Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2026-25679 (GCVE-0-2026-25679)
Vulnerability from cvelistv5 – Published: 2026-03-06 21:28 – Updated: 2026-07-02 12:04- CWE-1286 - Improper Validation of Syntactic Correctness of Input
| Vendor | Product | Version | |
|---|---|---|---|
| Go standard library | net/url |
Affected:
0 , < 1.25.8
(semver)
Affected: 1.26.0-0 , < 1.26.1 (semver) |
|
| Red Hat | Red Hat Ansible Automation Platform 2.6 for RHEL 10 |
cpe:/a:redhat:ansible_automation_platform:2.6::el10 cpe:/a:redhat:ansible_automation_platform_developer:2.6::el10 |
|
| Red Hat | Red Hat Enterprise Linux Server (v. 7 ELS) |
cpe:/o:redhat:rhel_els:7 |
|
| Red Hat | Red Hat Ansible Automation Platform 2.5 for RHEL 8 |
cpe:/a:redhat:ansible_automation_platform:2.5::el8 cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8 cpe:/a:redhat:ansible_automation_platform_inside:2.5::el8 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.12 |
cpe:/a:redhat:openshift:4.12::el8 cpe:/a:redhat:openshift:4.12::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.13 |
cpe:/a:redhat:openshift:4.13::el8 cpe:/a:redhat:openshift:4.13::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.14 |
cpe:/a:redhat:openshift:4.14::el8 cpe:/a:redhat:openshift:4.14::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.16 |
cpe:/a:redhat:openshift:4.16::el8 cpe:/a:redhat:openshift:4.16::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.18 |
cpe:/a:redhat:openshift:4.18::el8 cpe:/a:redhat:openshift:4.18::el9 |
|
| Red Hat | Red Hat Satellite 6.16 for RHEL 8 |
cpe:/a:redhat:satellite:6.16::el8 cpe:/a:redhat:satellite_capsule:6.16::el8 cpe:/a:redhat:satellite_maintenance:6.16::el8 cpe:/a:redhat:satellite_utils:6.16::el8 |
|
| Red Hat | Red Hat Ansible Automation Platform 2.5 for RHEL 9 |
cpe:/a:redhat:ansible_automation_platform:2.5::el9 cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9 cpe:/a:redhat:ansible_automation_platform_inside:2.5::el9 |
|
| Red Hat | Red Hat Ansible Automation Platform 2.6 for RHEL 9 |
cpe:/a:redhat:ansible_automation_platform:2.6::el9 cpe:/a:redhat:ansible_automation_platform_developer:2.6::el9 cpe:/a:redhat:ansible_automation_platform_inside:2.6::el9 |
|
| Red Hat | Cryostat 4 on RHEL 9 |
cpe:/a:redhat:cryostat:4::el9 |
|
| Red Hat | Red Hat OpenStack Platform 17.1 |
cpe:/a:redhat:openstack:17.1 cpe:/a:redhat:openstack:17.1::el9 |
|
| Red Hat | Red Hat Satellite 6.16 for RHEL 9 |
cpe:/a:redhat:satellite:6.16::el9 cpe:/a:redhat:satellite_capsule:6.16::el9 cpe:/a:redhat:satellite_maintenance:6.16::el9 cpe:/a:redhat:satellite_utils:6.16::el9 |
|
| Red Hat | Red Hat Satellite 6.19 for RHEL 9 |
cpe:/a:redhat:satellite:6.19::el9 cpe:/a:redhat:satellite_capsule:6.19::el9 cpe:/a:redhat:satellite_maintenance:6.19::el9 cpe:/a:redhat:satellite_utils:6.19::el9 |
|
| Red Hat | Red Hat Enterprise Linux AppStream EUS (v. 10.0) |
cpe:/o:redhat:enterprise_linux_eus:10.0 |
|
| Red Hat | Red Hat Enterprise Linux AppStream (v. 10) |
cpe:/o:redhat:enterprise_linux:10.1 cpe:/o:redhat:enterprise_linux:10.2 |
|
| Red Hat | Red Hat Enterprise Linux AppStream (v. 8) |
cpe:/a:redhat:enterprise_linux:8::appstream |
|
| Red Hat | Red Hat Enterprise Linux AppStream AUS (v. 8.2) |
cpe:/a:redhat:rhel_aus:8.2::appstream |
|
| Red Hat | Red Hat Enterprise Linux AppStream AUS (v.8.4) |
cpe:/a:redhat:rhel_aus:8.4::appstream |
|
| Red Hat | Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4) |
cpe:/a:redhat:rhel_eus_long_life:8.4::appstream |
|
| Red Hat | Red Hat Enterprise Linux AppStream AUS (v.8.6) |
cpe:/a:redhat:rhel_aus:8.6::appstream |
|
| Red Hat | Red Hat Enterprise Linux AppStream E4S (v.8.6) |
cpe:/a:redhat:rhel_e4s:8.6::appstream |
|
| Red Hat | Red Hat Enterprise Linux AppStream TUS (v.8.6) |
cpe:/a:redhat:rhel_tus:8.6::appstream |
|
| Red Hat | Red Hat Enterprise Linux AppStream E4S (v.8.8) |
cpe:/a:redhat:rhel_e4s:8.8::appstream |
|
| Red Hat | Red Hat Enterprise Linux AppStream TUS (v.8.8) |
cpe:/a:redhat:rhel_tus:8.8::appstream |
|
| Red Hat | Red Hat Enterprise Linux AppStream E4S (v.9.0) |
cpe:/a:redhat:rhel_e4s:9.0::appstream |
|
| Red Hat | Red Hat Enterprise Linux AppStream E4S (v.9.2) |
cpe:/a:redhat:rhel_e4s:9.2::appstream |
|
| Red Hat | Red Hat Enterprise Linux AppStream E4S (v.9.4) |
cpe:/a:redhat:rhel_e4s:9.4::appstream |
|
| Red Hat | Red Hat Enterprise Linux AppStream EUS (v.9.4) |
cpe:/a:redhat:rhel_eus:9.4::appstream |
|
| Red Hat | Red Hat Enterprise Linux AppStream EUS (v.9.6) |
cpe:/a:redhat:rhel_eus:9.6::appstream |
|
| Red Hat | Red Hat Enterprise Linux AppStream (v. 9) |
cpe:/a:redhat:enterprise_linux:9::appstream |
|
| Red Hat | Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0) |
cpe:/o:redhat:enterprise_linux_eus:10.0 |
|
| Red Hat | Red Hat Enterprise Linux CodeReady Linux Builder (v. 10) |
cpe:/o:redhat:enterprise_linux:10.1 cpe:/o:redhat:enterprise_linux:10.2 |
|
| Red Hat | Red Hat CodeReady Linux Builder EUS (v.9.4) |
cpe:/a:redhat:rhel_eus:9.4::crb |
|
| Red Hat | Red Hat CodeReady Linux Builder EUS (v.9.6) |
cpe:/a:redhat:rhel_eus:9.6::crb |
|
| Red Hat | Red Hat Enterprise Linux CodeReady Linux Builder (v. 9) |
cpe:/a:redhat:enterprise_linux:9::crb |
|
| Red Hat | Custom Metric Autoscaler 2.19 |
cpe:/a:redhat:openshift_custom_metrics_autoscaler:2.19::el9 |
|
| Red Hat | DevWorkspace Operator 0.4 |
cpe:/a:redhat:devworkspace:0.40::el9 |
|
| Red Hat | Logging Subsystem for Red Hat OpenShift 6.0 |
cpe:/a:redhat:logging:6.0::el9 |
|
| Red Hat | Logging Subsystem for Red Hat OpenShift 6.2 |
cpe:/a:redhat:logging:6.2::el9 |
|
| Red Hat | Logging Subsystem for Red Hat OpenShift 6.4 |
cpe:/a:redhat:logging:6.4::el9 |
|
| Red Hat | Multicluster Global Hub 1.3.4 |
cpe:/a:redhat:multicluster_globalhub:1.3::el9 |
|
| Red Hat | Multicluster Global Hub 1.4.5 |
cpe:/a:redhat:multicluster_globalhub:1.4::el9 |
|
| Red Hat | Multicluster Global Hub 1.5.4 |
cpe:/a:redhat:multicluster_globalhub:1.5::el9 |
|
| Red Hat | Multicluster Global Hub 1.6.2 |
cpe:/a:redhat:multicluster_globalhub:1.6::el9 |
|
| Red Hat | Network Observability (NETOBSERV) 1.11.2 |
cpe:/a:redhat:network_observ_optr:1.11::el9 |
|
| Red Hat | OpenShift API for Data Protection 1.4 |
cpe:/a:redhat:openshift_api_data_protection:1.4::el9 |
|
| Red Hat | OpenShift API for Data Protection 1.5 |
cpe:/a:redhat:openshift_api_data_protection:1.5::el9 |
|
| Red Hat | OpenShift Compliance Operator 1 |
cpe:/a:redhat:openshift_compliance_operator:1::el9 |
|
| Red Hat | OpenShift File Integrity Operator - FIO 1 |
cpe:/a:redhat:openshift_file_integrity_operator:1::el9 |
|
| Red Hat | Red Hat Advanced Cluster Management for Kubernetes 2.14 |
cpe:/a:redhat:acm:2.14::el9 |
|
| Red Hat | Red Hat Advanced Cluster Management for Kubernetes 2.15 |
cpe:/a:redhat:acm:2.15::el9 |
|
| Red Hat | Red Hat Advanced Cluster Security for Kubernetes 4.10 |
cpe:/a:redhat:advanced_cluster_security:4.10::el8 |
|
| Red Hat | Red Hat Advanced Cluster Security for Kubernetes 4.8 |
cpe:/a:redhat:advanced_cluster_security:4.8::el8 |
|
| Red Hat | Red Hat Advanced Cluster Security for Kubernetes 4.9 |
cpe:/a:redhat:advanced_cluster_security:4.9::el8 |
|
| Red Hat | Red Hat Ansible Automation Platform 2.6 |
cpe:/a:redhat:ansible_automation_platform:2.6::el9 |
|
| Red Hat | Red Hat Developer Hub 1.8 |
cpe:/a:redhat:rhdh:1.8::el9 |
|
| Red Hat | Red Hat Developer Hub 1.9 |
cpe:/a:redhat:rhdh:1.9::el9 |
|
| Red Hat | Red Hat Enterprise Linux AI 3.3 |
cpe:/a:redhat:enterprise_linux_ai:3.3::el9 |
|
| Red Hat | Red Hat Hardened Images |
cpe:/a:redhat:hummingbird:1 |
|
| Red Hat | Red Hat Lightspeed (formerly Insights) for Runtimes 1 |
cpe:/a:redhat:lightspeed_for_runtimes:1.0::el9 |
|
| Red Hat | Red Hat OpenShift AI 2.25 |
cpe:/a:redhat:openshift_ai:2.25::el9 |
|
| Red Hat | Red Hat OpenShift Builds 1.6.5 |
cpe:/a:redhat:openshift_builds:1.6::el9 |
|
| Red Hat | Red Hat OpenShift Builds 1.7.3 |
cpe:/a:redhat:openshift_builds:1.7::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.15 |
cpe:/a:redhat:openshift:4.15::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.17 |
cpe:/a:redhat:openshift:4.17::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.19 |
cpe:/a:redhat:openshift:4.19::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.20 |
cpe:/a:redhat:openshift:4.20::el9 |
|
| Red Hat | Red Hat OpenShift Dev Spaces 3.27 |
cpe:/a:redhat:openshift_devspaces:3.27::el9 |
|
| Red Hat | Red Hat OpenShift Service Mesh 2.6 |
cpe:/a:redhat:service_mesh:2.6::el8 |
|
| Red Hat | Red Hat OpenShift Service Mesh 3.0 |
cpe:/a:redhat:service_mesh:3.0::el9 |
|
| Red Hat | Red Hat OpenShift Service Mesh 3.1 |
cpe:/a:redhat:service_mesh:3.1::el9 |
|
| Red Hat | Red Hat OpenShift Service Mesh 3.2 |
cpe:/a:redhat:service_mesh:3.2::el9 |
|
| Red Hat | Red Hat OpenShift Service Mesh 3.3 |
cpe:/a:redhat:service_mesh:3.3::el9 |
|
| Red Hat | Red Hat OpenShift distributed tracing 3.9.3 |
cpe:/a:redhat:openshift_distributed_tracing:3.9::el9 |
|
| Red Hat | Red Hat OpenStack 1.5 |
cpe:/a:redhat:stf:1.5::el9 |
|
| Red Hat | Red Hat OpenStack Services on OpenShift 18 |
cpe:/a:redhat:openstack:18.0::el9 |
|
| Red Hat | Red Hat Quay 3.10 |
cpe:/a:redhat:quay:3.10::el8 |
|
| Red Hat | Red Hat Quay 3.12 |
cpe:/a:redhat:quay:3.12::el8 |
|
| Red Hat | Red Hat Quay 3.14 |
cpe:/a:redhat:quay:3.14::el8 |
|
| Red Hat | Red Hat Quay 3.15 |
cpe:/a:redhat:quay:3.15::el8 |
|
| Red Hat | Red Hat Quay 3.16 |
cpe:/a:redhat:quay:3.16::el9 |
|
| Red Hat | Red Hat Quay 3.9 |
cpe:/a:redhat:quay:3.9::el8 |
|
| Red Hat | Red Hat Satellite 6.18 |
cpe:/a:redhat:satellite:6.18::el9 |
|
| Red Hat | Red Hat Trusted Artifact Signer 1.3 |
cpe:/a:redhat:trusted_artifact_signer:1.3::el9 |
|
| Red Hat | Red Hat Update Infrastructure 5 |
cpe:/a:redhat:rhui:5::el9 |
|
| Red Hat | Red Hat Web Terminal 1.11 |
cpe:/a:redhat:webterminal:1.11::el9 |
|
| Red Hat | Red Hat Web Terminal 1.12 |
cpe:/a:redhat:webterminal:1.12::el9 |
|
| Red Hat | Red Hat Web Terminal 1.13 |
cpe:/a:redhat:webterminal:1.13::el9 |
|
| Red Hat | Red Hat Web Terminal 1.14 |
cpe:/a:redhat:webterminal:1.14::el9 |
|
| Red Hat | Red Hat Web Terminal 1.15 |
cpe:/a:redhat:webterminal:1.15::el9 |
|
| Red Hat | mirror registry for Red Hat OpenShift 2.0 |
