43ae774d4373f3523b5236eae17d54976c_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:91eb2632f9174d001ccdd904a6b0ee2aa08e31b784fb7854d6e00ef5537797f2_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:ceacd9e28ebf4e2b8be2915703fcb47739098a1ef0eb47cfd5165ab09ae5f11f_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:10710f43daa6a7596580e2251a4ce78b9f5f129b69ae86b830fac2ced267dc53_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:5028095ad4062ba947075e6c1064c6cae11a3a7495bd5ed93a2dd47fa08abf7f_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:73343845c72dea40bfa36649b13d1d241f0190aa7b4d4e05952b43710ef8de42_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:b683c66057d65b6ca4360a31811944b4083de6b6294cf09a1c841a4498cbfd0e_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:34b737d8960e90357006419682b8b28f10d30cec8ae8ddfbdc7805cddb0ae120_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:65595440f3d1b49881d658d7fbfc3e48805a010e8b4808a0c113b25725b6d5df_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:755cea404ea13004e6d142985f6c7607d3d87daec4db4861bd06b6cbbeb62047_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:a67877772626c15a61c0c84009c7a4aed49e352d08d1fb518325a5190975cee6_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:38fc5ff2e94071852aaeafe98394ad26a15384046a3979e731e074c131b0e89c_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:49bc55113a9e69d0555440dab3b73c436fa9c7032f1d22e5cfdb592f5a78bd62_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:75f3f3856b19e3169e534f148048fa0ff34974523723850da22fa982c6771165_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:ba7d02e77d8dd52dd61425b27b400e0b3b2db16a82addb444bf12ec6d30a3364_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:4a78df0a94677a0eefa21b58a9ce4e277f02ae73b62def3c67ff530a352e3f6c_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:656d328dab901a6c91acd23695d857c74e513b03424dac9070b013786b5b15d7_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:9b4d478ea1b8f678154eae25a63fa4c5efaf6c6d2af26200bb5fd5d24288c2ce_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:bdb1cb4d3ed7e091b2241e5e279a8b327d3710396597e215b718a677f96878ed_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:3a178a67d25889f7999f738077ed6a9247a77b9507aa7a05921fcff60b9d2636_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:3f0158b470e1cd9a76d28d7d3840e722548900b045e23bdd110c0eefae987249_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:49d9b1b412dc6adada0336e6fa9088e732b67a77baa77e802d44d36a31b7b675_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:65872b0324e907feaa4e7f2851d29d35306549ce35005259eaf6cb1f560c7a06_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:7aafa8c6604fab9ddd9d7e01ce2e32dac0496f3ffe0468aaefca10aba3a02d7f_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:a50ba0fa8810e141d7e0fa31e6f5387c9335ed8fc83f95c4293be0212f15e658_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:baa6d9bc58f4d70b7207688bd743e940b51a1d677b3ae357e8b81cb739e2790c_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:cdbcc2e47b1e2846b1d847bdf1a2e8972e1bcd5a55756feb15def6c20812f0ef_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:13c46cc94f63978ae9aad5e5a8e28f05602a165eb264f5d3a36af7b320f40030_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:9e9170e5f4303bb0d664e875656971a359f42100ffcad76cf895db0bee84cb19_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:c8939d68dc4dea211e4aadef72d92cc4be2650407581f807241ccda0bb8960fc_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:e24ccd1d29f5d3019c0b64f8ef9bdcb235eb9555e67d625c06339865727fdd92_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:101d95caac7754e2a52d604b5458c1e37f243baa00f63270cbed87eb1b070057_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:17996ed18a7c5946d45802bf31f8a5075c6080f8e5340334d21764f6bd946454_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:42cd33038c6dc4f5f60ad6d62a29a3446fe69c632238614005cc2d9ed1d65902_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:a16813a750131e825a9cae498bbcfd6b377f6762e08e8743ef06f4eb06a7297c_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:65d3d04cada5750601d2372642d14e64320cee7b8a5286e11fdd477ba8b5e7ba_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:7e83ecbd9f40272e5359826761a2b6d9f48a299d99ffa245e4343d2a5526b289_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:92c0a5ad9e0f0825cf06b1ffdd753180b60b553a55675b327b34146081c41ae6_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b388e4e313a3e2b766a443b14a7c932ae6aa0b2aa1e39c450c34ec3cb540074d_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:2389723dc391b58f2b78a873d7b3ce061835dd0851806c0ac1807f1a5fdb1ccf_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:2d4c85b612c10c09608c6a54cd9e55487439a30635938e018ea66f3562d5995b_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:30b9c14e2c64f979c5775c331b264223075f8aa29199c9bdbb2365480553a061_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:853563cd50f8782fbd516fa1d4154593e421757677cd1fdbbf32cd8cb6231a99_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:03d39fb027b3d3db514d944e1911266e99b0fb5671cefa7287dc898aa0116ed9_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:15409fb17ca0e206d33b2819c8459e2ef609cb34ec0f4debd786bb2c8c4162f6_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:d44f4a854122aad1cf7bd4e5611ee36557a86331cb687236401237858f1150f6_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:fa649457709bd0d8098b928dc8ff1813169c7abc82af9c4f81e270ef77e83c63_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:0fb43c8bc323fb5066209cbd990c260096c331a5eca5a695c9715765cb5fcaef_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:64aefc4a5241b636add963a7ae9c80e89fb6e51c2c70b1340c16c2a396223460_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:95d4dcb17bfe3ba981ce84a27e79e8bad1f0574b7d287316ac885c3a03b47d0b_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:d37298739aa029391da1e24a052d68fb4d42a654493f3f9c0cf5f84894b2a359_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:0adb1f93691c91c098e88d10a5c85bb9c40a86c97ce9da03db4ef046aa729046_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:20f4edc0c5cec375d29a0d1556f57d107da7300bf9fa0bbb79a03241f8103d0e_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:a3eb86fccb73f1177cb8ecc0a2f0c34977a51d2e1dc6f206f7d9abcda51a1950_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:b2e406bf1cdc672d655c6805851b6f511a293f3d44c844663a3bab720c3ceff1_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:609b6f5a0f9f1d86d123414bbf80b79afa50d575c8e9d57845db41b798a32369_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:759c3b2c67e24f134f48628adb4c81bb82a060f57821ece082ba043831f6e730_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:8a14ece050720263b1e66751121324660edae661a27e5401c94082ca5fd2a6aa_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:d96ae13c66493e6e82532abb5aa0ca4e97409539ac3d0f0bb8ad25e9b8b84141_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:76e7acc3f5083d73cbcfdaf4d59790070ef1b77a202242d661540bbefcc92542_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:a8583d0cb70c604bcdf595eac14ce3f25ca4ffd98d0ebb7c38ae9601b3906fee_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:c97f22fa4f3502f16a68d488692ebf7cc048f49b5c56820670f29d5fdaa7d960_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:db050305b80c665ecbd3c205b0acd660487874bfba688bd715e26fb151fd2189_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:47b70eda9d66d5ecf0b503b65401907cd6563b9dc1a72ece63ba7ecdcd08487a_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:6ea72894ba4d2ec772ab6565019f4600234957af802797c650c32516d56ea121_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:7d701a3e0495b98428f1cb072dd1fd655963fa4b4537198d26cd62e3c38fff63_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:dc78fbb014fa97d6ee2b2b32475dc39c7277f132558c7f8b5299b6a85018043a_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:52cb87eb762d0aeb6fc26335f7416bd1975c64ebc55d37914553178627e4325c_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:76e2cca6983c688231e90f11868900ae32fb495032ffdf1a27eaceb34e24d51c_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:bbfc3a0e887427d11018ac789ff75b6d94167f52fbc756749e3d54391d4355bb_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:bc9f9494efef5a03e42db6a0da3d79717420b932d176e66f33885beb47ac1f8b_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "RHBZ#2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://go.dev/cl/725920",
"url": "https://go.dev/cl/725920"
},
{
"category": "external",
"summary": "https://go.dev/issue/76445",
"url": "https://go.dev/issue/76445"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4",
"url": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4155",
"url": "https://pkg.go.dev/vuln/GO-2025-4155"
}
],
"release_date": "2025-12-02T18:54:10.166000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-04T16:50:36+00:00",
"details": "For multicluster engine for Kubernetes, see the following documentation for\ndetails on how to install the images:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.15/html/clusters/cluster_mce_overview#mce-install-intro",
"product_ids": [
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:4909fc1686e26c789c42426b51718ef756c595b25ba7bb372f80cbe76cd81e50_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:647960dd990e5d4b7203450392a03d5e395de52b9a09b7488897f76f9ec16ac3_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:98ef84a6f8d90cb09113e6a3431fa00c5910ab5ba9e8263e22f7c2fc39443c20_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:f4ec8416deebe2f69231a2d137e05f0b244216826e1c029ff751d46cea8e0e09_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:13542"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:6010f1e00ada07c0100468bde8ab20c176610f9d8e7498fc26d46960d63c9984_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:9530059a49869e8f1909a7ab06036c7fd36018a14ae2e6f22c5c0c1868eaaf49_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:b1eb4a408936b8cd0863c04fb7fe3a72e875c06d9f5c33dca4c82dd4a05a027f_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:ea9dda951ced7f3641ba5afd651191a75321cb0db5e251f66a510bc6d6f0f090_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:1a9bf49ede874a64c5acbe426e62324b564458e5575db9dd95230a15933e9adc_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:a464a9d46467012d73772656bd5eb81713bcc2d27b461e1083ba5c00548156a8_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:b3cb1d388c9d992b4721a1087e142255583868d0c855f5603d37b67d2c0ed64c_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:d66e556ff0b55bf9a54b45dc26e5175a662be785440db589efe01efa9da30d0e_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:2b20ddec4825b4224839823ce56183cd163491142b9d613f51f5e15859c0bf2f_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:5cf7bb103490cb1b5423c7d02d5b412f9059dca5455770fb0ecae8e1331493d7_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:c9456c7efa795d600500ab1c05e30ac7ce8f83fd571c5d8cfc0d382fcf575d9f_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:d1773b6567bd5ebd6b33e5ff24bafdd17e1d1f4dceb2a93fd4355bad0995b7a9_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:4c30c0f1e5ba711350357dbfb9f5048129a90be5c28011f85116a2fb365c6f4c_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:88c09914c96a5eeea856d8ec05f7c4d7afff9537990a3508073a98de2977e983_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:a2bbd28144d23264473715038172a92b199f6fb0a1b1f3f1cad2c56a3454fe00_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:b1619f86a599f1c386e8b487a1855b6f99a3538a619b55479debce224f541544_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:09ddc268aff8a2e20a6678fe200843c4fc98e9e1d305074c5bbef73760ec15a9_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:3d1a892c3842daea43ff64fa6bfb2276504003de0c8822412bb403e90c783d1b_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:5606d9e6154e3eb20a6c7b94346881ddedb155f54473f0713d67fe4fa0586ac3_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:9e783056352c39529e7315855af6d05cde5b39c009d2e67b9d88fb0210d30ed0_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:140b3b9a9526130a50040e355eb02609e0c38bf9ec0a8d5bcefb31862e2024f7_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:64efc33fe97ef9bcae490ff0ca61717dd48e6b0b0aab417e8ff252250baed576_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:994412dd0b9619d215a17d5ac684b11864f12030a399437247dbfa9f26061e31_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:f6a4ce6ceab1271e0afab9e60f4ef27745c584341ba944fd10e0b4209c8e4650_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:13ef7c6b65ffe6a1b434091830aa08fe539d9befd8e55f3177e486e59fdfc9b5_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:67bbdc696225283b4baa550a402fb03d9999ccd471a62622df1bbf0917ac8f52_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:8b16aa9760ba4402dfef3eac989432a794af7c1c71f3e1127f6077d54cdf244d_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:dad83ae3c921ff7444f8317fbdc165a43f9177b5d0554b08a960d9752ed1dbf8_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:57538de1fa62ef85ff3bcf844e90d44d79bb35bae50b21b2029d5fdcb909520c_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:b0c240f80580258ce2e46a0799839048a13c75ea5f0c1afdeb197f7fa559c2f3_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:b7e8f2fc682eb7ae91bb81b41e2b3e0b11fbabf1399e3013cd1353d3e5503423_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:bb4a9276e2362c620f8db391c796e04e5baedef7e677b58385283ade2cd3210e_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:19521b1b70014a01fa4c7eb5852bd621714246aaa05ea39664357b3ab8f5aae4_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:63056ed45fb5ba627a3cd35d0866d49ebcfa214e1fef12e8005540b656948cbf_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:b590daae5128cf8d3c83fe406a6c293ed496cd75015dd9c04fe8e75677bcf898_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:c6e7572299b082af41e6354ba0c793961b525df3131710da9b7fa1700864e0ee_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:1ca6accd21c73a5e7bf04400e042fd1ee84ff7d18754e50fed5f5dd8f92c1208_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:385376977c96bac3a56120ec859b410f8eb869d61195ceca2ab6b8602ae60f98_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:486133a133b4eb1886bf64ca623ffedf08b1eb102fa9c129614bb9ac711afdad_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:87a79c1d5b549de5dd7295ee7e6051a3d31a3d09b016a4904a2f0f29661468f8_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:205fb68996e4662d1dc53846fe878f3704caaff051e788b9b8c01c653d2d2dd6_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:7c2ec1a251c2bf42c2b90a092e3a1e781b0e6b78894574324f559dc3ce05b918_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:b94388d2168c576294a666ad688c11058a9120a1f82f46b00e17efc7cac8e283_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:e89b050a707bd7ce17b43a72bb9a39a3e587dbadb607b16c52848609b0d6ac13_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