cpe:/a:redhat:mirror_registry:2.0::el8 |
|
| Red Hat | Assisted Installer for Red Hat OpenShift Container Platform 2 |
cpe:/a:redhat:assisted_installer:2 |
|
| Red Hat | cert-manager Operator for Red Hat OpenShift |
cpe:/a:redhat:cert_manager:1 |
|
| Red Hat | Confidential Compute Attestation |
cpe:/a:redhat:confidential_compute_attestation:1 |
|
| Red Hat | Deployment Validation Operator |
cpe:/a:redhat:deployment_validator_operator |
|
| Red Hat | External Secrets Operator for Red Hat OpenShift |
cpe:/a:redhat:external_secrets_operator:1 |
|
| Red Hat | ExternalDNS Operator |
cpe:/a:redhat:ext_dns_optr:1 |
|
| Red Hat | Fence Agents Remediation Operator |
cpe:/a:redhat:workload_availability_far:0 |
|
| Red Hat | Gatekeeper 3 |
cpe:/a:redhat:gatekeeper:3 |
|
| Red Hat | Logging Subsystem for Red Hat OpenShift |
cpe:/a:redhat:logging:5 |
|
| Red Hat | Logical Volume Manager Storage |
cpe:/a:redhat:lvms:4 |
|
| Red Hat | Machine Deletion Remediation Operator |
cpe:/a:redhat:workload_availability_mdr:0 |
|
| Red Hat | Migration Toolkit for Containers |
cpe:/a:redhat:rhmt:1 |
|
| Red Hat | mirror registry for Red Hat OpenShift |
cpe:/a:redhat:mirror_registry:1 |
|
| Red Hat | Multicluster Engine for Kubernetes |
cpe:/a:redhat:multicluster_engine |
|
| Red Hat | OpenShift Developer Tools and Services |
cpe:/a:redhat:ocp_tools |
|
| Red Hat | OpenShift Lightspeed |
cpe:/a:redhat:openshift_lightspeed |
|
| Red Hat | OpenShift Pipelines |
cpe:/a:redhat:openshift_pipelines:1 |
|
| Red Hat | OpenShift Serverless |
cpe:/a:redhat:serverless:1 |
|
| Red Hat | OpenShift Service Mesh 2 |
cpe:/a:redhat:service_mesh:2 |
|
| Red Hat | Red Hat 3scale API Management Platform 2 |
cpe:/a:redhat:red_hat_3scale_amp:2 |
|
| Red Hat | Red Hat Certification Program for Red Hat Enterprise Linux 9 |
cpe:/a:redhat:certifications:9 |
|
| Red Hat | Red Hat Connectivity Link 1 |
cpe:/a:redhat:connectivity_link:1 |
|
| Red Hat | Red Hat Edge Manager 1 |
cpe:/a:redhat:edge_manager:1 |
|
| Red Hat | Red Hat Enterprise Linux 10 |
cpe:/o:redhat:enterprise_linux:10 |
|
| Red Hat | Red Hat Enterprise Linux 7 |
cpe:/o:redhat:enterprise_linux:7 |
|
| Red Hat | Red Hat Enterprise Linux 8 |
cpe:/o:redhat:enterprise_linux:8 |
|
| Red Hat | Red Hat Enterprise Linux 9 |
cpe:/o:redhat:enterprise_linux:9 |
|
| Red Hat | Red Hat OpenShift Cluster Manager CLI |
cpe:/a:redhat:openshift_cluster_manager_cli:1 |
|
| Red Hat | Red Hat OpenShift Container Platform 4 |
cpe:/a:redhat:openshift:4 |
|
| Red Hat | Red Hat Openshift Data Foundation 4 |
cpe:/a:redhat:openshift_data_foundation:4 |
|
| Red Hat | Red Hat OpenShift GitOps |
cpe:/a:redhat:openshift_gitops:1 |
|
| Red Hat | Red Hat OpenShift on AWS |
cpe:/a:redhat:openshift_service_on_aws:1 |
|
| Red Hat | Red Hat OpenShift Virtualization 4 |
cpe:/a:redhat:container_native_virtualization:4 |
|
| Red Hat | Red Hat OpenStack Platform 16.2 |
cpe:/a:redhat:openstack:16.2 |
|
| Red Hat | Red Hat OpenStack Platform 18.0 |
cpe:/a:redhat:openstack:18.0 |
|
| Red Hat | Red Hat Quay 3 |
cpe:/a:redhat:quay:3 |
|
| Red Hat | Red Hat Satellite 6 |
cpe:/a:redhat:satellite:6 |
|
| Red Hat | Red Hat Service Interconnect 1 |
cpe:/a:redhat:service_interconnect:1 |
|
| Red Hat | Red Hat Service Interconnect 2 |
cpe:/a:redhat:service_interconnect:2 |
|
| Red Hat | Security Profiles Operator |
cpe:/a:redhat:openshift_security_profiles_operator:1 |
|
| Red Hat | streams for Apache Kafka 3 |
cpe:/a:redhat:amq_streams:3 |
|
| Red Hat | Zero Trust Workload Identity Manager |
cpe:/a:redhat:zero_trust_workload_identity_manager:1 |
|
| Red Hat | Zero Trust Workload Identity Manager - Tech Preview |
cpe:/a:redhat:zero_trust_workload_identity_manager:0 |
|
| Red Hat | Migration Toolkit for Applications 8 |
cpe:/a:redhat:migration_toolkit_applications:8 |
|
| Red Hat | Node HealthCheck Operator |
cpe:/a:redhat:workload_availability_nhc:0 |
|
| Red Hat | Power monitoring for Red Hat OpenShift |
cpe:/a:redhat:openshift_power_monitoring |
|
| Red Hat | Red Hat AMQ Clients |
cpe:/a:redhat:amq_clients:2023 |
|
| Red Hat | Red Hat Ansible Automation Platform 2 |
cpe:/a:redhat:ansible_automation_platform:2 |
|
| Red Hat | Red Hat build of Apache Camel - HawtIO 4 |
cpe:/a:redhat:apache_camel_hawtio:4 |
|
| Red Hat | Red Hat OpenShift AI (RHOAI) |
cpe:/a:redhat:openshift_ai |
|
| Red Hat | Red Hat OpenShift for Windows Containers |
cpe:/a:redhat:windows_machine_config |
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2026-25679",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-10T13:36:26.554241Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-10T13:37:02.459Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"affected": [
{
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2.6::el10",
"cpe:/a:redhat:ansible_automation_platform_developer:2.6::el10"
],
"defaultStatus": "affected",
"product": "Red Hat Ansible Automation Platform 2.6 for RHEL 10",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:rhel_els:7"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux Server (v. 7 ELS)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2.5::el8",
"cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8",
"cpe:/a:redhat:ansible_automation_platform_inside:2.5::el8"
],
"defaultStatus": "affected",
"product": "Red Hat Ansible Automation Platform 2.5 for RHEL 8",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift:4.12::el8",
"cpe:/a:redhat:openshift:4.12::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Container Platform 4.12",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift:4.13::el8",
"cpe:/a:redhat:openshift:4.13::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Container Platform 4.13",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift:4.14::el8",
"cpe:/a:redhat:openshift:4.14::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Container Platform 4.14",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift:4.16::el8",
"cpe:/a:redhat:openshift:4.16::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Container Platform 4.16",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift:4.18::el8",
"cpe:/a:redhat:openshift:4.18::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Container Platform 4.18",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:satellite:6.16::el8",
"cpe:/a:redhat:satellite_capsule:6.16::el8",
"cpe:/a:redhat:satellite_maintenance:6.16::el8",
"cpe:/a:redhat:satellite_utils:6.16::el8"
],
"defaultStatus": "affected",
"product": "Red Hat Satellite 6.16 for RHEL 8",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2.5::el9",
"cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9",
"cpe:/a:redhat:ansible_automation_platform_inside:2.5::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Ansible Automation Platform 2.5 for RHEL 9",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2.6::el9",
"cpe:/a:redhat:ansible_automation_platform_developer:2.6::el9",
"cpe:/a:redhat:ansible_automation_platform_inside:2.6::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Ansible Automation Platform 2.6 for RHEL 9",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:cryostat:4::el9"
],
"defaultStatus": "affected",
"product": "Cryostat 4 on RHEL 9",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openstack:17.1",
"cpe:/a:redhat:openstack:17.1::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenStack Platform 17.1",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:satellite:6.16::el9",
"cpe:/a:redhat:satellite_capsule:6.16::el9",
"cpe:/a:redhat:satellite_maintenance:6.16::el9",
"cpe:/a:redhat:satellite_utils:6.16::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Satellite 6.16 for RHEL 9",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:satellite:6.19::el9",
"cpe:/a:redhat:satellite_capsule:6.19::el9",
"cpe:/a:redhat:satellite_maintenance:6.19::el9",
"cpe:/a:redhat:satellite_utils:6.19::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Satellite 6.19 for RHEL 9",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux_eus:10.0"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:10.1",
"cpe:/o:redhat:enterprise_linux:10.2"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream (v. 10)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:enterprise_linux:8::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream (v. 8)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_aus:8.2::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream AUS (v. 8.2)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_aus:8.4::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream AUS (v.8.4)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_aus:8.6::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream AUS (v.8.6)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_e4s:8.6::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_tus:8.6::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream TUS (v.8.6)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_e4s:8.8::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream E4S (v.8.8)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_tus:8.8::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream TUS (v.8.8)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_e4s:9.0::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_e4s:9.2::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_e4s:9.4::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream E4S (v.9.4)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_eus:9.4::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_eus:9.6::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:enterprise_linux:9::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream (v. 9)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux_eus:10.0"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:10.1",
"cpe:/o:redhat:enterprise_linux:10.2"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_eus:9.4::crb"
],
"defaultStatus": "affected",
"product": "Red Hat CodeReady Linux Builder EUS (v.9.4)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_eus:9.6::crb"
],
"defaultStatus": "affected",
"product": "Red Hat CodeReady Linux Builder EUS (v.9.6)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:enterprise_linux:9::crb"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_custom_metrics_autoscaler:2.19::el9"
],
"defaultStatus": "affected",
"product": "Custom Metric Autoscaler 2.19",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:devworkspace:0.40::el9"
],
"defaultStatus": "affected",
"product": "DevWorkspace Operator 0.4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:logging:6.0::el9"
],
"defaultStatus": "affected",
"product": "Logging Subsystem for Red Hat OpenShift 6.0",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:logging:6.2::el9"
],
"defaultStatus": "affected",
"product": "Logging Subsystem for Red Hat OpenShift 6.2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:logging:6.4::el9"
],
"defaultStatus": "affected",
"product": "Logging Subsystem for Red Hat OpenShift 6.4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:multicluster_globalhub:1.3::el9"
],
"defaultStatus": "affected",
"product": "Multicluster Global Hub 1.3.4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:multicluster_globalhub:1.4::el9"
],
"defaultStatus": "affected",
"product": "Multicluster Global Hub 1.4.5",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:multicluster_globalhub:1.5::el9"
],
"defaultStatus": "affected",
"product": "Multicluster Global Hub 1.5.4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:multicluster_globalhub:1.6::el9"
],
"defaultStatus": "affected",
"product": "Multicluster Global Hub 1.6.2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:network_observ_optr:1.11::el9"
],
"defaultStatus": "affected",
"product": "Network Observability (NETOBSERV) 1.11.2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_api_data_protection:1.4::el9"
],
"defaultStatus": "affected",
"product": "OpenShift API for Data Protection 1.4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_api_data_protection:1.5::el9"
],
"defaultStatus": "affected",
"product": "OpenShift API for Data Protection 1.5",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_compliance_operator:1::el9"
],
"defaultStatus": "affected",
"product": "OpenShift Compliance Operator 1",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_file_integrity_operator:1::el9"
],
"defaultStatus": "affected",
"product": "OpenShift File Integrity Operator - FIO 1",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:acm:2.14::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2.14",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:acm:2.15::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2.15",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4.10::el8"
],
"defaultStatus": "affected",
"product": "Red Hat Advanced Cluster Security for Kubernetes 4.10",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4.8::el8"
],
"defaultStatus": "affected",
"product": "Red Hat Advanced Cluster Security for Kubernetes 4.8",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4.9::el8"
],
"defaultStatus": "affected",
"product": "Red Hat Advanced Cluster Security for Kubernetes 4.9",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2.6::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Ansible Automation Platform 2.6",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhdh:1.8::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Developer Hub 1.8",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhdh:1.9::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Developer Hub 1.9",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:enterprise_linux_ai:3.3::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AI 3.3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:hummingbird:1"
],
"defaultStatus": "affected",
"product": "Red Hat Hardened Images",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:lightspeed_for_runtimes:1.0::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Lightspeed (formerly Insights) for Runtimes 1",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_ai:2.25::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift AI 2.25",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_builds:1.6::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Builds 1.6.5",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_builds:1.7::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Builds 1.7.3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift:4.15::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Container Platform 4.15",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift:4.17::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Container Platform 4.17",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift:4.19::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Container Platform 4.19",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift:4.20::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Container Platform 4.20",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_devspaces:3.27::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Dev Spaces 3.27",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:service_mesh:2.6::el8"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Service Mesh 2.6",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:service_mesh:3.0::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Service Mesh 3.0",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:service_mesh:3.1::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Service Mesh 3.1",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:service_mesh:3.2::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Service Mesh 3.2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:service_mesh:3.3::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Service Mesh 3.3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_distributed_tracing:3.9::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift distributed tracing 3.9.3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:stf:1.5::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenStack 1.5",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openstack:18.0::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenStack Services on OpenShift 18",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:quay:3.10::el8"
],
"defaultStatus": "affected",
"product": "Red Hat Quay 3.10",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:quay:3.12::el8"
],
"defaultStatus": "affected",
"product": "Red Hat Quay 3.12",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:quay:3.14::el8"
],
"defaultStatus": "affected",
"product": "Red Hat Quay 3.14",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:quay:3.15::el8"
],
"defaultStatus": "affected",
"product": "Red Hat Quay 3.15",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:quay:3.16::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Quay 3.16",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:quay:3.9::el8"
],
"defaultStatus": "affected",
"product": "Red Hat Quay 3.9",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:satellite:6.18::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Satellite 6.18",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:trusted_artifact_signer:1.3::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Trusted Artifact Signer 1.3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhui:5::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Update Infrastructure 5",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:webterminal:1.11::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Web Terminal 1.11",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:webterminal:1.12::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Web Terminal 1.12",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:webterminal:1.13::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Web Terminal 1.13",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:webterminal:1.14::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Web Terminal 1.14",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:webterminal:1.15::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Web Terminal 1.15",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:mirror_registry:2.0::el8"
],
"defaultStatus": "affected",
"product": "mirror registry for Red Hat OpenShift 2.0",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:assisted_installer:2"
],
"defaultStatus": "affected",
"product": "Assisted Installer for Red Hat OpenShift Container Platform 2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:cert_manager:1"
],
"defaultStatus": "affected",
"product": "cert-manager Operator for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:confidential_compute_attestation:1"
],
"defaultStatus": "affected",
"product": "Confidential Compute Attestation",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:deployment_validator_operator"
],
"defaultStatus": "affected",
"product": "Deployment Validation Operator",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:external_secrets_operator:1"
],
"defaultStatus": "affected",
"product": "External Secrets Operator for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ext_dns_optr:1"
],
"defaultStatus": "affected",
"product": "ExternalDNS Operator",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:workload_availability_far:0"
],
"defaultStatus": "affected",
"product": "Fence Agents Remediation Operator",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:gatekeeper:3"
],
"defaultStatus": "affected",
"product": "Gatekeeper 3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:logging:5"
],
"defaultStatus": "affected",
"product": "Logging Subsystem for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:lvms:4"
],
"defaultStatus": "affected",
"product": "Logical Volume Manager Storage",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:workload_availability_mdr:0"
],
"defaultStatus": "affected",
"product": "Machine Deletion Remediation Operator",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhmt:1"
],
"defaultStatus": "affected",
"product": "Migration Toolkit for Containers",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:mirror_registry:1"