:4961180b0cf3005e3b13596a62d00b5417b79db6763ed6499bbdd33ffc5e7d8f_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:8f0a22e65065dd0a0d7603d880ba5204f697cab690d48bec4096ac4dfced34eb_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:c531d7b27a6ab1f33e07badfd713ef3fb2c51be09e2a054654d88e634e74211b_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:c6e080ca0bd427202f59aaa22ebbe6c0e605ea826a39a7ae6d31830847a2abb4_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:657056516c00fda9f925f3a49cb77fbee15bd85744da16eb30fc6d5b50f19cb5_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:8427851fc9e645146de5aa8f1fbc1b43ae774d4373f3523b5236eae17d54976c_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:91eb2632f9174d001ccdd904a6b0ee2aa08e31b784fb7854d6e00ef5537797f2_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:ceacd9e28ebf4e2b8be2915703fcb47739098a1ef0eb47cfd5165ab09ae5f11f_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:10710f43daa6a7596580e2251a4ce78b9f5f129b69ae86b830fac2ced267dc53_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:5028095ad4062ba947075e6c1064c6cae11a3a7495bd5ed93a2dd47fa08abf7f_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:73343845c72dea40bfa36649b13d1d241f0190aa7b4d4e05952b43710ef8de42_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:b683c66057d65b6ca4360a31811944b4083de6b6294cf09a1c841a4498cbfd0e_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:4909fc1686e26c789c42426b51718ef756c595b25ba7bb372f80cbe76cd81e50_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:647960dd990e5d4b7203450392a03d5e395de52b9a09b7488897f76f9ec16ac3_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:98ef84a6f8d90cb09113e6a3431fa00c5910ab5ba9e8263e22f7c2fc39443c20_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:f4ec8416deebe2f69231a2d137e05f0b244216826e1c029ff751d46cea8e0e09_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:34b737d8960e90357006419682b8b28f10d30cec8ae8ddfbdc7805cddb0ae120_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:65595440f3d1b49881d658d7fbfc3e48805a010e8b4808a0c113b25725b6d5df_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:755cea404ea13004e6d142985f6c7607d3d87daec4db4861bd06b6cbbeb62047_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:a67877772626c15a61c0c84009c7a4aed49e352d08d1fb518325a5190975cee6_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:38fc5ff2e94071852aaeafe98394ad26a15384046a3979e731e074c131b0e89c_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:49bc55113a9e69d0555440dab3b73c436fa9c7032f1d22e5cfdb592f5a78bd62_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:75f3f3856b19e3169e534f148048fa0ff34974523723850da22fa982c6771165_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:ba7d02e77d8dd52dd61425b27b400e0b3b2db16a82addb444bf12ec6d30a3364_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:4a78df0a94677a0eefa21b58a9ce4e277f02ae73b62def3c67ff530a352e3f6c_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:656d328dab901a6c91acd23695d857c74e513b03424dac9070b013786b5b15d7_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:9b4d478ea1b8f678154eae25a63fa4c5efaf6c6d2af26200bb5fd5d24288c2ce_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:bdb1cb4d3ed7e091b2241e5e279a8b327d3710396597e215b718a677f96878ed_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:3a178a67d25889f7999f738077ed6a9247a77b9507aa7a05921fcff60b9d2636_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:3f0158b470e1cd9a76d28d7d3840e722548900b045e23bdd110c0eefae987249_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:49d9b1b412dc6adada0336e6fa9088e732b67a77baa77e802d44d36a31b7b675_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:65872b0324e907feaa4e7f2851d29d35306549ce35005259eaf6cb1f560c7a06_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:7aafa8c6604fab9ddd9d7e01ce2e32dac0496f3ffe0468aaefca10aba3a02d7f_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:a50ba0fa8810e141d7e0fa31e6f5387c9335ed8fc83f95c4293be0212f15e658_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:baa6d9bc58f4d70b7207688bd743e940b51a1d677b3ae357e8b81cb739e2790c_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:cdbcc2e47b1e2846b1d847bdf1a2e8972e1bcd5a55756feb15def6c20812f0ef_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:13c46cc94f63978ae9aad5e5a8e28f05602a165eb264f5d3a36af7b320f40030_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:9e9170e5f4303bb0d664e875656971a359f42100ffcad76cf895db0bee84cb19_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:c8939d68dc4dea211e4aadef72d92cc4be2650407581f807241ccda0bb8960fc_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:e24ccd1d29f5d3019c0b64f8ef9bdcb235eb9555e67d625c06339865727fdd92_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:101d95caac7754e2a52d604b5458c1e37f243baa00f63270cbed87eb1b070057_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:17996ed18a7c5946d45802bf31f8a5075c6080f8e5340334d21764f6bd946454_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:42cd33038c6dc4f5f60ad6d62a29a3446fe69c632238614005cc2d9ed1d65902_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:a16813a750131e825a9cae498bbcfd6b377f6762e08e8743ef06f4eb06a7297c_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:65d3d04cada5750601d2372642d14e64320cee7b8a5286e11fdd477ba8b5e7ba_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:7e83ecbd9f40272e5359826761a2b6d9f48a299d99ffa245e4343d2a5526b289_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:92c0a5ad9e0f0825cf06b1ffdd753180b60b553a55675b327b34146081c41ae6_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b388e4e313a3e2b766a443b14a7c932ae6aa0b2aa1e39c450c34ec3cb540074d_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:2389723dc391b58f2b78a873d7b3ce061835dd0851806c0ac1807f1a5fdb1ccf_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:2d4c85b612c10c09608c6a54cd9e55487439a30635938e018ea66f3562d5995b_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:30b9c14e2c64f979c5775c331b264223075f8aa29199c9bdbb2365480553a061_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:853563cd50f8782fbd516fa1d4154593e421757677cd1fdbbf32cd8cb6231a99_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:03d39fb027b3d3db514d944e1911266e99b0fb5671cefa7287dc898aa0116ed9_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:15409fb17ca0e206d33b2819c8459e2ef609cb34ec0f4debd786bb2c8c4162f6_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:d44f4a854122aad1cf7bd4e5611ee36557a86331cb687236401237858f1150f6_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:fa649457709bd0d8098b928dc8ff1813169c7abc82af9c4f81e270ef77e83c63_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:0fb43c8bc323fb5066209cbd990c260096c331a5eca5a695c9715765cb5fcaef_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:64aefc4a5241b636add963a7ae9c80e89fb6e51c2c70b1340c16c2a396223460_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:95d4dcb17bfe3ba981ce84a27e79e8bad1f0574b7d287316ac885c3a03b47d0b_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:d37298739aa029391da1e24a052d68fb4d42a654493f3f9c0cf5f84894b2a359_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:0adb1f93691c91c098e88d10a5c85bb9c40a86c97ce9da03db4ef046aa729046_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:20f4edc0c5cec375d29a0d1556f57d107da7300bf9fa0bbb79a03241f8103d0e_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:a3eb86fccb73f1177cb8ecc0a2f0c34977a51d2e1dc6f206f7d9abcda51a1950_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:b2e406bf1cdc672d655c6805851b6f511a293f3d44c844663a3bab720c3ceff1_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:609b6f5a0f9f1d86d123414bbf80b79afa50d575c8e9d57845db41b798a32369_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:759c3b2c67e24f134f48628adb4c81bb82a060f57821ece082ba043831f6e730_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:8a14ece050720263b1e66751121324660edae661a27e5401c94082ca5fd2a6aa_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:d96ae13c66493e6e82532abb5aa0ca4e97409539ac3d0f0bb8ad25e9b8b84141_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:76e7acc3f5083d73cbcfdaf4d59790070ef1b77a202242d661540bbefcc92542_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:a8583d0cb70c604bcdf595eac14ce3f25ca4ffd98d0ebb7c38ae9601b3906fee_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:c97f22fa4f3502f16a68d488692ebf7cc048f49b5c56820670f29d5fdaa7d960_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:db050305b80c665ecbd3c205b0acd660487874bfba688bd715e26fb151fd2189_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:47b70eda9d66d5ecf0b503b65401907cd6563b9dc1a72ece63ba7ecdcd08487a_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:6ea72894ba4d2ec772ab6565019f4600234957af802797c650c32516d56ea121_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:7d701a3e0495b98428f1cb072dd1fd655963fa4b4537198d26cd62e3c38fff63_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:dc78fbb014fa97d6ee2b2b32475dc39c7277f132558c7f8b5299b6a85018043a_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:52cb87eb762d0aeb6fc26335f7416bd1975c64ebc55d37914553178627e4325c_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:76e2cca6983c688231e90f11868900ae32fb495032ffdf1a27eaceb34e24d51c_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:bbfc3a0e887427d11018ac789ff75b6d94167f52fbc756749e3d54391d4355bb_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:bc9f9494efef5a03e42db6a0da3d79717420b932d176e66f33885beb47ac1f8b_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate"
},
{
"cve": "CVE-2025-68121",
"discovery_date": "2026-02-05T18:01:30.086058+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:6010f1e00ada07c0100468bde8ab20c176610f9d8e7498fc26d46960d63c9984_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:9530059a49869e8f1909a7ab06036c7fd36018a14ae2e6f22c5c0c1868eaaf49_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:b1eb4a408936b8cd0863c04fb7fe3a72e875c06d9f5c33dca4c82dd4a05a027f_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:ea9dda951ced7f3641ba5afd651191a75321cb0db5e251f66a510bc6d6f0f090_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:1a9bf49ede874a64c5acbe426e62324b564458e5575db9dd95230a15933e9adc_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:a464a9d46467012d73772656bd5eb81713bcc2d27b461e1083ba5c00548156a8_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:b3cb1d388c9d992b4721a1087e142255583868d0c855f5603d37b67d2c0ed64c_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:d66e556ff0b55bf9a54b45dc26e5175a662be785440db589efe01efa9da30d0e_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:2b20ddec4825b4224839823ce56183cd163491142b9d613f51f5e15859c0bf2f_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:5cf7bb103490cb1b5423c7d02d5b412f9059dca5455770fb0ecae8e1331493d7_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:c9456c7efa795d600500ab1c05e30ac7ce8f83fd571c5d8cfc0d382fcf575d9f_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:d1773b6567bd5ebd6b33e5ff24bafdd17e1d1f4dceb2a93fd4355bad0995b7a9_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:4c30c0f1e5ba711350357dbfb9f5048129a90be5c28011f85116a2fb365c6f4c_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:88c09914c96a5eeea856d8ec05f7c4d7afff9537990a3508073a98de2977e983_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:a2bbd28144d23264473715038172a92b199f6fb0a1b1f3f1cad2c56a3454fe00_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:b1619f86a599f1c386e8b487a1855b6f99a3538a619b55479debce224f541544_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:09ddc268aff8a2e20a6678fe200843c4fc98e9e1d305074c5bbef73760ec15a9_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:3d1a892c3842daea43ff64fa6bfb2276504003de0c8822412bb403e90c783d1b_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:5606d9e6154e3eb20a6c7b94346881ddedb155f54473f0713d67fe4fa0586ac3_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:9e783056352c39529e7315855af6d05cde5b39c009d2e67b9d88fb0210d30ed0_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:140b3b9a9526130a50040e355eb02609e0c38bf9ec0a8d5bcefb31862e2024f7_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:64efc33fe97ef9bcae490ff0ca61717dd48e6b0b0aab417e8ff252250baed576_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:994412dd0b9619d215a17d5ac684b11864f12030a399437247dbfa9f26061e31_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:f6a4ce6ceab1271e0afab9e60f4ef27745c584341ba944fd10e0b4209c8e4650_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:13ef7c6b65ffe6a1b434091830aa08fe539d9befd8e55f3177e486e59fdfc9b5_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:67bbdc696225283b4baa550a402fb03d9999ccd471a62622df1bbf0917ac8f52_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:8b16aa9760ba4402dfef3eac989432a794af7c1c71f3e1127f6077d54cdf244d_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:dad83ae3c921ff7444f8317fbdc165a43f9177b5d0554b08a960d9752ed1dbf8_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:57538de1fa62ef85ff3bcf844e90d44d79bb35bae50b21b2029d5fdcb909520c_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:b0c240f80580258ce2e46a0799839048a13c75ea5f0c1afdeb197f7fa559c2f3_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:b7e8f2fc682eb7ae91bb81b41e2b3e0b11fbabf1399e3013cd1353d3e5503423_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:bb4a9276e2362c620f8db391c796e04e5baedef7e677b58385283ade2cd3210e_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:19521b1b70014a01fa4c7eb5852bd621714246aaa05ea39664357b3ab8f5aae4_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:63056ed45fb5ba627a3cd35d0866d49ebcfa214e1fef12e8005540b656948cbf_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:b590daae5128cf8d3c83fe406a6c293ed496cd75015dd9c04fe8e75677bcf898_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:c6e7572299b082af41e6354ba0c793961b525df3131710da9b7fa1700864e0ee_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:1ca6accd21c73a5e7bf04400e042fd1ee84ff7d18754e50fed5f5dd8f92c1208_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:385376977c96bac3a56120ec859b410f8eb869d61195ceca2ab6b8602ae60f98_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:486133a133b4eb1886bf64ca623ffedf08b1eb102fa9c129614bb9ac711afdad_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:87a79c1d5b549de5dd7295ee7e6051a3d31a3d09b016a4904a2f0f29661468f8_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:205fb68996e4662d1dc53846fe878f3704caaff051e788b9b8c01c653d2d2dd6_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:7c2ec1a251c2bf42c2b90a092e3a1e781b0e6b78894574324f559dc3ce05b918_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:b94388d2168c576294a666ad688c11058a9120a1f82f46b00e17efc7cac8e283_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:e89b050a707bd7ce17b43a72bb9a39a3e587dbadb607b16c52848609b0d6ac13_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:4961180b0cf3005e3b13596a62d00b5417b79db6763ed6499bbdd33ffc5e7d8f_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