],
"defaultStatus": "affected",
"product": "mirror registry for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:multicluster_engine"
],
"defaultStatus": "affected",
"product": "Multicluster Engine for Kubernetes",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ocp_tools"
],
"defaultStatus": "affected",
"product": "OpenShift Developer Tools and Services",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_lightspeed"
],
"defaultStatus": "affected",
"product": "OpenShift Lightspeed",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_pipelines:1"
],
"defaultStatus": "affected",
"product": "OpenShift Pipelines",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:serverless:1"
],
"defaultStatus": "affected",
"product": "OpenShift Serverless",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:service_mesh:2"
],
"defaultStatus": "affected",
"product": "OpenShift Service Mesh 2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:red_hat_3scale_amp:2"
],
"defaultStatus": "affected",
"product": "Red Hat 3scale API Management Platform 2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:certifications:9"
],
"defaultStatus": "affected",
"product": "Red Hat Certification Program for Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:connectivity_link:1"
],
"defaultStatus": "affected",
"product": "Red Hat Connectivity Link 1",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:edge_manager:1"
],
"defaultStatus": "affected",
"product": "Red Hat Edge Manager 1",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux 7",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_cluster_manager_cli:1"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Cluster Manager CLI",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4"
],
"defaultStatus": "affected",
"product": "Red Hat Openshift Data Foundation 4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_gitops:1"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift GitOps",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_service_on_aws:1"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift on AWS",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Virtualization 4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openstack:16.2"
],
"defaultStatus": "affected",
"product": "Red Hat OpenStack Platform 16.2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openstack:18.0"
],
"defaultStatus": "affected",
"product": "Red Hat OpenStack Platform 18.0",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:quay:3"
],
"defaultStatus": "affected",
"product": "Red Hat Quay 3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:satellite:6"
],
"defaultStatus": "affected",
"product": "Red Hat Satellite 6",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:service_interconnect:1"
],
"defaultStatus": "affected",
"product": "Red Hat Service Interconnect 1",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:service_interconnect:2"
],
"defaultStatus": "affected",
"product": "Red Hat Service Interconnect 2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_security_profiles_operator:1"
],
"defaultStatus": "affected",
"product": "Security Profiles Operator",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:amq_streams:3"
],
"defaultStatus": "affected",
"product": "streams for Apache Kafka 3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:zero_trust_workload_identity_manager:1"
],
"defaultStatus": "affected",
"product": "Zero Trust Workload Identity Manager",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:zero_trust_workload_identity_manager:0"
],
"defaultStatus": "affected",
"product": "Zero Trust Workload Identity Manager - Tech Preview",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:migration_toolkit_applications:8"
],
"defaultStatus": "unaffected",
"product": "Migration Toolkit for Applications 8",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:workload_availability_nhc:0"
],
"defaultStatus": "unaffected",
"product": "Node HealthCheck Operator",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_power_monitoring"
],
"defaultStatus": "unaffected",
"product": "Power monitoring for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:amq_clients:2023"
],
"defaultStatus": "unaffected",
"product": "Red Hat AMQ Clients",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2"
],
"defaultStatus": "unaffected",
"product": "Red Hat Ansible Automation Platform 2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:apache_camel_hawtio:4"
],
"defaultStatus": "unaffected",
"product": "Red Hat build of Apache Camel - HawtIO 4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "unaffected",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:windows_machine_config"
],
"defaultStatus": "unaffected",
"product": "Red Hat OpenShift for Windows Containers",
"vendor": "Red Hat"
}
],
"datePublic": "2026-03-06T21:28:14.211Z",
"descriptions": [
{
"lang": "en",
"value": "The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Important"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1286",
"description": "Improper Validation of Syntactic Correctness of Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-02T12:04:52.558Z",
"orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
"shortName": "redhat-SADP"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"name": "RHBZ#2445356",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445356"
},
{
"tags": [
"x_sadp-csaf-vex"
],
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-25679.json"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:13508"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:8855"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:13512"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:26527"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:26541"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:28886"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:25043"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:21655"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:25180"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:27076"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:6341"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:28047"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:34365"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:14868"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:8314"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:9435"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:8856"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:5943"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:10133"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:8849"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:8931"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:17084"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19719"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19750"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:17040"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:7328"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:10929"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:16696"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:11375"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:10701"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:8842"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:7005"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:8840"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:5941"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:7992"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:6344"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:6388"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:13642"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:13643"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:7669"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:10169"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:11413"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:11412"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19032"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:29195"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19133"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19022"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19027"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19026"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:22937"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19049"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19135"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:22450"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19017"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:24386"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19055"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19132"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19031"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:29035"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19126"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19128"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:33722"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:6949"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:16875"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:7011"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:7009"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:8456"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:7674"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:7878"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:8853"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:7879"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:20581"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:9043"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:9094"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:8434"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19634"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:7876"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:20582"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:8860"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:9093"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:8851"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:7877"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:20584"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:8877"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:8878"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:9695"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:16102"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:9436"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:7883"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:8881"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:8949"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:8852"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:25252"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:25251"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:9434"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:7833"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:8879"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:9090"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:25248"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:8322"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:25253"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:25250"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:22733"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:12030"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:12032"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:10712"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:7834"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:8930"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:8882"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:12033"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19721"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:12028"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:8324"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:12031"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:12029"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:11749"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:9109"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:9439"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:8848"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:5944"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:8847"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:8845"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:9108"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19720"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19475"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:17287"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:7665"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:9097"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:9098"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:7259"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:8841"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:5942"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:6382"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:6383"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:13671"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:9044"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:7315"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:29455"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:29703"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19350"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19181"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19185"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19184"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:23228"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19353"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:22714"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:26445"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19207"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:29702"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:26636"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:9872"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:26585"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:11800"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:22862"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:22423"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:22347"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:5110"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:21769"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:23345"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:16874"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:29854"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:26568"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:8433"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:22627"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:25127"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:8151"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:13829"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:20889"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:11217"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:13791"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:13545"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:6802"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:10140"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:10141"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:7385"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:7291"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:9052"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:10184"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:5549"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:10158"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:12282"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:21696"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:14100"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:21691"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:15091"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:28893"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:14774"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:20088"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:17598"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:21657"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:20041"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:6564"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:10175"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:11688"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:8483"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:11686"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:9440"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:8484"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:9448"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:8490"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:9453"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:8491"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:9461"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:8493"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:9385"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:14020"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:11747"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:11916"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:6720"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:11856"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:21017"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:24853"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19375"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:11996"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:14879"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:10125"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:10065"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:11768"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:10250"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:10225"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:8338"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:8337"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:8167"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:28441"
}
],
"solutions": [
{
"lang": "en",
"value": "RHSA-2026:13508: Red Hat Ansible Automation Platform 2.6 for RHEL 10, Red Hat Ansible Automation Platform 2.6 for RHEL 9"
},
{
"lang": "en",
"value": "RHSA-2026:8855: Red Hat Enterprise Linux Server (v. 7 ELS)"
},
{
"lang": "en",
"value": "RHSA-2026:13512: Red Hat Ansible Automation Platform 2.5 for RHEL 8, Red Hat Ansible Automation Platform 2.5 for RHEL 9"
},
{
"lang": "en",
"value": "RHSA-2026:26527: Red Hat OpenShift Container Platform 4.12"
},
{
"lang": "en",
"value": "RHSA-2026:26541: Red Hat OpenShift Container Platform 4.13"
},
{
"lang": "en",
"value": "RHSA-2026:28886: Red Hat OpenShift Container Platform 4.14"
},
{
"lang": "en",
"value": "RHSA-2026:25043: Red Hat OpenShift Container Platform 4.16"
},
{
"lang": "en",
"value": "RHSA-2026:21655: Red Hat OpenShift Container Platform 4.18"
},
{
"lang": "en",
"value": "RHSA-2026:25180: Red Hat OpenShift Container Platform 4.18"
},
{
"lang": "en",
"value": "RHSA-2026:27076: Red Hat Satellite 6.16 for RHEL 8, Red Hat Satellite 6.16 for RHEL 9"
},
{
"lang": "en",
"value": "RHSA-2026:6341: Cryostat 4 on RHEL 9"
},
{
"lang": "en",
"value": "RHSA-2026:28047: Red Hat OpenStack Platform 17.1"
},
{
"lang": "en",
"value": "RHSA-2026:34365: Red Hat Satellite 6.19 for RHEL 9"
},
{
"lang": "en",
"value": "RHSA-2026:14868: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
},
{
"lang": "en",
"value": "RHSA-2026:8314: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