:8f0a22e65065dd0a0d7603d880ba5204f697cab690d48bec4096ac4dfced34eb_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:c531d7b27a6ab1f33e07badfd713ef3fb2c51be09e2a054654d88e634e74211b_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:c6e080ca0bd427202f59aaa22ebbe6c0e605ea826a39a7ae6d31830847a2abb4_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:657056516c00fda9f925f3a49cb77fbee15bd85744da16eb30fc6d5b50f19cb5_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:8427851fc9e645146de5aa8f1fbc1b43ae774d4373f3523b5236eae17d54976c_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:91eb2632f9174d001ccdd904a6b0ee2aa08e31b784fb7854d6e00ef5537797f2_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:ceacd9e28ebf4e2b8be2915703fcb47739098a1ef0eb47cfd5165ab09ae5f11f_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:10710f43daa6a7596580e2251a4ce78b9f5f129b69ae86b830fac2ced267dc53_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:5028095ad4062ba947075e6c1064c6cae11a3a7495bd5ed93a2dd47fa08abf7f_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:73343845c72dea40bfa36649b13d1d241f0190aa7b4d4e05952b43710ef8de42_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:b683c66057d65b6ca4360a31811944b4083de6b6294cf09a1c841a4498cbfd0e_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:34b737d8960e90357006419682b8b28f10d30cec8ae8ddfbdc7805cddb0ae120_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:65595440f3d1b49881d658d7fbfc3e48805a010e8b4808a0c113b25725b6d5df_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:755cea404ea13004e6d142985f6c7607d3d87daec4db4861bd06b6cbbeb62047_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:a67877772626c15a61c0c84009c7a4aed49e352d08d1fb518325a5190975cee6_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:38fc5ff2e94071852aaeafe98394ad26a15384046a3979e731e074c131b0e89c_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:49bc55113a9e69d0555440dab3b73c436fa9c7032f1d22e5cfdb592f5a78bd62_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:75f3f3856b19e3169e534f148048fa0ff34974523723850da22fa982c6771165_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:ba7d02e77d8dd52dd61425b27b400e0b3b2db16a82addb444bf12ec6d30a3364_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:4a78df0a94677a0eefa21b58a9ce4e277f02ae73b62def3c67ff530a352e3f6c_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:656d328dab901a6c91acd23695d857c74e513b03424dac9070b013786b5b15d7_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:9b4d478ea1b8f678154eae25a63fa4c5efaf6c6d2af26200bb5fd5d24288c2ce_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:bdb1cb4d3ed7e091b2241e5e279a8b327d3710396597e215b718a677f96878ed_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:3a178a67d25889f7999f738077ed6a9247a77b9507aa7a05921fcff60b9d2636_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:3f0158b470e1cd9a76d28d7d3840e722548900b045e23bdd110c0eefae987249_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:49d9b1b412dc6adada0336e6fa9088e732b67a77baa77e802d44d36a31b7b675_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:65872b0324e907feaa4e7f2851d29d35306549ce35005259eaf6cb1f560c7a06_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:7aafa8c6604fab9ddd9d7e01ce2e32dac0496f3ffe0468aaefca10aba3a02d7f_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:a50ba0fa8810e141d7e0fa31e6f5387c9335ed8fc83f95c4293be0212f15e658_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:baa6d9bc58f4d70b7207688bd743e940b51a1d677b3ae357e8b81cb739e2790c_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:cdbcc2e47b1e2846b1d847bdf1a2e8972e1bcd5a55756feb15def6c20812f0ef_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:13c46cc94f63978ae9aad5e5a8e28f05602a165eb264f5d3a36af7b320f40030_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:9e9170e5f4303bb0d664e875656971a359f42100ffcad76cf895db0bee84cb19_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:c8939d68dc4dea211e4aadef72d92cc4be2650407581f807241ccda0bb8960fc_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:e24ccd1d29f5d3019c0b64f8ef9bdcb235eb9555e67d625c06339865727fdd92_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:101d95caac7754e2a52d604b5458c1e37f243baa00f63270cbed87eb1b070057_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:17996ed18a7c5946d45802bf31f8a5075c6080f8e5340334d21764f6bd946454_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:42cd33038c6dc4f5f60ad6d62a29a3446fe69c632238614005cc2d9ed1d65902_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:a16813a750131e825a9cae498bbcfd6b377f6762e08e8743ef06f4eb06a7297c_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:65d3d04cada5750601d2372642d14e64320cee7b8a5286e11fdd477ba8b5e7ba_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:7e83ecbd9f40272e5359826761a2b6d9f48a299d99ffa245e4343d2a5526b289_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:92c0a5ad9e0f0825cf06b1ffdd753180b60b553a55675b327b34146081c41ae6_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b388e4e313a3e2b766a443b14a7c932ae6aa0b2aa1e39c450c34ec3cb540074d_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:2389723dc391b58f2b78a873d7b3ce061835dd0851806c0ac1807f1a5fdb1ccf_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:2d4c85b612c10c09608c6a54cd9e55487439a30635938e018ea66f3562d5995b_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:30b9c14e2c64f979c5775c331b264223075f8aa29199c9bdbb2365480553a061_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:853563cd50f8782fbd516fa1d4154593e421757677cd1fdbbf32cd8cb6231a99_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:03d39fb027b3d3db514d944e1911266e99b0fb5671cefa7287dc898aa0116ed9_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:15409fb17ca0e206d33b2819c8459e2ef609cb34ec0f4debd786bb2c8c4162f6_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:d44f4a854122aad1cf7bd4e5611ee36557a86331cb687236401237858f1150f6_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:fa649457709bd0d8098b928dc8ff1813169c7abc82af9c4f81e270ef77e83c63_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:0fb43c8bc323fb5066209cbd990c260096c331a5eca5a695c9715765cb5fcaef_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:64aefc4a5241b636add963a7ae9c80e89fb6e51c2c70b1340c16c2a396223460_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:95d4dcb17bfe3ba981ce84a27e79e8bad1f0574b7d287316ac885c3a03b47d0b_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:d37298739aa029391da1e24a052d68fb4d42a654493f3f9c0cf5f84894b2a359_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:0adb1f93691c91c098e88d10a5c85bb9c40a86c97ce9da03db4ef046aa729046_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:20f4edc0c5cec375d29a0d1556f57d107da7300bf9fa0bbb79a03241f8103d0e_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:a3eb86fccb73f1177cb8ecc0a2f0c34977a51d2e1dc6f206f7d9abcda51a1950_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:b2e406bf1cdc672d655c6805851b6f511a293f3d44c844663a3bab720c3ceff1_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:609b6f5a0f9f1d86d123414bbf80b79afa50d575c8e9d57845db41b798a32369_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:759c3b2c67e24f134f48628adb4c81bb82a060f57821ece082ba043831f6e730_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:8a14ece050720263b1e66751121324660edae661a27e5401c94082ca5fd2a6aa_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:d96ae13c66493e6e82532abb5aa0ca4e97409539ac3d0f0bb8ad25e9b8b84141_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:76e7acc3f5083d73cbcfdaf4d59790070ef1b77a202242d661540bbefcc92542_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:a8583d0cb70c604bcdf595eac14ce3f25ca4ffd98d0ebb7c38ae9601b3906fee_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:c97f22fa4f3502f16a68d488692ebf7cc048f49b5c56820670f29d5fdaa7d960_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:db050305b80c665ecbd3c205b0acd660487874bfba688bd715e26fb151fd2189_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:47b70eda9d66d5ecf0b503b65401907cd6563b9dc1a72ece63ba7ecdcd08487a_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:6ea72894ba4d2ec772ab6565019f4600234957af802797c650c32516d56ea121_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:7d701a3e0495b98428f1cb072dd1fd655963fa4b4537198d26cd62e3c38fff63_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:dc78fbb014fa97d6ee2b2b32475dc39c7277f132558c7f8b5299b6a85018043a_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:52cb87eb762d0aeb6fc26335f7416bd1975c64ebc55d37914553178627e4325c_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:76e2cca6983c688231e90f11868900ae32fb495032ffdf1a27eaceb34e24d51c_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:bbfc3a0e887427d11018ac789ff75b6d94167f52fbc756749e3d54391d4355bb_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:bc9f9494efef5a03e42db6a0da3d79717420b932d176e66f33885beb47ac1f8b_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2437111"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security (TLS) session resumption when certificate authority (CA) settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing a client or server to establish a connection that should have been rejected. This could lead to an authentication bypass under specific conditions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is a moderate flaw because it only occurs under specific conditions, such as TLS session resumption with runtime changes to certificate authority settings. Exploitation is not straightforward and requires a controlled setup. The impact is limited to certificate validation within the same component and does not affect system availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:4909fc1686e26c789c42426b51718ef756c595b25ba7bb372f80cbe76cd81e50_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:647960dd990e5d4b7203450392a03d5e395de52b9a09b7488897f76f9ec16ac3_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:98ef84a6f8d90cb09113e6a3431fa00c5910ab5ba9e8263e22f7c2fc39443c20_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:f4ec8416deebe2f69231a2d137e05f0b244216826e1c029ff751d46cea8e0e09_ppc64le"
],
"known_not_affected": [
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:6010f1e00ada07c0100468bde8ab20c176610f9d8e7498fc26d46960d63c9984_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:9530059a49869e8f1909a7ab06036c7fd36018a14ae2e6f22c5c0c1868eaaf49_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:b1eb4a408936b8cd0863c04fb7fe3a72e875c06d9f5c33dca4c82dd4a05a027f_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:ea9dda951ced7f3641ba5afd651191a75321cb0db5e251f66a510bc6d6f0f090_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:1a9bf49ede874a64c5acbe426e62324b564458e5575db9dd95230a15933e9adc_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:a464a9d46467012d73772656bd5eb81713bcc2d27b461e1083ba5c00548156a8_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:b3cb1d388c9d992b4721a1087e142255583868d0c855f5603d37b67d2c0ed64c_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:d66e556ff0b55bf9a54b45dc26e5175a662be785440db589efe01efa9da30d0e_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:2b20ddec4825b4224839823ce56183cd163491142b9d613f51f5e15859c0bf2f_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:5cf7bb103490cb1b5423c7d02d5b412f9059dca5455770fb0ecae8e1331493d7_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:c9456c7efa795d600500ab1c05e30ac7ce8f83fd571c5d8cfc0d382fcf575d9f_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:d1773b6567bd5ebd6b33e5ff24bafdd17e1d1f4dceb2a93fd4355bad0995b7a9_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:4c30c0f1e5ba711350357dbfb9f5048129a90be5c28011f85116a2fb365c6f4c_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:88c09914c96a5eeea856d8ec05f7c4d7afff9537990a3508073a98de2977e983_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:a2bbd28144d23264473715038172a92b199f6fb0a1b1f3f1cad2c56a3454fe00_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:b1619f86a599f1c386e8b487a1855b6f99a3538a619b55479debce224f541544_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:09ddc268aff8a2e20a6678fe200843c4fc98e9e1d305074c5bbef73760ec15a9_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:3d1a892c3842daea43ff64fa6bfb2276504003de0c8822412bb403e90c783d1b_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:5606d9e6154e3eb20a6c7b94346881ddedb155f54473f0713d67fe4fa0586ac3_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:9e783056352c39529e7315855af6d05cde5b39c009d2e67b9d88fb0210d30ed0_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:140b3b9a9526130a50040e355eb02609e0c38bf9ec0a8d5bcefb31862e2024f7_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:64efc33fe97ef9bcae490ff0ca61717dd48e6b0b0aab417e8ff252250baed576_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:994412dd0b9619d215a17d5ac684b11864f12030a399437247dbfa9f26061e31_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:f6a4ce6ceab1271e0afab9e60f4ef27745c584341ba944fd10e0b4209c8e4650_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:13ef7c6b65ffe6a1b434091830aa08fe539d9befd8e55f3177e486e59fdfc9b5_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:67bbdc696225283b4baa550a402fb03d9999ccd471a62622df1bbf0917ac8f52_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:8b16aa9760ba4402dfef3eac989432a794af7c1c71f3e1127f6077d54cdf244d_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:dad83ae3c921ff7444f8317fbdc165a43f9177b5d0554b08a960d9752ed1dbf8_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:57538de1fa62ef85ff3bcf844e90d44d79bb35bae50b21b2029d5fdcb909520c_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:b0c240f80580258ce2e46a0799839048a13c75ea5f0c1afdeb197f7fa559c2f3_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:b7e8f2fc682eb7ae91bb81b41e2b3e0b11fbabf1399e3013cd1353d3e5503423_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:bb4a9276e2362c620f8db391c796e04e5baedef7e677b58385283ade2cd3210e_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:19521b1b70014a01fa4c7eb5852bd621714246aaa05ea39664357b3ab8f5aae4_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:63056ed45fb5ba627a3cd35d0866d49ebcfa214e1fef12e8005540b656948cbf_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:b590daae5128cf8d3c83fe406a6c293ed496cd75015dd9c04fe8e75677bcf898_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:c6e7572299b082af41e6354ba0c793961b525df3131710da9b7fa1700864e0ee_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:1ca6accd21c73a5e7bf04400e042fd1ee84ff7d18754e50fed5f5dd8f92c1208_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:385376977c96bac3a56120ec859b410f8eb869d61195ceca2ab6b8602ae60f98_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:486133a133b4eb1886bf64ca623ffedf08b1eb102fa9c129614bb9ac711afdad_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:87a79c1d5b549de5dd7295ee7e6051a3d31a3d09b016a4904a2f0f29661468f8_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:205fb68996e4662