},
{
"lang": "en",
"value": "RHSA-2026:9435: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
},
{
"lang": "en",
"value": "RHSA-2026:8856: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
},
{
"lang": "en",
"value": "RHSA-2026:5943: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
},
{
"lang": "en",
"value": "RHSA-2026:10133: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
},
{
"lang": "en",
"value": "RHSA-2026:8849: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
},
{
"lang": "en",
"value": "RHSA-2026:8931: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
},
{
"lang": "en",
"value": "RHSA-2026:17084: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
},
{
"lang": "en",
"value": "RHSA-2026:19719: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
},
{
"lang": "en",
"value": "RHSA-2026:19750: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
},
{
"lang": "en",
"value": "RHSA-2026:17040: Red Hat Enterprise Linux AppStream EUS (v. 10.0), Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)"
},
{
"lang": "en",
"value": "RHSA-2026:7328: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
},
{
"lang": "en",
"value": "RHSA-2026:10929: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
},
{
"lang": "en",
"value": "RHSA-2026:16696: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
},
{
"lang": "en",
"value": "RHSA-2026:11375: Red Hat Enterprise Linux AppStream EUS (v. 10.0), Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)"
},
{
"lang": "en",
"value": "RHSA-2026:10701: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
},
{
"lang": "en",
"value": "RHSA-2026:8842: Red Hat Enterprise Linux AppStream (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:7005: Red Hat Enterprise Linux AppStream (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:8840: Red Hat Enterprise Linux AppStream (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:5941: Red Hat Enterprise Linux AppStream (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:7992: Red Hat Enterprise Linux AppStream (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:6344: Red Hat Enterprise Linux AppStream (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:6388: Red Hat Enterprise Linux AppStream (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:13642: Red Hat Enterprise Linux AppStream (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:13643: Red Hat Enterprise Linux AppStream (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:7669: Red Hat Enterprise Linux AppStream (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:10169: Red Hat Enterprise Linux AppStream (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:11413: Red Hat Enterprise Linux AppStream (v. 10), Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:11412: Red Hat Enterprise Linux AppStream (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:19032: Red Hat Enterprise Linux AppStream (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:29195: Red Hat Enterprise Linux AppStream (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:19133: Red Hat Enterprise Linux AppStream (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:19022: Red Hat Enterprise Linux AppStream (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:19027: Red Hat Enterprise Linux AppStream (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:19026: Red Hat Enterprise Linux AppStream (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:22937: Red Hat Enterprise Linux AppStream (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:19049: Red Hat Enterprise Linux AppStream (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:19135: Red Hat Enterprise Linux AppStream (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:22450: Red Hat Enterprise Linux AppStream (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:19017: Red Hat Enterprise Linux AppStream (v. 10), Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:24386: Red Hat Enterprise Linux AppStream (v. 10), Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:19055: Red Hat Enterprise Linux AppStream (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:19132: Red Hat Enterprise Linux AppStream (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:19031: Red Hat Enterprise Linux AppStream (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:29035: Red Hat Enterprise Linux AppStream (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:19126: Red Hat Enterprise Linux AppStream (v. 10), Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:19128: Red Hat Enterprise Linux AppStream (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:33722: Red Hat Enterprise Linux AppStream (v. 8)"
},
{
"lang": "en",
"value": "RHSA-2026:6949: Red Hat Enterprise Linux AppStream (v. 8)"
},
{
"lang": "en",
"value": "RHSA-2026:16875: Red Hat Enterprise Linux AppStream (v. 8)"
},
{
"lang": "en",
"value": "RHSA-2026:7011: Red Hat Enterprise Linux AppStream (v. 8)"
},
{
"lang": "en",
"value": "RHSA-2026:7009: Red Hat Enterprise Linux AppStream (v. 8)"
},
{
"lang": "en",
"value": "RHSA-2026:8456: Red Hat Enterprise Linux AppStream (v. 8)"
},
{
"lang": "en",
"value": "RHSA-2026:7674: Red Hat Enterprise Linux AppStream (v. 8)"
},
{
"lang": "en",
"value": "RHSA-2026:7878: Red Hat Enterprise Linux AppStream AUS (v. 8.2)"
},
{
"lang": "en",
"value": "RHSA-2026:8853: Red Hat Enterprise Linux AppStream AUS (v. 8.2)"
},
{
"lang": "en",
"value": "RHSA-2026:7879: Red Hat Enterprise Linux AppStream AUS (v.8.4), Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)"
},
{
"lang": "en",
"value": "RHSA-2026:20581: Red Hat Enterprise Linux AppStream AUS (v.8.4), Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)"
},
{
"lang": "en",
"value": "RHSA-2026:9043: Red Hat Enterprise Linux AppStream AUS (v.8.4), Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)"
},
{
"lang": "en",
"value": "RHSA-2026:9094: Red Hat Enterprise Linux AppStream AUS (v.8.4), Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)"
},
{
"lang": "en",
"value": "RHSA-2026:8434: Red Hat Enterprise Linux AppStream AUS (v.8.4), Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)"
},
{
"lang": "en",
"value": "RHSA-2026:19634: Red Hat Enterprise Linux AppStream AUS (v.8.6), Red Hat Enterprise Linux AppStream E4S (v.8.6), Red Hat Enterprise Linux AppStream TUS (v.8.6)"
},
{
"lang": "en",
"value": "RHSA-2026:7876: Red Hat Enterprise Linux AppStream AUS (v.8.6), Red Hat Enterprise Linux AppStream E4S (v.8.6), Red Hat Enterprise Linux AppStream TUS (v.8.6)"
},
{
"lang": "en",
"value": "RHSA-2026:20582: Red Hat Enterprise Linux AppStream AUS (v.8.6), Red Hat Enterprise Linux AppStream E4S (v.8.6), Red Hat Enterprise Linux AppStream TUS (v.8.6)"
},
{
"lang": "en",
"value": "RHSA-2026:8860: Red Hat Enterprise Linux AppStream AUS (v.8.6), Red Hat Enterprise Linux AppStream E4S (v.8.6), Red Hat Enterprise Linux AppStream TUS (v.8.6)"
},
{
"lang": "en",
"value": "RHSA-2026:9093: Red Hat Enterprise Linux AppStream AUS (v.8.6), Red Hat Enterprise Linux AppStream E4S (v.8.6), Red Hat Enterprise Linux AppStream TUS (v.8.6)"
},
{
"lang": "en",
"value": "RHSA-2026:8851: Red Hat Enterprise Linux AppStream AUS (v.8.6), Red Hat Enterprise Linux AppStream E4S (v.8.6), Red Hat Enterprise Linux AppStream TUS (v.8.6)"
},
{
"lang": "en",
"value": "RHSA-2026:7877: Red Hat Enterprise Linux AppStream E4S (v.8.8), Red Hat Enterprise Linux AppStream TUS (v.8.8)"
},
{
"lang": "en",
"value": "RHSA-2026:20584: Red Hat Enterprise Linux AppStream E4S (v.8.8), Red Hat Enterprise Linux AppStream TUS (v.8.8)"
},
{
"lang": "en",
"value": "RHSA-2026:8877: Red Hat Enterprise Linux AppStream E4S (v.8.8), Red Hat Enterprise Linux AppStream TUS (v.8.8)"
},
{
"lang": "en",
"value": "RHSA-2026:8878: Red Hat Enterprise Linux AppStream E4S (v.8.8), Red Hat Enterprise Linux AppStream TUS (v.8.8)"
},
{
"lang": "en",
"value": "RHSA-2026:9695: Red Hat Enterprise Linux AppStream E4S (v.8.8), Red Hat Enterprise Linux AppStream TUS (v.8.8)"
},
{
"lang": "en",
"value": "RHSA-2026:16102: Red Hat Enterprise Linux AppStream E4S (v.9.0)"
},
{
"lang": "en",
"value": "RHSA-2026:9436: Red Hat Enterprise Linux AppStream E4S (v.9.0)"
},
{
"lang": "en",
"value": "RHSA-2026:7883: Red Hat Enterprise Linux AppStream E4S (v.9.0)"
},
{
"lang": "en",
"value": "RHSA-2026:8881: Red Hat Enterprise Linux AppStream E4S (v.9.0)"
},
{
"lang": "en",
"value": "RHSA-2026:8949: Red Hat Enterprise Linux AppStream E4S (v.9.0)"
},
{
"lang": "en",
"value": "RHSA-2026:8852: Red Hat Enterprise Linux AppStream E4S (v.9.0)"
},
{
"lang": "en",
"value": "RHSA-2026:25252: Red Hat Enterprise Linux AppStream E4S (v.9.2)"
},
{
"lang": "en",
"value": "RHSA-2026:25251: Red Hat Enterprise Linux AppStream E4S (v.9.2)"
},
{
"lang": "en",
"value": "RHSA-2026:9434: Red Hat Enterprise Linux AppStream E4S (v.9.2)"
},
{
"lang": "en",
"value": "RHSA-2026:7833: Red Hat Enterprise Linux AppStream E4S (v.9.2)"
},
{
"lang": "en",
"value": "RHSA-2026:8879: Red Hat Enterprise Linux AppStream E4S (v.9.2)"
},
{
"lang": "en",
"value": "RHSA-2026:9090: Red Hat Enterprise Linux AppStream E4S (v.9.2)"
},
{
"lang": "en",
"value": "RHSA-2026:25248: Red Hat Enterprise Linux AppStream E4S (v.9.2)"
},
{
"lang": "en",
"value": "RHSA-2026:8322: Red Hat Enterprise Linux AppStream E4S (v.9.2)"
},
{
"lang": "en",
"value": "RHSA-2026:25253: Red Hat Enterprise Linux AppStream E4S (v.9.2)"
},
{
"lang": "en",
"value": "RHSA-2026:25250: Red Hat Enterprise Linux AppStream E4S (v.9.2)"
},
{
"lang": "en",
"value": "RHSA-2026:22733: Red Hat Enterprise Linux AppStream E4S (v.9.4)"
},
{
"lang": "en",
"value": "RHSA-2026:12030: Red Hat Enterprise Linux AppStream EUS (v.9.4)"
},
{
"lang": "en",
"value": "RHSA-2026:12032: Red Hat Enterprise Linux AppStream EUS (v.9.4)"
},
{
"lang": "en",
"value": "RHSA-2026:10712: Red Hat Enterprise Linux AppStream EUS (v.9.4)"
},
{
"lang": "en",
"value": "RHSA-2026:7834: Red Hat Enterprise Linux AppStream EUS (v.9.4)"
},
{
"lang": "en",
"value": "RHSA-2026:8930: Red Hat Enterprise Linux AppStream EUS (v.9.4)"
},
{
"lang": "en",
"value": "RHSA-2026:8882: Red Hat Enterprise Linux AppStream EUS (v.9.4)"
},
{
"lang": "en",