d1dc53846fe878f3704caaff051e788b9b8c01c653d2d2dd6_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:7c2ec1a251c2bf42c2b90a092e3a1e781b0e6b78894574324f559dc3ce05b918_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:b94388d2168c576294a666ad688c11058a9120a1f82f46b00e17efc7cac8e283_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:e89b050a707bd7ce17b43a72bb9a39a3e587dbadb607b16c52848609b0d6ac13_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:4961180b0cf3005e3b13596a62d00b5417b79db6763ed6499bbdd33ffc5e7d8f_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:8f0a22e65065dd0a0d7603d880ba5204f697cab690d48bec4096ac4dfced34eb_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:c531d7b27a6ab1f33e07badfd713ef3fb2c51be09e2a054654d88e634e74211b_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:c6e080ca0bd427202f59aaa22ebbe6c0e605ea826a39a7ae6d31830847a2abb4_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:657056516c00fda9f925f3a49cb77fbee15bd85744da16eb30fc6d5b50f19cb5_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:8427851fc9e645146de5aa8f1fbc1b43ae774d4373f3523b5236eae17d54976c_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:91eb2632f9174d001ccdd904a6b0ee2aa08e31b784fb7854d6e00ef5537797f2_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:ceacd9e28ebf4e2b8be2915703fcb47739098a1ef0eb47cfd5165ab09ae5f11f_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:10710f43daa6a7596580e2251a4ce78b9f5f129b69ae86b830fac2ced267dc53_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:5028095ad4062ba947075e6c1064c6cae11a3a7495bd5ed93a2dd47fa08abf7f_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:73343845c72dea40bfa36649b13d1d241f0190aa7b4d4e05952b43710ef8de42_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:b683c66057d65b6ca4360a31811944b4083de6b6294cf09a1c841a4498cbfd0e_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:34b737d8960e90357006419682b8b28f10d30cec8ae8ddfbdc7805cddb0ae120_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:65595440f3d1b49881d658d7fbfc3e48805a010e8b4808a0c113b25725b6d5df_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:755cea404ea13004e6d142985f6c7607d3d87daec4db4861bd06b6cbbeb62047_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:a67877772626c15a61c0c84009c7a4aed49e352d08d1fb518325a5190975cee6_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:38fc5ff2e94071852aaeafe98394ad26a15384046a3979e731e074c131b0e89c_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:49bc55113a9e69d0555440dab3b73c436fa9c7032f1d22e5cfdb592f5a78bd62_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:75f3f3856b19e3169e534f148048fa0ff34974523723850da22fa982c6771165_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:ba7d02e77d8dd52dd61425b27b400e0b3b2db16a82addb444bf12ec6d30a3364_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:4a78df0a94677a0eefa21b58a9ce4e277f02ae73b62def3c67ff530a352e3f6c_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:656d328dab901a6c91acd23695d857c74e513b03424dac9070b013786b5b15d7_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:9b4d478ea1b8f678154eae25a63fa4c5efaf6c6d2af26200bb5fd5d24288c2ce_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:bdb1cb4d3ed7e091b2241e5e279a8b327d3710396597e215b718a677f96878ed_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:3a178a67d25889f7999f738077ed6a9247a77b9507aa7a05921fcff60b9d2636_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:3f0158b470e1cd9a76d28d7d3840e722548900b045e23bdd110c0eefae987249_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:49d9b1b412dc6adada0336e6fa9088e732b67a77baa77e802d44d36a31b7b675_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:65872b0324e907feaa4e7f2851d29d35306549ce35005259eaf6cb1f560c7a06_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:7aafa8c6604fab9ddd9d7e01ce2e32dac0496f3ffe0468aaefca10aba3a02d7f_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:a50ba0fa8810e141d7e0fa31e6f5387c9335ed8fc83f95c4293be0212f15e658_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:baa6d9bc58f4d70b7207688bd743e940b51a1d677b3ae357e8b81cb739e2790c_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:cdbcc2e47b1e2846b1d847bdf1a2e8972e1bcd5a55756feb15def6c20812f0ef_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:13c46cc94f63978ae9aad5e5a8e28f05602a165eb264f5d3a36af7b320f40030_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:9e9170e5f4303bb0d664e875656971a359f42100ffcad76cf895db0bee84cb19_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:c8939d68dc4dea211e4aadef72d92cc4be2650407581f807241ccda0bb8960fc_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:e24ccd1d29f5d3019c0b64f8ef9bdcb235eb9555e67d625c06339865727fdd92_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:101d95caac7754e2a52d604b5458c1e37f243baa00f63270cbed87eb1b070057_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:17996ed18a7c5946d45802bf31f8a5075c6080f8e5340334d21764f6bd946454_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:42cd33038c6dc4f5f60ad6d62a29a3446fe69c632238614005cc2d9ed1d65902_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:a16813a750131e825a9cae498bbcfd6b377f6762e08e8743ef06f4eb06a7297c_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:65d3d04cada5750601d2372642d14e64320cee7b8a5286e11fdd477ba8b5e7ba_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:7e83ecbd9f40272e5359826761a2b6d9f48a299d99ffa245e4343d2a5526b289_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:92c0a5ad9e0f0825cf06b1ffdd753180b60b553a55675b327b34146081c41ae6_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b388e4e313a3e2b766a443b14a7c932ae6aa0b2aa1e39c450c34ec3cb540074d_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:2389723dc391b58f2b78a873d7b3ce061835dd0851806c0ac1807f1a5fdb1ccf_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:2d4c85b612c10c09608c6a54cd9e55487439a30635938e018ea66f3562d5995b_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:30b9c14e2c64f979c5775c331b264223075f8aa29199c9bdbb2365480553a061_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:853563cd50f8782fbd516fa1d4154593e421757677cd1fdbbf32cd8cb6231a99_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:03d39fb027b3d3db514d944e1911266e99b0fb5671cefa7287dc898aa0116ed9_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:15409fb17ca0e206d33b2819c8459e2ef609cb34ec0f4debd786bb2c8c4162f6_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:d44f4a854122aad1cf7bd4e5611ee36557a86331cb687236401237858f1150f6_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:fa649457709bd0d8098b928dc8ff1813169c7abc82af9c4f81e270ef77e83c63_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:0fb43c8bc323fb5066209cbd990c260096c331a5eca5a695c9715765cb5fcaef_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:64aefc4a5241b636add963a7ae9c80e89fb6e51c2c70b1340c16c2a396223460_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:95d4dcb17bfe3ba981ce84a27e79e8bad1f0574b7d287316ac885c3a03b47d0b_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:d37298739aa029391da1e24a052d68fb4d42a654493f3f9c0cf5f84894b2a359_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:0adb1f93691c91c098e88d10a5c85bb9c40a86c97ce9da03db4ef046aa729046_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:20f4edc0c5cec375d29a0d1556f57d107da7300bf9fa0bbb79a03241f8103d0e_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:a3eb86fccb73f1177cb8ecc0a2f0c34977a51d2e1dc6f206f7d9abcda51a1950_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:b2e406bf1cdc672d655c6805851b6f511a293f3d44c844663a3bab720c3ceff1_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:609b6f5a0f9f1d86d123414bbf80b79afa50d575c8e9d57845db41b798a32369_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:759c3b2c67e24f134f48628adb4c81bb82a060f57821ece082ba043831f6e730_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:8a14ece050720263b1e66751121324660edae661a27e5401c94082ca5fd2a6aa_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:d96ae13c66493e6e82532abb5aa0ca4e97409539ac3d0f0bb8ad25e9b8b84141_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:76e7acc3f5083d73cbcfdaf4d59790070ef1b77a202242d661540bbefcc92542_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:a8583d0cb70c604bcdf595eac14ce3f25ca4ffd98d0ebb7c38ae9601b3906fee_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:c97f22fa4f3502f16a68d488692ebf7cc048f49b5c56820670f29d5fdaa7d960_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:db050305b80c665ecbd3c205b0acd660487874bfba688bd715e26fb151fd2189_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:47b70eda9d66d5ecf0b503b65401907cd6563b9dc1a72ece63ba7ecdcd08487a_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:6ea72894ba4d2ec772ab6565019f4600234957af802797c650c32516d56ea121_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:7d701a3e0495b98428f1cb072dd1fd655963fa4b4537198d26cd62e3c38fff63_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:dc78fbb014fa97d6ee2b2b32475dc39c7277f132558c7f8b5299b6a85018043a_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:52cb87eb762d0aeb6fc26335f7416bd1975c64ebc55d37914553178627e4325c_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:76e2cca6983c688231e90f11868900ae32fb495032ffdf1a27eaceb34e24d51c_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:bbfc3a0e887427d11018ac789ff75b6d94167f52fbc756749e3d54391d4355bb_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:bc9f9494efef5a03e42db6a0da3d79717420b932d176e66f33885beb47ac1f8b_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68121"
},
{
"category": "external",
"summary": "RHBZ#2437111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437111"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68121"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"category": "external",
"summary": "https://go.dev/cl/737700",
"url": "https://go.dev/cl/737700"
},
{
"category": "external",
"summary": "https://go.dev/issue/77217",
"url": "https://go.dev/issue/77217"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk",
"url": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4337",
"url": "https://pkg.go.dev/vuln/GO-2026-4337"
}
],
"release_date": "2026-02-05T17:48:44.141000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-04T16:50:36+00:00",
"details": "For multicluster engine for Kubernetes, see the following documentation for\ndetails on how to install the images:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.15/html/clusters/cluster_mce_overview#mce-install-intro",
"product_ids": [
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:4909fc1686e26c789c42426b51718ef756c595b25ba7bb372f80cbe76cd81e50_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:647960dd990e5d4b7203450392a03d5e395de52b9a09b7488897f76f9ec16ac3_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:98ef84a6f8d90cb09113e6a3431fa00c5910ab5ba9e8263e22f7c2fc39443c20_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:f4ec8416deebe2f69231a2d137e05f0b244216826e1c029ff751d46cea8e0e09_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:13542"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:6010f1e00ada07c0100468bde8ab20c176610f9d8e7498fc26d46960d63c9984_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:9530059a49869e8f1909a7ab06036c7fd36018a14ae2e6f22c5c0c1868eaaf49_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:b1eb4a408936b8cd0863c04fb7fe3a72e875c06d9f5c33dca4c82dd4a05a027f_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:ea9dda951ced7f3641ba5afd651191a75321cb0db5e251f66a510bc6d6f0f090_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:1a9bf49ede874a64c5acbe426e62324b564458e5575db9dd95230a15933e9adc_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:a464a9d46467012d73772656bd5eb81713bcc2d27b461e1083ba5c00548156a8_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:b3cb1d388c9d992b4721a1087e142255583868d0c855f5603d37b67d2c0ed64c_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:d66e556ff0b55bf9a54b45dc26e5175a662be785440db589efe01efa9da30d0e_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:2b20ddec4825b4224839823ce56183cd163491142b9d613f51f5e15859c0bf2f_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:5cf7bb103490cb1b5423c7d02d5b412f9059dca5455770fb0ecae8e1331493d7_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:c9456c7efa795d600500ab1c05e30ac7ce8f83fd571c5d8cfc0d382fcf575d9f_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:d1773b6567bd5ebd6b33e5ff24bafdd17e1d1f4dceb2a93fd4355bad0995b7a9_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:4c30c0f1e5ba711350357dbfb9f5048129a90be5c28011f85116a2fb365c6f4c_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:88c09914c96a5eeea856d8ec05f7c4d7afff9537990a3508073a98de2977e983_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:a2bbd28144d23264473715038172a92b199f6fb0a1b1f3f1cad2c56a3454fe00_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:b1619f86a599f1c386e8b487a1855b6f99a3538a619b55479debce224f541544_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:09ddc268aff8a2e20a6678fe200843c4fc98e9e1d305074c5bbef73760ec15a9_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:3d1a892c3842daea43ff64fa6bfb2276504003de0c8822412bb403e90c783d1b_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:5606d9e6154e3eb20a6c7b94346881ddedb155f54473f0713d67fe4fa0586ac3_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:9e783056352c39529e7315855af6d05cde5b39c009d2e67b9d88fb0210d30ed0_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:140b3b9a9526130a50040e355eb02609e0c38bf9ec0a8d5bcefb31862e2024f7_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:64efc33fe97ef9bcae490ff0ca61717dd48e6b0b0aab417e8ff252250baed576_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:994412dd0b9619d215a17d5ac684b11864f12030a399437247dbfa9f26061e31_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:f6a4ce6ceab1271e0afab9e60f4ef27745c584341ba944fd10e0b4209c8e4650_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:13ef7c6b65ffe6a1b434091830aa08fe539d9befd8e55f3177e486e59fdfc9b5_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:67bbdc696225283b4baa550a402fb03d9999ccd471a62622df1bbf0917ac8f52_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:8b16aa9760ba4402dfef3eac989432a794af7c1c71f3e1127f6077d54cdf244d_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:dad83ae3c921ff7444f8317fbdc165a43f9177b5d0554b08a960d9752ed1dbf8_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:57538de1fa62ef85ff3bcf844e90d44d79bb35bae50b21b2029d5fdcb909520c_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:b0c240f80580258ce2e46a0799839048a13c75ea5f0c1afdeb197f7fa559c2f3_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:b7e8f2fc682eb7ae91bb81b41e2b3e0b11fbabf1399e3013cd1353d3e5503423_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:bb4a9276e2362c620f8db391c796e04e5baedef7e677b58385283ade2cd3210e_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:19521b1b70014a01fa4c7eb5852bd621714246aaa05ea39664357b3ab8f5aae4_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:63056ed45fb5ba627a3cd35d0866d49ebcfa214e1fef12e8005540b656948cbf_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:b590daae5128cf8d3c83fe406a6c293ed496cd75015dd9c04fe8e75677bcf898_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:c6e7572299b082af41e6354ba0c793961b525df3131710da9b7fa1700864e0ee_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:1ca6accd21c73a5e7bf04400e042fd1ee84ff7d18754e50fed5f5dd8f92c1208_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:385376977c96bac3a56120ec859b410f8eb869d61195ceca2ab6b8602ae60f98_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:486133a133b4eb1886bf64ca623ffedf08b1eb102fa9c129614bb9ac711afdad_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:87a79c1d5b549de5dd7295ee7e6051a3d31a3d09b016a4904a2f0f29661468f8_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:205fb68996e4662d1dc53846fe878f3704caaff051e788b9b8c01c653d2d2dd6_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:7c2ec1a251c2bf42c2b90a092e3a1e781b0e6b78894574324f559dc3ce05b918_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:b94388d2168c576294a666ad688c11058a9120a1f82f46b00e17efc7cac8e283_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:e89b050a707bd7ce17b43a72bb9a39a3e587dbadb607b16c52848609b0d6ac13_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:4961180b0cf3005e3b13596a62d00b5417b79db6763ed6499bbdd33ffc5e7d8f_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:8f0a22e65065dd0a0d7603d880ba5204f697cab690d48bec4096ac4dfced34eb_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:c531d7b27a6ab1f33e07badfd713ef3fb2c51be09e2a054654d88e634e74211b_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:c6e080ca0bd427202f59aaa22ebbe6c0e605ea826a39a7ae6d31830847a2abb4_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:657056516c00fda9f925f3a49cb77fbee15bd85744da16eb30fc6d5b50f19cb5_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:8427851fc9e645146de5aa8f1fbc1b43ae774d4373f3523b5236eae17d54976c_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:91eb2632f9174d001ccdd904a6b0ee2aa08e31b784fb7854d6e00ef5537797f2_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:ceacd9e28ebf4e2b8be2915703fcb47739098a1ef0eb47cfd5165ab09ae5f11f_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:10710f43daa6a7596580e2251a4ce78b9f5f129b69ae86b830fac2ced267dc53_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:5028095ad4062ba947075e6c1064c6cae11a3a7495bd5ed93a2dd47fa08abf7f_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:73343845c72dea40bfa36649b13d1d241f0190aa7b4d4e05952b43710ef8de42_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:b683c66057d65b6ca4360a31811944b4083de6b6294cf09a1c841a4498cbfd0e_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:4909fc1686e26c789c42426b51718ef756c595b25ba7bb372f80cbe76cd81e50_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:647960dd990e5d4b7203450392a03d5e395de52b9a09b7488897f76f9ec16ac3_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:98ef84a6f8d90cb09113e6a3431fa00c5910ab5ba9e8263e22f7c2fc39443c20_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:f4ec8416deebe2f69231a2d137e05f0b244216826e1c029ff751d46cea8e0e09_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:34b737d8960e90357006419682b8b28f10d30cec8ae8ddfbdc7805cddb0ae120_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:65595440f3d1b49881d658d7fbfc3e48805a010e8b4808a0c113b25725b6d5df_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:755cea404ea13004e6d142985f6c7607d3d87daec4db4861bd06b6cbbeb62047_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:a67877772626c15a61c0c84009c7a4aed49e352d08d1fb518325a5190975cee6_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:38fc5ff2e94071852aaeafe98394ad26a15384046a3979e731e074c131b0e89c_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:49bc55113a9e69d0555440dab3b73c436fa9c7032f1d22e5cfdb592f5a78bd62_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:75f3f3856b19e3169e534f148048fa0ff34974523723850da22fa982c6771165_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:ba7d02e77d8dd52dd61425b27b400e0b3b2db16a82addb444bf12ec6d30a3364_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:4a78df0a94677a0eefa21b58a9ce4e277f02ae73b62def3c67ff530a352e3f6c_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:656d328dab901a6c91acd23695d857c74e513b03424dac9070b013786b5b15d7_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:9b4d478ea1b8f678154eae25a63fa4c5efaf6c6d2af26200bb5fd5d24288c2ce_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:bdb1cb4d3ed7e091b2241e5e279a8b327d3710396597e215b718a677f96878ed_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:3a178a67d25889f7999f738077ed6a9247a77b9507aa7a05921fcff60b9d2636_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:3f0158b470e1cd9a76d28d7d3840e722548900b045e23bdd110c0eefae987249_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:49d9b1b412dc6adada0336e6fa9088e732b67a77baa77e802d44d36a31b7b675_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:65872b0324e907feaa4e7f2851d29d35306549ce35005259eaf6cb1f560c7a06_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:7aafa8c6604fab9ddd9d7e01ce2e32dac0496f3ffe0468aaefca10aba3a02d7f_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:a50ba0fa8810e141d7e0fa31e6f5387c9335ed8fc83f95c4293be0212f15e658_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:baa6d9bc58f4d70b7207688bd743e940b51a1d677b3ae357e8b81cb739e2790c_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:cdbcc2e47b1e2846b1d847bdf1a2e8972e1bcd5a55756feb15def6c20812f0ef_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:13c46cc94f63978ae9aad5e5a8e28f05602a165eb264f5d3a36af7b320f40030_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:9e9170e5f4303bb0d664e875656971a359f42100ffcad76cf895db0bee84cb19_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:c8939d68dc4dea211e4aadef72d92cc4be2650407581f807241ccda0bb8960fc_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:e24ccd1d29f5d3019c0b64f8ef9bdcb235eb9555e67d625c06339865727fdd92_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:101d95caac7754e2a52d604b5458c1e37f243baa00f63270cbed87eb1b070057_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:17996ed18a7c5946d45802bf31f8a5075c6080f8e5340334d21764f6bd946454_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:42cd33038c6dc4f5f60ad6d62a29a3446fe69c632238614005cc2d9ed1d65902_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:a16813a750131e825a9cae498bbcfd6b377f6762e08e8743ef06f4eb06a7297c_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:65d3d04cada5750601d2372642d14e64320cee7b8a5286e11fdd477ba8b5e7ba_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:7e83ecbd9f40272e5359826761a2b6d9f48a299d99ffa245e4343d2a5526b289_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:92c0a5ad9e0f0825cf06b1ffdd753180b60b553a55675b327b34146081c41ae6_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b388e4e313a3e2b766a443b14a7c932ae6aa0b2aa1e39c450c34ec3cb540074d_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:2389723dc391b58f2b78a873d7b3ce061835dd0851806c0ac1807f1a5fdb1ccf_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:2d4c85b612c10c09608c6a54cd9e55487439a30635938e018ea66f3562d5995b_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:30b9c14e2c64f979c5775c331b264223075f8aa29199c9bdbb2365480553a061_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:853563cd50f8782fbd516fa1d4154593e421757677cd1fdbbf32cd8cb6231a99_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:03d39fb027b3d3db514d944e1911266e99b0fb5671cefa7287dc898aa0116ed9_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:15409fb17ca0e206d33b2819c8459e2ef609cb34ec0f4debd786bb2c8c4162f6_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:d44f4a854122aad1cf7bd4e5611ee36557a86331cb687236401237858f1150f6_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:fa649457709bd0d8098b928dc8ff1813169c7abc82af9c4f81e270ef77e83c63_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:0fb43c8bc323fb5066209cbd990c260096c331a5eca5a695c9715765cb5fcaef_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:64aefc4a5241b636add963a7ae9c80e89fb6e51c2c70b1340c16c2a396223460_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:95d4dcb17bfe3ba981ce84a27e79e8bad1f0574b7d287316ac885c3a03b47d0b_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:d37298739aa029391da1e24a052d68fb4d42a654493f3f9c0cf5f84894b2a359_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:0adb1f93691c91c098e88d10a5c85bb9c40a86c97ce9da03db4ef046aa729046_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:20f4edc0c5cec375d29a0d1556f57d107da7300bf9fa0bbb79a03241f8103d0e_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:a3eb86fccb73f1177cb8ecc0a2f0c34977a51d2e1dc6f206f7d9abcda51a1950_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:b2e406bf1cdc672d655c6805851b6f511a293f3d44c844663a3bab720c3ceff1_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:609b6f5a0f9f1d86d123414bbf80b79afa50d575c8e9d57845db41b798a32369_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:759c3b2c67e24f134f48628adb4c81bb82a060f57821ece082ba043831f6e730_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:8a14ece050720263b1e66751121324660edae661a27e5401c94082ca5fd2a6aa_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:d96ae13c66493e6e82532abb5aa0ca4e97409539ac3d0f0bb8ad25e9b8b84141_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:76e7acc3f5083d73cbcfdaf4d59790070ef1b77a202242d661540bbefcc92542_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:a8583d0cb70c604bcdf595eac14ce3f25ca4ffd98d0ebb7c38ae9601b3906fee_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:c97f22fa4f3502f16a68d488692ebf7cc048f49b5c56820670f29d5fdaa7d960_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:db050305b80c665ecbd3c205b0acd660487874bfba688bd715e26fb151fd2189_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:47b70eda9d66d5ecf0b503b65401907cd6563b9dc1a72ece63ba7ecdcd08487a_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:6ea72894ba4d2ec772ab6565019f4600234957af802797c650c32516d56ea121_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:7d701a3e0495b98428f1cb072dd1fd655963fa4b4537198d26cd62e3c38fff63_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:dc78fbb014fa97d6ee2b2b32475dc39c7277f132558c7f8b5299b6a85018043a_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:52cb87eb762d0aeb6fc26335f7416bd1975c64ebc55d37914553178627e4325c_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:76e2cca6983c688231e90f11868900ae32fb495032ffdf1a27eaceb34e24d51c_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:bbfc3a0e887427d11018ac789ff75b6d94167f52fbc756749e3d54391d4355bb_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:bc9f9494efef5a03e42db6a0da3d79717420b932d176e66f33885beb47ac1f8b_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption"
},
{
"cve": "CVE-2026-22029",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2026-01-10T04:01:03.694749+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:6010f1e00ada07c0100468bde8ab20c176610f9d8e7498fc26d46960d63c9984_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:9530059a49869e8f1909a7ab06036c7fd36018a14ae2e6f22c5c0c1868eaaf49_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:b1eb4a408936b8cd0863c04fb7fe3a72e875c06d9f5c33dca4c82dd4a05a027f_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:ea9dda951ced7f3641ba5afd651191a75321cb0db5e251f66a510bc6d6f0f090_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:1a9bf49ede874a64c5acbe426e62324b564458e5575db9dd95230a15933e9adc_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:a464a9d46467012d73772656bd5eb81713bcc2d27b461e1083ba5c00548156a8_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:b3cb1d388c9d992b4721a1087e142255583868d0c855f5603d37b67d2c0ed64c_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:d66e556ff0b55bf9a54b45dc26e5175a662be785440db589efe01efa9da30d0e_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:2b20ddec4825b4224839823ce56183cd163491142b9d613f51f5e15859c0bf2f_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:5cf7bb103490cb1b5423c7d02d5b412f9059dca5455770fb0ecae8e1331493d7_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:c9456c7efa795d600500ab1c05e30ac7ce8f83fd571c5d8cfc0d382fcf575d9f_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:d1773b6567bd5ebd6b33e5ff24bafdd17e1d1f4dceb2a93fd4355bad0995b7a9_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:4c30c0f1e5ba711350357dbfb9f5048129a90be5c28011f85116a2fb365c6f4c_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:88c09914c96a5eeea856d8ec05f7c4d7afff9537990a3508073a98de2977e983_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:a2bbd28144d23264473715038172a92b199f6fb0a1b1f3f1cad2c56a3454fe00_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:b1619f86a599f1c386e8b487a1855b6f99a3538a619b55479debce224f541544_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:09ddc268aff8a2e20a6678fe200843c4fc98e9e1d305074c5bbef73760ec15a9_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:3d1a892c3842daea43ff64fa6bfb2276504003de0c8822412bb403e90c783d1b_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:5606d9e6154e3eb20a6c7b94346881ddedb155f54473f0713d67fe4fa0586ac3_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:9e783056352c39529e7315855af6d05cde5b39c009d2e67b9d88fb0210d30ed0_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:140b3b9a9526130a50040e355eb02609e0c38bf9ec0a8d5bcefb31862e2024f7_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:64efc33fe97ef9bcae490ff0ca61717dd48e6b0b0aab417e8ff252250baed576_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:994412dd0b9619d215a17d5ac684b11864f12030a399437247dbfa9f26061e31_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:f6a4ce6ceab1271e0afab9e60f4ef27745c584341ba944fd10e0b4209c8e4650_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:13ef7c6b65ffe6a1b434091830aa08fe539d9befd8e55f3177e486e59fdfc9b5_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:67bbdc696225283b4baa550a402fb03d9999ccd471a62622df1bbf0917ac8f52_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:8b16aa9760ba4402dfef3eac989432a794af7c1c71f3e1127f6077d54cdf244d_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:dad83ae3c921ff7444f8317fbdc165a43f9177b5d0554b08a960d9752ed1dbf8_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:57538de1fa62ef85ff3bcf844e90d44d79bb35bae50b21b2029d5fdcb909520c_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:b0c240f80580258ce2e46a0799839048a13c75ea5f0c1afdeb197f7fa559c2f3_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:b7e8f2fc682eb7ae91bb81b41e2b3e0b11fbabf1399e3013cd1353d3e5503423_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:bb4a9276e2362c620f8db391c796e04e5baedef7e677b58385283ade2cd3210e_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:19521b1b70014a01fa4c7eb5852bd621714246aaa05ea39664357b3ab8f5aae4_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:63056ed45fb5ba627a3cd35d0866d49ebcfa214e1fef12e8005540b656948cbf_