"value": "RHSA-2026:12033: Red Hat Enterprise Linux AppStream EUS (v.9.4)"
},
{
"lang": "en",
"value": "RHSA-2026:19721: Red Hat Enterprise Linux AppStream EUS (v.9.4)"
},
{
"lang": "en",
"value": "RHSA-2026:12028: Red Hat Enterprise Linux AppStream EUS (v.9.4)"
},
{
"lang": "en",
"value": "RHSA-2026:8324: Red Hat CodeReady Linux Builder EUS (v.9.4), Red Hat Enterprise Linux AppStream EUS (v.9.4)"
},
{
"lang": "en",
"value": "RHSA-2026:12031: Red Hat Enterprise Linux AppStream EUS (v.9.4)"
},
{
"lang": "en",
"value": "RHSA-2026:12029: Red Hat Enterprise Linux AppStream EUS (v.9.4)"
},
{
"lang": "en",
"value": "RHSA-2026:11749: Red Hat Enterprise Linux AppStream EUS (v.9.6)"
},
{
"lang": "en",
"value": "RHSA-2026:9109: Red Hat Enterprise Linux AppStream EUS (v.9.6)"
},
{
"lang": "en",
"value": "RHSA-2026:9439: Red Hat Enterprise Linux AppStream EUS (v.9.6)"
},
{
"lang": "en",
"value": "RHSA-2026:8848: Red Hat Enterprise Linux AppStream EUS (v.9.6)"
},
{
"lang": "en",
"value": "RHSA-2026:5944: Red Hat Enterprise Linux AppStream EUS (v.9.6)"
},
{
"lang": "en",
"value": "RHSA-2026:8847: Red Hat Enterprise Linux AppStream EUS (v.9.6)"
},
{
"lang": "en",
"value": "RHSA-2026:8845: Red Hat Enterprise Linux AppStream EUS (v.9.6)"
},
{
"lang": "en",
"value": "RHSA-2026:9108: Red Hat Enterprise Linux AppStream EUS (v.9.6)"
},
{
"lang": "en",
"value": "RHSA-2026:19720: Red Hat Enterprise Linux AppStream EUS (v.9.6)"
},
{
"lang": "en",
"value": "RHSA-2026:19475: Red Hat Enterprise Linux AppStream EUS (v.9.6)"
},
{
"lang": "en",
"value": "RHSA-2026:17287: Red Hat Enterprise Linux AppStream EUS (v.9.6)"
},
{
"lang": "en",
"value": "RHSA-2026:7665: Red Hat CodeReady Linux Builder EUS (v.9.6), Red Hat Enterprise Linux AppStream EUS (v.9.6)"
},
{
"lang": "en",
"value": "RHSA-2026:9097: Red Hat Enterprise Linux AppStream EUS (v.9.6)"
},
{
"lang": "en",
"value": "RHSA-2026:9098: Red Hat Enterprise Linux AppStream EUS (v.9.6)"
},
{
"lang": "en",
"value": "RHSA-2026:7259: Red Hat Enterprise Linux AppStream (v. 9)"
},
{
"lang": "en",
"value": "RHSA-2026:8841: Red Hat Enterprise Linux AppStream (v. 9)"
},
{
"lang": "en",
"value": "RHSA-2026:5942: Red Hat Enterprise Linux AppStream (v. 9)"
},
{
"lang": "en",
"value": "RHSA-2026:6382: Red Hat Enterprise Linux AppStream (v. 9)"
},
{
"lang": "en",
"value": "RHSA-2026:6383: Red Hat Enterprise Linux AppStream (v. 9)"
},
{
"lang": "en",
"value": "RHSA-2026:13671: Red Hat Enterprise Linux AppStream (v. 9)"
},
{
"lang": "en",
"value": "RHSA-2026:9044: Red Hat Enterprise Linux AppStream (v. 9)"
},
{
"lang": "en",
"value": "RHSA-2026:7315: Red Hat Enterprise Linux AppStream (v. 9), Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)"
},
{
"lang": "en",
"value": "RHSA-2026:29455: Red Hat Enterprise Linux AppStream (v. 9)"
},
{
"lang": "en",
"value": "RHSA-2026:29703: Red Hat Enterprise Linux AppStream (v. 9)"
},
{
"lang": "en",
"value": "RHSA-2026:19350: Red Hat Enterprise Linux AppStream (v. 9)"
},
{
"lang": "en",
"value": "RHSA-2026:19181: Red Hat Enterprise Linux AppStream (v. 9)"
},
{
"lang": "en",
"value": "RHSA-2026:19185: Red Hat Enterprise Linux AppStream (v. 9)"
},
{
"lang": "en",
"value": "RHSA-2026:19184: Red Hat Enterprise Linux AppStream (v. 9)"
},
{
"lang": "en",
"value": "RHSA-2026:23228: Red Hat Enterprise Linux AppStream (v. 9)"
},
{
"lang": "en",
"value": "RHSA-2026:19353: Red Hat Enterprise Linux AppStream (v. 9)"
},
{
"lang": "en",
"value": "RHSA-2026:22714: Red Hat Enterprise Linux AppStream (v. 9)"
},
{
"lang": "en",
"value": "RHSA-2026:26445: Red Hat Enterprise Linux AppStream (v. 9)"
},
{
"lang": "en",
"value": "RHSA-2026:19207: Red Hat Enterprise Linux AppStream (v. 9), Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)"
},
{
"lang": "en",
"value": "RHSA-2026:29702: Red Hat Enterprise Linux AppStream (v. 9)"
},
{
"lang": "en",
"value": "RHSA-2026:26636: Custom Metric Autoscaler 2.19"
},
{
"lang": "en",
"value": "RHSA-2026:9872: DevWorkspace Operator 0.4"
},
{
"lang": "en",
"value": "RHSA-2026:26585: Logging Subsystem for Red Hat OpenShift 6.0"
},
{
"lang": "en",
"value": "RHSA-2026:11800: Logging Subsystem for Red Hat OpenShift 6.2"
},
{
"lang": "en",
"value": "RHSA-2026:22862: Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"lang": "en",
"value": "RHSA-2026:22423: Multicluster Global Hub 1.3.4"
},
{
"lang": "en",
"value": "RHSA-2026:22347: Multicluster Global Hub 1.4.5"
},
{
"lang": "en",
"value": "RHSA-2026:5110: Multicluster Global Hub 1.5.4"
},
{
"lang": "en",
"value": "RHSA-2026:21769: Multicluster Global Hub 1.5.4"
},
{
"lang": "en",
"value": "RHSA-2026:23345: Multicluster Global Hub 1.6.2"
},
{
"lang": "en",
"value": "RHSA-2026:16874: Network Observability (NETOBSERV) 1.11.2"
},
{
"lang": "en",
"value": "RHSA-2026:29854: OpenShift API for Data Protection 1.4"
},
{
"lang": "en",
"value": "RHSA-2026:26568: OpenShift API for Data Protection 1.5"
},
{
"lang": "en",
"value": "RHSA-2026:8433: OpenShift Compliance Operator 1"
},
{
"lang": "en",
"value": "RHSA-2026:22627: OpenShift File Integrity Operator - FIO 1"
},
{
"lang": "en",
"value": "RHSA-2026:25127: Red Hat Advanced Cluster Management for Kubernetes 2.14"
},
{
"lang": "en",
"value": "RHSA-2026:8151: Red Hat Advanced Cluster Management for Kubernetes 2.15"
},
{
"lang": "en",
"value": "RHSA-2026:13829: Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"lang": "en",
"value": "RHSA-2026:20889: Red Hat Advanced Cluster Security for Kubernetes 4.10"
},
{
"lang": "en",
"value": "RHSA-2026:11217: Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"lang": "en",
"value": "RHSA-2026:13791: Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"lang": "en",
"value": "RHSA-2026:13545: Red Hat Ansible Automation Platform 2.6"
},
{
"lang": "en",
"value": "RHSA-2026:9742: Red Hat Developer Hub 1.8"
},
{
"lang": "en",
"value": "RHSA-2026:6802: Red Hat Developer Hub 1.9"
},
{
"lang": "en",
"value": "RHSA-2026:10140: Red Hat Enterprise Linux AI 3.3"
},
{
"lang": "en",
"value": "RHSA-2026:10141: Red Hat Enterprise Linux AI 3.3"
},
{
"lang": "en",
"value": "RHSA-2026:7385: Red Hat Hardened Images"
},
{
"lang": "en",
"value": "RHSA-2026:7291: Red Hat Hardened Images"
},
{
"lang": "en",
"value": "RHSA-2026:9052: Red Hat Lightspeed (formerly Insights) for Runtimes 1"
},
{
"lang": "en",
"value": "RHSA-2026:10184: Red Hat OpenShift AI 2.25"
},
{
"lang": "en",
"value": "RHSA-2026:5549: Red Hat OpenShift Builds 1.6.5"
},
{
"lang": "en",
"value": "RHSA-2026:10158: Red Hat OpenShift Builds 1.7.3"
},
{
"lang": "en",
"value": "RHSA-2026:12282: Red Hat OpenShift Container Platform 4.12"
},
{
"lang": "en",
"value": "RHSA-2026:21696: Red Hat OpenShift Container Platform 4.12"
},
{
"lang": "en",
"value": "RHSA-2026:14100: Red Hat OpenShift Container Platform 4.12"
},
{
"lang": "en",
"value": "RHSA-2026:21691: Red Hat OpenShift Container Platform 4.13"
},
{
"lang": "en",
"value": "RHSA-2026:15091: Red Hat OpenShift Container Platform 4.14"
},
{
"lang": "en",
"value": "RHSA-2026:28893: Red Hat OpenShift Container Platform 4.14"
},
{
"lang": "en",
"value": "RHSA-2026:14774: Red Hat OpenShift Container Platform 4.15"
},
{
"lang": "en",
"value": "RHSA-2026:20088: Red Hat OpenShift Container Platform 4.16"
},
{
"lang": "en",
"value": "RHSA-2026:17598: Red Hat OpenShift Container Platform 4.17"
},
{
"lang": "en",
"value": "RHSA-2026:21657: Red Hat OpenShift Container Platform 4.18"
},
{
"lang": "en",
"value": "RHSA-2026:20041: Red Hat OpenShift Container Platform 4.19"
},
{
"lang": "en",
"value": "RHSA-2026:6564: Red Hat OpenShift Container Platform 4.20"
},
{
"lang": "en",
"value": "RHSA-2026:10175: Red Hat OpenShift Dev Spaces 3.27"
},
{
"lang": "en",
"value": "RHSA-2026:11688: Red Hat OpenShift Service Mesh 2.6"
},
{
"lang": "en",
"value": "RHSA-2026:8483: Red Hat OpenShift Service Mesh 2.6"
},
{
"lang": "en",
"value": "RHSA-2026:11686: Red Hat OpenShift Service Mesh 2.6"
},
{
"lang": "en",
"value": "RHSA-2026:9440: Red Hat OpenShift Service Mesh 3.0"
},
{
"lang": "en",
"value": "RHSA-2026:8484: Red Hat OpenShift Service Mesh 3.0"
},
{
"lang": "en",
"value": "RHSA-2026:9448: Red Hat OpenShift Service Mesh 3.1"
},
{
"lang": "en",
"value": "RHSA-2026:8490: Red Hat OpenShift Service Mesh 3.1"
},
{
"lang": "en",
"value": "RHSA-2026:9453: Red Hat OpenShift Service Mesh 3.2"
},
{
"lang": "en",
"value": "RHSA-2026:8491: Red Hat OpenShift Service Mesh 3.2"
},
{
"lang": "en",
"value": "RHSA-2026:9461: Red Hat OpenShift Service Mesh 3.3"
},
{
"lang": "en",
"value": "RHSA-2026:8493: Red Hat OpenShift Service Mesh 3.3"
},
{
"lang": "en",
"value": "RHSA-2026:9385: Red Hat OpenShift distributed tracing 3.9.3"
},
{
"lang": "en",
"value": "RHSA-2026:14020: Red Hat OpenStack 1.5"
},
{
"lang": "en",
"value": "RHSA-2026:11747: Red Hat OpenStack Services on OpenShift 18"
},
{
"lang": "en",
"value": "RHSA-2026:11916: Red Hat Quay 3.10"
},
{
"lang": "en",
"value": "RHSA-2026:6720: Red Hat Quay 3.12"
},
{
"lang": "en",
"value": "RHSA-2026:11856: Red Hat Quay 3.12"
},
{
"lang": "en",
"value": "RHSA-2026:21017: Red Hat Quay 3.14"
},
{
"lang": "en",
"value": "RHSA-2026:24853: Red Hat Quay 3.15"
},
{
"lang": "en",
"value": "RHSA-2026:19375: Red Hat Quay 3.16"
},
{
"lang": "en",
"value": "RHSA-2026:11996: Red Hat Quay 3.9"
},
{
"lang": "en",
"value": "RHSA-2026:14879: Red Hat Satellite 6.18"
},
{
"lang": "en",
"value": "RHSA-2026:10125: Red Hat Trusted Artifact Signer 1.3"
},
{
"lang": "en",
"value": "RHSA-2026:10065: Red Hat Update Infrastructure 5"
},
{
"lang": "en",
"value": "RHSA-2026:11768: Red Hat Update Infrastructure 5"
},
{
"lang": "en",
"value": "RHSA-2026:10250: Red Hat Web Terminal 1.11"
},
{
"lang": "en",
"value": "RHSA-2026:10225: Red Hat Web Terminal 1.12"
},
{
"lang": "en",
"value": "RHSA-2026:8338: Red Hat Web Terminal 1.13"
},
{
"lang": "en",
"value": "RHSA-2026:8337: Red Hat Web Terminal 1.14"
},
{
"lang": "en",
"value": "RHSA-2026:8167: Red Hat Web Terminal 1.15"
},
{
"lang": "en",
"value": "RHSA-2026:28441: mirror registry for Red Hat OpenShift 2.0"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-03-06T22:02:11.567Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2026-03-06T21:28:14.211Z",
"value": "Made public."