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:b590daae5128cf8d3c83fe406a6c293ed496cd75015dd9c04fe8e75677bcf898_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:c6e7572299b082af41e6354ba0c793961b525df3131710da9b7fa1700864e0ee_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:1ca6accd21c73a5e7bf04400e042fd1ee84ff7d18754e50fed5f5dd8f92c1208_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:385376977c96bac3a56120ec859b410f8eb869d61195ceca2ab6b8602ae60f98_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:486133a133b4eb1886bf64ca623ffedf08b1eb102fa9c129614bb9ac711afdad_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:87a79c1d5b549de5dd7295ee7e6051a3d31a3d09b016a4904a2f0f29661468f8_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:205fb68996e4662d1dc53846fe878f3704caaff051e788b9b8c01c653d2d2dd6_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:7c2ec1a251c2bf42c2b90a092e3a1e781b0e6b78894574324f559dc3ce05b918_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:b94388d2168c576294a666ad688c11058a9120a1f82f46b00e17efc7cac8e283_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:e89b050a707bd7ce17b43a72bb9a39a3e587dbadb607b16c52848609b0d6ac13_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:4961180b0cf3005e3b13596a62d00b5417b79db6763ed6499bbdd33ffc5e7d8f_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:8f0a22e65065dd0a0d7603d880ba5204f697cab690d48bec4096ac4dfced34eb_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:c531d7b27a6ab1f33e07badfd713ef3fb2c51be09e2a054654d88e634e74211b_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:c6e080ca0bd427202f59aaa22ebbe6c0e605ea826a39a7ae6d31830847a2abb4_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:657056516c00fda9f925f3a49cb77fbee15bd85744da16eb30fc6d5b50f19cb5_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:8427851fc9e645146de5aa8f1fbc1b43ae774d4373f3523b5236eae17d54976c_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:91eb2632f9174d001ccdd904a6b0ee2aa08e31b784fb7854d6e00ef5537797f2_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:ceacd9e28ebf4e2b8be2915703fcb47739098a1ef0eb47cfd5165ab09ae5f11f_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:4909fc1686e26c789c42426b51718ef756c595b25ba7bb372f80cbe76cd81e50_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:647960dd990e5d4b7203450392a03d5e395de52b9a09b7488897f76f9ec16ac3_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:98ef84a6f8d90cb09113e6a3431fa00c5910ab5ba9e8263e22f7c2fc39443c20_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:f4ec8416deebe2f69231a2d137e05f0b244216826e1c029ff751d46cea8e0e09_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:34b737d8960e90357006419682b8b28f10d30cec8ae8ddfbdc7805cddb0ae120_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:65595440f3d1b49881d658d7fbfc3e48805a010e8b4808a0c113b25725b6d5df_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:755cea404ea13004e6d142985f6c7607d3d87daec4db4861bd06b6cbbeb62047_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:a67877772626c15a61c0c84009c7a4aed49e352d08d1fb518325a5190975cee6_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:38fc5ff2e94071852aaeafe98394ad26a15384046a3979e731e074c131b0e89c_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:49bc55113a9e69d0555440dab3b73c436fa9c7032f1d22e5cfdb592f5a78bd62_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:75f3f3856b19e3169e534f148048fa0ff34974523723850da22fa982c6771165_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:ba7d02e77d8dd52dd61425b27b400e0b3b2db16a82addb444bf12ec6d30a3364_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:4a78df0a94677a0eefa21b58a9ce4e277f02ae73b62def3c67ff530a352e3f6c_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:656d328dab901a6c91acd23695d857c74e513b03424dac9070b013786b5b15d7_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:9b4d478ea1b8f678154eae25a63fa4c5efaf6c6d2af26200bb5fd5d24288c2ce_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:bdb1cb4d3ed7e091b2241e5e279a8b327d3710396597e215b718a677f96878ed_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:3a178a67d25889f7999f738077ed6a9247a77b9507aa7a05921fcff60b9d2636_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:3f0158b470e1cd9a76d28d7d3840e722548900b045e23bdd110c0eefae987249_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:49d9b1b412dc6adada0336e6fa9088e732b67a77baa77e802d44d36a31b7b675_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:65872b0324e907feaa4e7f2851d29d35306549ce35005259eaf6cb1f560c7a06_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:7aafa8c6604fab9ddd9d7e01ce2e32dac0496f3ffe0468aaefca10aba3a02d7f_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:a50ba0fa8810e141d7e0fa31e6f5387c9335ed8fc83f95c4293be0212f15e658_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:baa6d9bc58f4d70b7207688bd743e940b51a1d677b3ae357e8b81cb739e2790c_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:cdbcc2e47b1e2846b1d847bdf1a2e8972e1bcd5a55756feb15def6c20812f0ef_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:13c46cc94f63978ae9aad5e5a8e28f05602a165eb264f5d3a36af7b320f40030_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:9e9170e5f4303bb0d664e875656971a359f42100ffcad76cf895db0bee84cb19_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:c8939d68dc4dea211e4aadef72d92cc4be2650407581f807241ccda0bb8960fc_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:e24ccd1d29f5d3019c0b64f8ef9bdcb235eb9555e67d625c06339865727fdd92_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:101d95caac7754e2a52d604b5458c1e37f243baa00f63270cbed87eb1b070057_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:17996ed18a7c5946d45802bf31f8a5075c6080f8e5340334d21764f6bd946454_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:42cd33038c6dc4f5f60ad6d62a29a3446fe69c632238614005cc2d9ed1d65902_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:a16813a750131e825a9cae498bbcfd6b377f6762e08e8743ef06f4eb06a7297c_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:65d3d04cada5750601d2372642d14e64320cee7b8a5286e11fdd477ba8b5e7ba_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:7e83ecbd9f40272e5359826761a2b6d9f48a299d99ffa245e4343d2a5526b289_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:92c0a5ad9e0f0825cf06b1ffdd753180b60b553a55675b327b34146081c41ae6_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b388e4e313a3e2b766a443b14a7c932ae6aa0b2aa1e39c450c34ec3cb540074d_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:2389723dc391b58f2b78a873d7b3ce061835dd0851806c0ac1807f1a5fdb1ccf_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:2d4c85b612c10c09608c6a54cd9e55487439a30635938e018ea66f3562d5995b_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:30b9c14e2c64f979c5775c331b264223075f8aa29199c9bdbb2365480553a061_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:853563cd50f8782fbd516fa1d4154593e421757677cd1fdbbf32cd8cb6231a99_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:03d39fb027b3d3db514d944e1911266e99b0fb5671cefa7287dc898aa0116ed9_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:15409fb17ca0e206d33b2819c8459e2ef609cb34ec0f4debd786bb2c8c4162f6_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:d44f4a854122aad1cf7bd4e5611ee36557a86331cb687236401237858f1150f6_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:fa649457709bd0d8098b928dc8ff1813169c7abc82af9c4f81e270ef77e83c63_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:0fb43c8bc323fb5066209cbd990c260096c331a5eca5a695c9715765cb5fcaef_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:64aefc4a5241b636add963a7ae9c80e89fb6e51c2c70b1340c16c2a396223460_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:95d4dcb17bfe3ba981ce84a27e79e8bad1f0574b7d287316ac885c3a03b47d0b_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:d37298739aa029391da1e24a052d68fb4d42a654493f3f9c0cf5f84894b2a359_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:0adb1f93691c91c098e88d10a5c85bb9c40a86c97ce9da03db4ef046aa729046_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:20f4edc0c5cec375d29a0d1556f57d107da7300bf9fa0bbb79a03241f8103d0e_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:a3eb86fccb73f1177cb8ecc0a2f0c34977a51d2e1dc6f206f7d9abcda51a1950_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:b2e406bf1cdc672d655c6805851b6f511a293f3d44c844663a3bab720c3ceff1_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:609b6f5a0f9f1d86d123414bbf80b79afa50d575c8e9d57845db41b798a32369_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:759c3b2c67e24f134f48628adb4c81bb82a060f57821ece082ba043831f6e730_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:8a14ece050720263b1e66751121324660edae661a27e5401c94082ca5fd2a6aa_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:d96ae13c66493e6e82532abb5aa0ca4e97409539ac3d0f0bb8ad25e9b8b84141_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:76e7acc3f5083d73cbcfdaf4d59790070ef1b77a202242d661540bbefcc92542_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:a8583d0cb70c604bcdf595eac14ce3f25ca4ffd98d0ebb7c38ae9601b3906fee_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:c97f22fa4f3502f16a68d488692ebf7cc048f49b5c56820670f29d5fdaa7d960_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:db050305b80c665ecbd3c205b0acd660487874bfba688bd715e26fb151fd2189_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:47b70eda9d66d5ecf0b503b65401907cd6563b9dc1a72ece63ba7ecdcd08487a_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:6ea72894ba4d2ec772ab6565019f4600234957af802797c650c32516d56ea121_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:7d701a3e0495b98428f1cb072dd1fd655963fa4b4537198d26cd62e3c38fff63_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:dc78fbb014fa97d6ee2b2b32475dc39c7277f132558c7f8b5299b6a85018043a_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:52cb87eb762d0aeb6fc26335f7416bd1975c64ebc55d37914553178627e4325c_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:76e2cca6983c688231e90f11868900ae32fb495032ffdf1a27eaceb34e24d51c_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:bbfc3a0e887427d11018ac789ff75b6d94167f52fbc756749e3d54391d4355bb_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:bc9f9494efef5a03e42db6a0da3d79717420b932d176e66f33885beb47ac1f8b_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2428412"
}
],
"notes": [
{
"category": "description",
"text": "A cross site scripting flaw has been discovered in the npm react-router and @remix-run/router packages. React Router (and Remix v1/v2) SPA open navigation redirects originating from loaders or actions in Framework Mode, Data Mode, or the unstable RSC modes can result in unsafe URLs causing unintended javascript execution on the client. This is only an issue if you are creating redirect paths from untrusted content or via an open redirect.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "@remix-run/router: react-router: React Router vulnerable to XSS via Open Redirects",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:10710f43daa6a7596580e2251a4ce78b9f5f129b69ae86b830fac2ced267dc53_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:5028095ad4062ba947075e6c1064c6cae11a3a7495bd5ed93a2dd47fa08abf7f_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:73343845c72dea40bfa36649b13d1d241f0190aa7b4d4e05952b43710ef8de42_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:b683c66057d65b6ca4360a31811944b4083de6b6294cf09a1c841a4498cbfd0e_amd64"
],
"known_not_affected": [
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:6010f1e00ada07c0100468bde8ab20c176610f9d8e7498fc26d46960d63c9984_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:9530059a49869e8f1909a7ab06036c7fd36018a14ae2e6f22c5c0c1868eaaf49_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:b1eb4a408936b8cd0863c04fb7fe3a72e875c06d9f5c33dca4c82dd4a05a027f_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:ea9dda951ced7f3641ba5afd651191a75321cb0db5e251f66a510bc6d6f0f090_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:1a9bf49ede874a64c5acbe426e62324b564458e5575db9dd95230a15933e9adc_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:a464a9d46467012d73772656bd5eb81713bcc2d27b461e1083ba5c00548156a8_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:b3cb1d388c9d992b4721a1087e142255583868d0c855f5603d37b67d2c0ed64c_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:d66e556ff0b55bf9a54b45dc26e5175a662be785440db589efe01efa9da30d0e_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:2b20ddec4825b4224839823ce56183cd163491142b9d613f51f5e15859c0bf2f_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:5cf7bb103490cb1b5423c7d02d5b412f9059dca5455770fb0ecae8e1331493d7_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:c9456c7efa795d600500ab1c05e30ac7ce8f83fd571c5d8cfc0d382fcf575d9f_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:d1773b6567bd5ebd6b33e5ff24bafdd17e1d1f4dceb2a93fd4355bad0995b7a9_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:4c30c0f1e5ba711350357dbfb9f5048129a90be5c28011f85116a2fb365c6f4c_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:88c09914c96a5eeea856d8ec05f7c4d7afff9537990a3508073a98de2977e983_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:a2bbd28144d23264473715038172a92b199f6fb0a1b1f3f1cad2c56a3454fe00_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:b1619f86a599f1c386e8b487a1855b6f99a3538a619b55479debce224f541544_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:09ddc268aff8a2e20a6678fe200843c4fc98e9e1d305074c5bbef73760ec15a9_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:3d1a892c3842daea43ff64fa6bfb2276504003de0c8822412bb403e90c783d1b_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:5606d9e6154e3eb20a6c7b94346881ddedb155f54473f0713d67fe4fa0586ac3_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:9e783056352c39529e7315855af6d05cde5b39c009d2e67b9d88fb0210d30ed0_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:140b3b9a9526130a50040e355eb02609e0c38bf9ec0a8d5bcefb31862e2024f7_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:64efc33fe97ef9bcae490ff0ca61717dd48e6b0b0aab417e8ff252250baed576_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:994412dd0b9619d215a17d5ac684b11864f12030a399437247dbfa9f26061e31_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:f6a4ce6ceab1271e0afab9e60f4ef27745c584341ba944fd10e0b4209c8e4650_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:13ef7c6b65ffe6a1b434091830aa08fe539d9befd8e55f3177e486e59fdfc9b5_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:67bbdc696225283b4baa550a402fb03d9999ccd471a62622df1bbf0917ac8f52_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:8b16aa9760ba4402dfef3eac989432a794af7c1c71f3e1127f6077d54cdf244d_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:dad83ae3c921ff7444f8317fbdc165a43f9177b5d0554b08a960d9752ed1dbf8_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:57538de1fa62ef85ff3bcf844e90d44d79bb35bae50b21b2029d5fdcb909520c_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:b0c240f80580258ce2e46a0799839048a13c75ea5f0c1afdeb197f7fa559c2f3_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:b7e8f2fc682eb7ae91bb81b41e2b3e0b11fbabf1399e3013cd1353d3e5503423_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:bb4a9276e2362c620f8db391c796e04e5baedef7e677b58385283ade2cd3210e_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:19521b1b70014a01fa4c7eb5852bd621714246aaa05ea39664357b3ab8f5aae4_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:63056ed45fb5ba627a3cd35d0866d49ebcfa214e1fef12e8005540b656948cbf_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:b590daae5128cf8d3c83fe406a6c293ed496cd75015dd9c04fe8e75677bcf898_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:c6e7572299b082af41e6354ba0c793961b525df3131710da9b7fa1700864e0ee_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:1ca6accd21c73a5e7bf04400e042fd1ee84ff7d18754e50fed5f5dd8f92c1208_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:385376977c96bac3a56120ec859b410f8eb869d61195ceca2ab6b8602ae60f98_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:486133a133b4eb1886bf64ca623ffedf08b1eb102fa9c129614bb9ac711afdad_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:87a79c1d5b549de5dd7295ee7e6051a3d31a3d09b016a4904a2f0f29661468f8_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:205fb68996e4662d1dc53846fe878f3704caaff051e788b9b8c01c653d2d2dd6_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:7c2ec1a251c2bf42c2b90a092e3a1e781b0e6b78894574324f559dc3ce05b918_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:b94388d2168c576294a666ad688c11058a9120a1f82f46b00e17efc7cac8e283_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:e89b050a707bd7ce17b43a72bb9a39a3e587dbadb607b16c52848609b0d6ac13_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:4961180b0cf3005e3b13596a62d00b5417b79db6763ed6499bbdd33ffc5e7d8f_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:8f0a22e65065dd0a0d7603d880ba5204f697cab690d48bec4096ac4dfced34eb_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:c531d7b27a6ab1f33e07badfd713ef3fb2c51be09e2a054654d88e634e74211b_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:c6e080ca0bd427202f59aaa22ebbe6c0e605ea826a39a7ae6d31830847a2abb4_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:657056516c00fda9f925f3a49cb77fbee15bd85744da16eb30fc6d5b50f19cb5_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:8427851fc9e645146de5aa8f1fbc1b43ae774d4373f3523b5236eae17d54976c_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:91eb2632f9174d001ccdd904a6b0ee2aa08e31b784fb7854d6e00ef5537797f2_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:ceacd9e28ebf4e2b8be2915703fcb47739098a1ef0eb47cfd5165ab09ae5f11f_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:4909fc1686e26c789c42426b51718ef756c595b25ba7bb372f80cbe76cd81e50_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:647960dd990e5d4b7203450392a03d5e395de52b9a09b7488897f76f9ec16ac3_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:98ef84a6f8d90cb09113e6a3431fa00c5910ab5ba9e8263e22f7c2fc39443c20_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:f4ec8416deebe2f69231a2d137e05f0b244216826e1c029ff751d46cea8e0e09_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:34b737d8960e90357006419682b8b28f10d30cec8ae8ddfbdc7805cddb0ae120_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:65595440f3d1b49881d658d7fbfc3e48805a010e8b4808a0c113b25725b6d5df_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:755cea404ea13004e6d142985f6c7607d3d87daec4db4861bd06b6cbbeb62047_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:a67877772626c15a61c0c84009c7a4aed49e352d08d1fb518325a5190975cee6_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:38fc5ff2e94071852aaeafe98394ad26a15384046a3979e731e074c131b0e89c_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:49bc55113a9e69d0555440dab3b73c436fa9c7032f1d22e5cfdb592f5a78bd62_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:75f3f3856b19e3169e534f148048fa0ff34974523723850da22fa982c6771165_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:ba7d02e77d8dd52dd61425b27b400e0b3b2db16a82addb444bf12ec6d30a3364_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:4a78df0a94677a0eefa21b58a9ce4e277f02ae73b62def3c67ff530a352e3f6c_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:656d328dab901a6c91acd23695d857c74e513b03424dac9070b013786b5b15d7_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:9b4d478ea1b8f678154eae25a63fa4c5efaf6c6d2af26200bb5fd5d24288c2ce_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:bdb1cb4d3ed7e091b2241e5e279a8b327d3710396597e215b718a677f96878ed_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:3a178a67d25889f7999f738077ed6a9247a77b9507aa7a05921fcff60b9d2636_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:3f0158b470e1cd9a76d28d7d3840e722548900b045e23bdd110c0eefae987249_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:49d9b1b412dc6adada0336e6fa9088e732b67a77baa77e802d44d36a31b7b675_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:65872b0324e907feaa4e7f2851d29d35306549ce35005259eaf6cb1f560c7a06_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:7aafa8c6604fab9ddd9d7e01ce2e32dac0496f3ffe0468aaefca10aba3a02d7f_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:a50ba0fa8810e141d7e0fa31e6f5387c9335ed8fc83f95c4293be0212f15e658_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:baa6d9bc58f4d70b7207688bd743e940b51a1d677b3ae357e8b81cb739e2790c_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:cdbcc2e47b1e2846b1d847bdf1a2e8972e1bcd5a55756feb15def6c20812f0ef_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:13c46cc94f63978ae9aad5e5a8e28f05602a165eb264f5d3a36af7b320f40030_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:9e9170e5f4303bb0d664e875656971a359f42100ffcad76cf895db0bee84cb19_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:c8939d68dc4dea211e4aadef72d92cc4be2650407581f807241ccda0bb8960fc_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:e24ccd1d29f5d3019c0b64f8ef9bdcb235eb9555e67d625c06339865727fdd92_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:101d95caac7754e2a52d604b5458c1e37f243baa00f63270cbed87eb1b070057_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:17996ed18a7c5946d45802bf31f8a5075c6080f8e5340334d21764f6bd946454_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:42cd33038c6dc4f5f60ad6d62a29a3446fe69c632238614005cc2d9ed1d65902_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:a16813a750131e825a9cae498bbcfd6b377f6762e08e8743ef06f4eb06a7297c_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:65d3d04cada5750601d2372642d14e64320cee7b8a5286e11fdd477ba8b5e7ba_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:7e83ecbd9f40272e5359826761a2b6d9f48a299d99ffa245e4343d2a5526b289_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:92c0a5ad9e0f0825cf06b1ffdd753180b60b553a55675b327b34146081c41ae6_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b388e4e313a3e2b766a443b14a7c932ae6aa0b2aa1e39c450c34ec3cb540074d_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:2389723dc391b58f2b78a873d7b3ce061835dd0851806c0ac1807f1a5fdb1ccf_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:2d4c85b612c10c09608c6a54cd9e55487439a30635938e018ea66f3562d5995b_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:30b9c14e2c64f979c5775c331b264223075f8aa29199c9bdbb2365480553a061_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:853563cd50f8782fbd516fa1d4154593e421757677cd1fdbbf32cd8cb6231a99_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:03d39fb027b3d3db514d944e1911266e99b0fb5671cefa7287dc898aa0116ed9_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:15409fb17ca0e206d33b2819c8459e2ef609cb34ec0f4debd786bb2c8c4162f6_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:d44f4a854122aad1cf7bd4e5611ee36557a86331cb687236401237858f1150f6_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:fa649457709bd0d8098b928dc8ff1813169c7abc82af9c4f81e270ef77e83c63_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:0fb43c8bc323fb5066209cbd990c260096c331a5eca5a695c9715765cb5fcaef_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:64aefc4a5241b636add963a7ae9c80e89fb6e51c2c70b1340c16c2a396223460_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:95d4dcb17bfe3ba981ce84a27e79e8bad1f0574b7d287316ac885c3a03b47d0b_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:d37298739aa029391da1e24a052d68fb4d42a654493f3f9c0cf5f84894b2a359_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:0adb1f93691c91c098e88d10a5c85bb9c40a86c97ce9da03db4ef046aa729046_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:20f4edc0c5cec375d29a0d1556f57d107da7300bf9fa0bbb79a03241f8103d0e_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:a3eb86fccb73f1177cb8ecc0a2f0c34977a51d2e1dc6f206f7d9abcda51a1950_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:b2e406bf1cdc672d655c6805851b6f511a293f3d44c844663a3bab720c3ceff1_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:609b6f5a0f9f1d86d123414bbf80b79afa50d575c8e9d57845db41b798a32369_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:759c3b2c67e24f134f48628adb4c81bb82a060f57821ece082ba043831f6e730_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:8a14ece050720263b1e66751121324660edae661a27e5401c94082ca5fd2a6aa_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:d96ae13c66493e6e82532abb5aa0ca4e97409539ac3d0f0bb8ad25e9b8b84141_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:76e7acc3f5083d73cbcfdaf4d59790070ef1b77a202242d661540bbefcc92542_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:a8583d0cb70c604bcdf595eac14ce3f25ca4ffd98d0ebb7c38ae9601b3906fee_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:c97f22fa4f3502f16a68d488692ebf7cc048f49b5c56820670f29d5fdaa7d960_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:db050305b80c665ecbd3c205b0acd660487874bfba688bd715e26fb151fd2189_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:47b70eda9d66d5ecf0b503b65401907cd6563b9dc1a72ece63ba7ecdcd08487a_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:6ea72894ba4d2ec772ab6565019f4600234957af802797c650c32516d56ea121_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:7d701a3e0495b98428f1cb072dd1fd655963fa4b4537198d26cd62e3c38fff63_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:dc78fbb014fa97d6ee2b2b32475dc39c7277f132558c7f8b5299b6a85018043a_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:52cb87eb762d0aeb6fc26335f7416bd1975c64ebc55d37914553178627e4325c_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:76e2cca6983c688231e90f11868900ae32fb495032ffdf1a27eaceb34e24d51c_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:bbfc3a0e887427d11018ac789ff75b6d94167f52fbc756749e3d54391d4355bb_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:bc9f9494efef5a03e42db6a0da3d79717420b932d176e66f33885beb47ac1f8b_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-22029"
},
{
"category": "external",
"summary": "RHBZ#2428412",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2428412"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-22029",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22029"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-22029",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22029"
},
{
"category": "external",
"summary": "https://github.com/remix-run/react-router/security/advisories/GHSA-2w69-qvjg-hvjx",
"url": "https://github.com/remix-run/react-router/security/advisories/GHSA-2w69-qvjg-hvjx"
}
],
"release_date": "2026-01-10T02:42:32.736000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-05-04T16:50:36+00:00",
"details": "For multicluster engine for Kubernetes, see the following documentation for\ndetails on how to install the images:\n\nhttps://access.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.15/html/clusters/cluster_mce_overview#mce-install-intro",
"product_ids": [
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:10710f43daa6a7596580e2251a4ce78b9f5f129b69ae86b830fac2ced267dc53_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:5028095ad4062ba947075e6c1064c6cae11a3a7495bd5ed93a2dd47fa08abf7f_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:73343845c72dea40bfa36649b13d1d241f0190aa7b4d4e05952b43710ef8de42_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:b683c66057d65b6ca4360a31811944b4083de6b6294cf09a1c841a4498cbfd0e_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:13542"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:6010f1e00ada07c0100468bde8ab20c176610f9d8e7498fc26d46960d63c9984_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:9530059a49869e8f1909a7ab06036c7fd36018a14ae2e6f22c5c0c1868eaaf49_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:b1eb4a408936b8cd0863c04fb7fe3a72e875c06d9f5c33dca4c82dd4a05a027f_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:ea9dda951ced7f3641ba5afd651191a75321cb0db5e251f66a510bc6d6f0f090_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:1a9bf49ede874a64c5acbe426e62324b564458e5575db9dd95230a15933e9adc_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:a464a9d46467012d73772656bd5eb81713bcc2d27b461e1083ba5c00548156a8_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:b3cb1d388c9d992b4721a1087e142255583868d0c855f5603d37b67d2c0ed64c_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:d66e556ff0b55bf9a54b45dc26e5175a662be785440db589efe01efa9da30d0e_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:2b20ddec4825b4224839823ce56183cd163491142b9d613f51f5e15859c0bf2f_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:5cf7bb103490cb1b5423c7d02d5b412f9059dca5455770fb0ecae8e1331493d7_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:c9456c7efa795d600500ab1c05e30ac7ce8f83fd571c5d8cfc0d382fcf575d9f_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:d1773b6567bd5ebd6b33e5ff24bafdd17e1d1f4dceb2a93fd4355bad0995b7a9_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:4c30c0f1e5ba711350357dbfb9f5048129a90be5c28011f85116a2fb365c6f4c_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:88c09914c96a5eeea856d8ec05f7c4d7afff9537990a3508073a98de2977e983_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:a2bbd28144d23264473715038172a92b199f6fb0a1b1f3f1cad2c56a3454fe00_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:b1619f86a599f1c386e8b487a1855b6f99a3538a619b55479debce224f541544_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:09ddc268aff8a2e20a6678fe200843c4fc98e9e1d305074c5bbef73760ec15a9_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:3d1a892c3842daea43ff64fa6bfb2276504003de0c8822412bb403e90c783d1b_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:5606d9e6154e3eb20a6c7b94346881ddedb155f54473f0713d67fe4fa0586ac3_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:9e783056352c39529e7315855af6d05cde5b39c009d2e67b9d88fb0210d30ed0_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:140b3b9a9526130a50040e355eb02609e0c38bf9ec0a8d5bcefb31862e2024f7_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:64efc33fe97ef9bcae490ff0ca61717dd48e6b0b0aab417e8ff252250baed576_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:994412dd0b9619d215a17d5ac684b11864f12030a399437247dbfa9f26061e31_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-aws-rhel9@sha256:f6a4ce6ceab1271e0afab9e60f4ef27745c584341ba944fd10e0b4209c8e4650_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:13ef7c6b65ffe6a1b434091830aa08fe539d9befd8e55f3177e486e59fdfc9b5_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:67bbdc696225283b4baa550a402fb03d9999ccd471a62622df1bbf0917ac8f52_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:8b16aa9760ba4402dfef3eac989432a794af7c1c71f3e1127f6077d54cdf244d_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-kubevirt-rhel9@sha256:dad83ae3c921ff7444f8317fbdc165a43f9177b5d0554b08a960d9752ed1dbf8_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:57538de1fa62ef85ff3bcf844e90d44d79bb35bae50b21b2029d5fdcb909520c_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:b0c240f80580258ce2e46a0799839048a13c75ea5f0c1afdeb197f7fa559c2f3_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:b7e8f2fc682eb7ae91bb81b41e2b3e0b11fbabf1399e3013cd1353d3e5503423_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-curator-controller-rhel9@sha256:bb4a9276e2362c620f8db391c796e04e5baedef7e677b58385283ade2cd3210e_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:19521b1b70014a01fa4c7eb5852bd621714246aaa05ea39664357b3ab8f5aae4_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:63056ed45fb5ba627a3cd35d0866d49ebcfa214e1fef12e8005540b656948cbf_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:b590daae5128cf8d3c83fe406a6c293ed496cd75015dd9c04fe8e75677bcf898_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-image-set-controller-rhel9@sha256:c6e7572299b082af41e6354ba0c793961b525df3131710da9b7fa1700864e0ee_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:1ca6accd21c73a5e7bf04400e042fd1ee84ff7d18754e50fed5f5dd8f92c1208_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:385376977c96bac3a56120ec859b410f8eb869d61195ceca2ab6b8602ae60f98_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:486133a133b4eb1886bf64ca623ffedf08b1eb102fa9c129614bb9ac711afdad_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-addon-rhel9@sha256:87a79c1d5b549de5dd7295ee7e6051a3d31a3d09b016a4904a2f0f29661468f8_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:205fb68996e4662d1dc53846fe878f3704caaff051e788b9b8c01c653d2d2dd6_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:7c2ec1a251c2bf42c2b90a092e3a1e781b0e6b78894574324f559dc3ce05b918_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:b94388d2168c576294a666ad688c11058a9120a1f82f46b00e17efc7cac8e283_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-proxy-rhel9@sha256:e89b050a707bd7ce17b43a72bb9a39a3e587dbadb607b16c52848609b0d6ac13_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:4961180b0cf3005e3b13596a62d00b5417b79db6763ed6499bbdd33ffc5e7d8f_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:8f0a22e65065dd0a0d7603d880ba5204f697cab690d48bec4096ac4dfced34eb_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:c531d7b27a6ab1f33e07badfd713ef3fb2c51be09e2a054654d88e634e74211b_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterclaims-controller-rhel9@sha256:c6e080ca0bd427202f59aaa22ebbe6c0e605ea826a39a7ae6d31830847a2abb4_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:657056516c00fda9f925f3a49cb77fbee15bd85744da16eb30fc6d5b50f19cb5_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:8427851fc9e645146de5aa8f1fbc1b43ae774d4373f3523b5236eae17d54976c_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:91eb2632f9174d001ccdd904a6b0ee2aa08e31b784fb7854d6e00ef5537797f2_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/clusterlifecycle-state-metrics-rhel9@sha256:ceacd9e28ebf4e2b8be2915703fcb47739098a1ef0eb47cfd5165ab09ae5f11f_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:10710f43daa6a7596580e2251a4ce78b9f5f129b69ae86b830fac2ced267dc53_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:5028095ad4062ba947075e6c1064c6cae11a3a7495bd5ed93a2dd47fa08abf7f_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:73343845c72dea40bfa36649b13d1d241f0190aa7b4d4e05952b43710ef8de42_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/console-mce-rhel9@sha256:b683c66057d65b6ca4360a31811944b4083de6b6294cf09a1c841a4498cbfd0e_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:4909fc1686e26c789c42426b51718ef756c595b25ba7bb372f80cbe76cd81e50_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:647960dd990e5d4b7203450392a03d5e395de52b9a09b7488897f76f9ec16ac3_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:98ef84a6f8d90cb09113e6a3431fa00c5910ab5ba9e8263e22f7c2fc39443c20_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/discovery-rhel9@sha256:f4ec8416deebe2f69231a2d137e05f0b244216826e1c029ff751d46cea8e0e09_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:34b737d8960e90357006419682b8b28f10d30cec8ae8ddfbdc7805cddb0ae120_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:65595440f3d1b49881d658d7fbfc3e48805a010e8b4808a0c113b25725b6d5df_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:755cea404ea13004e6d142985f6c7607d3d87daec4db4861bd06b6cbbeb62047_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hive-rhel9@sha256:a67877772626c15a61c0c84009c7a4aed49e352d08d1fb518325a5190975cee6_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:38fc5ff2e94071852aaeafe98394ad26a15384046a3979e731e074c131b0e89c_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:49bc55113a9e69d0555440dab3b73c436fa9c7032f1d22e5cfdb592f5a78bd62_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:75f3f3856b19e3169e534f148048fa0ff34974523723850da22fa982c6771165_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-addon-rhel9-operator@sha256:ba7d02e77d8dd52dd61425b27b400e0b3b2db16a82addb444bf12ec6d30a3364_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:4a78df0a94677a0eefa21b58a9ce4e277f02ae73b62def3c67ff530a352e3f6c_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:656d328dab901a6c91acd23695d857c74e513b03424dac9070b013786b5b15d7_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:9b4d478ea1b8f678154eae25a63fa4c5efaf6c6d2af26200bb5fd5d24288c2ce_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-cli-rhel9@sha256:bdb1cb4d3ed7e091b2241e5e279a8b327d3710396597e215b718a677f96878ed_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:3a178a67d25889f7999f738077ed6a9247a77b9507aa7a05921fcff60b9d2636_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:3f0158b470e1cd9a76d28d7d3840e722548900b045e23bdd110c0eefae987249_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:49d9b1b412dc6adada0336e6fa9088e732b67a77baa77e802d44d36a31b7b675_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/hypershift-rhel9-operator@sha256:65872b0324e907feaa4e7f2851d29d35306549ce35005259eaf6cb1f560c7a06_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:7aafa8c6604fab9ddd9d7e01ce2e32dac0496f3ffe0468aaefca10aba3a02d7f_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:a50ba0fa8810e141d7e0fa31e6f5387c9335ed8fc83f95c4293be0212f15e658_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:baa6d9bc58f4d70b7207688bd743e940b51a1d677b3ae357e8b81cb739e2790c_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/image-based-install-rhel9@sha256:cdbcc2e47b1e2846b1d847bdf1a2e8972e1bcd5a55756feb15def6c20812f0ef_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:13c46cc94f63978ae9aad5e5a8e28f05602a165eb264f5d3a36af7b320f40030_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:9e9170e5f4303bb0d664e875656971a359f42100ffcad76cf895db0bee84cb19_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:c8939d68dc4dea211e4aadef72d92cc4be2650407581f807241ccda0bb8960fc_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/kube-rbac-proxy-mce-rhel9@sha256:e24ccd1d29f5d3019c0b64f8ef9bdcb235eb9555e67d625c06339865727fdd92_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:101d95caac7754e2a52d604b5458c1e37f243baa00f63270cbed87eb1b070057_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:17996ed18a7c5946d45802bf31f8a5075c6080f8e5340334d21764f6bd946454_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:42cd33038c6dc4f5f60ad6d62a29a3446fe69c632238614005cc2d9ed1d65902_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managed-serviceaccount-rhel9@sha256:a16813a750131e825a9cae498bbcfd6b377f6762e08e8743ef06f4eb06a7297c_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:65d3d04cada5750601d2372642d14e64320cee7b8a5286e11fdd477ba8b5e7ba_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:7e83ecbd9f40272e5359826761a2b6d9f48a299d99ffa245e4343d2a5526b289_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:92c0a5ad9e0f0825cf06b1ffdd753180b60b553a55675b327b34146081c41ae6_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/managedcluster-import-controller-rhel9@sha256:b388e4e313a3e2b766a443b14a7c932ae6aa0b2aa1e39c450c34ec3cb540074d_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:2389723dc391b58f2b78a873d7b3ce061835dd0851806c0ac1807f1a5fdb1ccf_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:2d4c85b612c10c09608c6a54cd9e55487439a30635938e018ea66f3562d5995b_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:30b9c14e2c64f979c5775c331b264223075f8aa29199c9bdbb2365480553a061_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/mce-capi-webhook-config-rhel9@sha256:853563cd50f8782fbd516fa1d4154593e421757677cd1fdbbf32cd8cb6231a99_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:03d39fb027b3d3db514d944e1911266e99b0fb5671cefa7287dc898aa0116ed9_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:15409fb17ca0e206d33b2819c8459e2ef609cb34ec0f4debd786bb2c8c4162f6_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:d44f4a854122aad1cf7bd4e5611ee36557a86331cb687236401237858f1150f6_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/multicloud-manager-rhel9@sha256:fa649457709bd0d8098b928dc8ff1813169c7abc82af9c4f81e270ef77e83c63_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:0fb43c8bc323fb5066209cbd990c260096c331a5eca5a695c9715765cb5fcaef_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:64aefc4a5241b636add963a7ae9c80e89fb6e51c2c70b1340c16c2a396223460_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:95d4dcb17bfe3ba981ce84a27e79e8bad1f0574b7d287316ac885c3a03b47d0b_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/must-gather-rhel9@sha256:d37298739aa029391da1e24a052d68fb4d42a654493f3f9c0cf5f84894b2a359_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:0adb1f93691c91c098e88d10a5c85bb9c40a86c97ce9da03db4ef046aa729046_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:20f4edc0c5cec375d29a0d1556f57d107da7300bf9fa0bbb79a03241f8103d0e_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:a3eb86fccb73f1177cb8ecc0a2f0c34977a51d2e1dc6f206f7d9abcda51a1950_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/placement-rhel9@sha256:b2e406bf1cdc672d655c6805851b6f511a293f3d44c844663a3bab720c3ceff1_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:609b6f5a0f9f1d86d123414bbf80b79afa50d575c8e9d57845db41b798a32369_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:759c3b2c67e24f134f48628adb4c81bb82a060f57821ece082ba043831f6e730_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:8a14ece050720263b1e66751121324660edae661a27e5401c94082ca5fd2a6aa_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/provider-credential-controller-rhel9@sha256:d96ae13c66493e6e82532abb5aa0ca4e97409539ac3d0f0bb8ad25e9b8b84141_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:76e7acc3f5083d73cbcfdaf4d59790070ef1b77a202242d661540bbefcc92542_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:a8583d0cb70c604bcdf595eac14ce3f25ca4ffd98d0ebb7c38ae9601b3906fee_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:c97f22fa4f3502f16a68d488692ebf7cc048f49b5c56820670f29d5fdaa7d960_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-operator-rhel9@sha256:db050305b80c665ecbd3c205b0acd660487874bfba688bd715e26fb151fd2189_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:47b70eda9d66d5ecf0b503b65401907cd6563b9dc1a72ece63ba7ecdcd08487a_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:6ea72894ba4d2ec772ab6565019f4600234957af802797c650c32516d56ea121_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:7d701a3e0495b98428f1cb072dd1fd655963fa4b4537198d26cd62e3c38fff63_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/registration-rhel9@sha256:dc78fbb014fa97d6ee2b2b32475dc39c7277f132558c7f8b5299b6a85018043a_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:52cb87eb762d0aeb6fc26335f7416bd1975c64ebc55d37914553178627e4325c_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:76e2cca6983c688231e90f11868900ae32fb495032ffdf1a27eaceb34e24d51c_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:bbfc3a0e887427d11018ac789ff75b6d94167f52fbc756749e3d54391d4355bb_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/work-rhel9@sha256:bc9f9494efef5a03e42db6a0da3d79717420b932d176e66f33885beb47ac1f8b_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:6010f1e00ada07c0100468bde8ab20c176610f9d8e7498fc26d46960d63c9984_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:9530059a49869e8f1909a7ab06036c7fd36018a14ae2e6f22c5c0c1868eaaf49_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:b1eb4a408936b8cd0863c04fb7fe3a72e875c06d9f5c33dca4c82dd4a05a027f_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/addon-manager-rhel9@sha256:ea9dda951ced7f3641ba5afd651191a75321cb0db5e251f66a510bc6d6f0f090_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:1a9bf49ede874a64c5acbe426e62324b564458e5575db9dd95230a15933e9adc_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:a464a9d46467012d73772656bd5eb81713bcc2d27b461e1083ba5c00548156a8_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:b3cb1d388c9d992b4721a1087e142255583868d0c855f5603d37b67d2c0ed64c_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/backplane-rhel9-operator@sha256:d66e556ff0b55bf9a54b45dc26e5175a662be785440db589efe01efa9da30d0e_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:2b20ddec4825b4224839823ce56183cd163491142b9d613f51f5e15859c0bf2f_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:5cf7bb103490cb1b5423c7d02d5b412f9059dca5455770fb0ecae8e1331493d7_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:c9456c7efa795d600500ab1c05e30ac7ce8f83fd571c5d8cfc0d382fcf575d9f_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-bootstrap-rhel9@sha256:d1773b6567bd5ebd6b33e5ff24bafdd17e1d1f4dceb2a93fd4355bad0995b7a9_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:4c30c0f1e5ba711350357dbfb9f5048129a90be5c28011f85116a2fb365c6f4c_ppc64le",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:88c09914c96a5eeea856d8ec05f7c4d7afff9537990a3508073a98de2977e983_amd64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:a2bbd28144d23264473715038172a92b199f6fb0a1b1f3f1cad2c56a3454fe00_s390x",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/capoa-control-plane-rhel9@sha256:b1619f86a599f1c386e8b487a1855b6f99a3538a619b55479debce224f541544_arm64",
"multicluster engine for Kubernetes 2.10:registry.redhat.io/multicluster-engine/cluster-api-provider-agent-rhel9@sha256:09ddc268aff8a2e20a6678fe200843c4fc98e9e1d305074c5bbef73760e