}
],
"title": "net/url: Incorrect parsing of IPv6 host literals in net/url",
"workarounds": [
{
"lang": "en",
"value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
}
],
"x_adpType": "supplier",
"x_generator": {
"engine": "sadp-cli 1.0.0"
}
}
],
"cna": {
"affected": [
{
"collectionURL": "https://pkg.go.dev",
"defaultStatus": "unaffected",
"packageName": "net/url",
"product": "net/url",
"programRoutines": [
{
"name": "parseHost"
},
{
"name": "JoinPath"
},
{
"name": "Parse"
},
{
"name": "ParseRequestURI"
},
{
"name": "URL.Parse"
},
{
"name": "URL.UnmarshalBinary"
}
],
"vendor": "Go standard library",
"versions": [
{
"lessThan": "1.25.8",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "1.26.1",
"status": "affected",
"version": "1.26.0-0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Masaki Hara (https://github.com/qnighy) of Wantedly"
}
],
"descriptions": [
{
"lang": "en",
"value": "url.Parse insufficiently validated the host/authority component and accepted some invalid URLs."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-1286: Improper Validation of Syntactic Correctness of Input",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-06T21:28:14.211Z",
"orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"shortName": "Go"
},
"references": [
{
"url": "https://go.dev/cl/752180"
},
{
"url": "https://go.dev/issue/77578"
},
{
"url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk"
},
{
"url": "https://pkg.go.dev/vuln/GO-2026-4601"
}
],
"title": "Incorrect parsing of IPv6 host literals in net/url"
}
},
"cveMetadata": {
"assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"assignerShortName": "Go",
"cveId": "CVE-2026-25679",
"datePublished": "2026-03-06T21:28:14.211Z",
"dateReserved": "2026-02-05T01:33:41.943Z",
"dateUpdated": "2026-07-02T12:04:52.558Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2026-25679",
"date": "2026-07-02",
"epss": "0.00728",
"percentile": "0.49682"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2026-25679\",\"sourceIdentifier\":\"security@golang.org\",\"published\":\"2026-03-06T22:16:00.720\",\"lastModified\":\"2026-07-02T12:16:57.677\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"url.Parse insufficiently validated the host/authority component and accepted some invalid URLs.\"},{\"lang\":\"es\",\"value\":\"url.Parse valid\u00f3 insuficientemente el componente de host/autoridad y acept\u00f3 algunas URL inv\u00e1lidas.\"}],\"affected\":[{\"source\":\"security@golang.org\",\"affectedData\":[{\"vendor\":\"Go standard library\",\"product\":\"net/url\",\"defaultStatus\":\"unaffected\",\"collectionURL\":\"https://pkg.go.dev\",\"packageName\":\"net/url\",\"programRoutines\":[{\"name\":\"parseHost\"},{\"name\":\"JoinPath\"},{\"name\":\"Parse\"},{\"name\":\"ParseRequestURI\"},{\"name\":\"URL.Parse\"},{\"name\":\"URL.UnmarshalBinary\"}],\"versions\":[{\"version\":\"0\",\"lessThan\":\"1.25.8\",\"versionType\":\"semver\",\"status\":\"affected\"},{\"version\":\"1.26.0-0\",\"lessThan\":\"1.26.1\",\"versionType\":\"semver\",\"status\":\"affected\"}]}]},{\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"affectedData\":[{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Ansible Automation Platform 2.6 for RHEL 10\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:ansible_automation_platform:2.6::el10\",\"cpe:/a:redhat:ansible_automation_platform_developer:2.6::el10\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux Server (v. 7 ELS)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:rhel_els:7\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Ansible Automation Platform 2.5 for RHEL 8\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:ansible_automation_platform:2.5::el8\",\"cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8\",\"cpe:/a:redhat:ansible_automation_platform_inside:2.5::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Container Platform 4.12\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift:4.12::el8\",\"cpe:/a:redhat:openshift:4.12::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Container Platform 4.13\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift:4.13::el8\",\"cpe:/a:redhat:openshift:4.13::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Container Platform 4.14\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift:4.14::el8\",\"cpe:/a:redhat:openshift:4.14::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Container Platform 4.16\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift:4.16::el8\",\"cpe:/a:redhat:openshift:4.16::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Container Platform 4.18\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift:4.18::el8\",\"cpe:/a:redhat:openshift:4.18::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Satellite 6.16 for RHEL 8\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:satellite:6.16::el8\",\"cpe:/a:redhat:satellite_capsule:6.16::el8\",\"cpe:/a:redhat:satellite_maintenance:6.16::el8\",\"cpe:/a:redhat:satellite_utils:6.16::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Ansible Automation Platform 2.5 for RHEL 9\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:ansible_automation_platform:2.5::el9\",\"cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9\",\"cpe:/a:redhat:ansible_automation_platform_inside:2.5::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Ansible Automation Platform 2.6 for RHEL 9\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:ansible_automation_platform:2.6::el9\",\"cpe:/a:redhat:ansible_automation_platform_developer:2.6::el9\",\"cpe:/a:redhat:ansible_automation_platform_inside:2.6::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Cryostat 4 on RHEL 9\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:cryostat:4::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenStack Platform 17.1\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openstack:17.1\",\"cpe:/a:redhat:openstack:17.1::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Satellite 6.16 for RHEL 9\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:satellite:6.16::el9\",\"cpe:/a:redhat:satellite_capsule:6.16::el9\",\"cpe:/a:redhat:satellite_maintenance:6.16::el9\",\"cpe:/a:redhat:satellite_utils:6.16::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Satellite 6.19 for RHEL 9\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:satellite:6.19::el9\",\"cpe:/a:redhat:satellite_capsule:6.19::el9\",\"cpe:/a:redhat:satellite_maintenance:6.19::el9\",\"cpe:/a:redhat:satellite_utils:6.19::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AppStream EUS (v. 10.0)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux_eus:10.0\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AppStream (v. 10)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:10.1\",\"cpe:/o:redhat:enterprise_linux:10.2\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AppStream (v. 8)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:enterprise_linux:8::appstream\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AppStream AUS (v. 8.2)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhel_aus:8.2::appstream\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AppStream AUS (v.8.4)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhel_aus:8.4::appstream\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhel_eus_long_life:8.4::appstream\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AppStream AUS (v.8.6)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhel_aus:8.6::appstream\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AppStream E4S (v.8.6)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhel_e4s:8.6::appstream\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AppStream TUS (v.8.6)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhel_tus:8.6::appstream\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AppStream E4S (v.8.8)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhel_e4s:8.8::appstream\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AppStream TUS (v.8.8)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhel_tus:8.8::appstream\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AppStream E4S (v.9.0)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhel_e4s:9.0::appstream\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AppStream E4S (v.9.2)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhel_e4s:9.2::appstream\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AppStream E4S (v.9.4)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhel_e4s:9.4::appstream\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AppStream EUS (v.9.4)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhel_eus:9.4::appstream\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AppStream EUS (v.9.6)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhel_eus:9.6::appstream\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AppStream (v. 9)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:enterprise_linux:9::appstream\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux_eus:10.0\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:10.1\",\"cpe:/o:redhat:enterprise_linux:10.2\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat CodeReady Linux Builder EUS (v.9.4)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhel_eus:9.4::crb\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat CodeReady Linux Builder EUS (v.9.6)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhel_eus:9.6::crb\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:enterprise_linux:9::crb\"]},{\"vendor\":\"Red Hat\",\"product\":\"Custom Metric Autoscaler 2.19\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_custom_metrics_autoscaler:2.19::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"DevWorkspace Operator 0.4\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:devworkspace:0.40::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Logging Subsystem for Red Hat OpenShift 6.0\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:logging:6.0::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Logging Subsystem for Red Hat OpenShift 6.2\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:logging:6.2::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Logging Subsystem for Red Hat OpenShift 6.4\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:logging:6.4::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Multicluster Global Hub 1.3.4\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:multicluster_globalhub:1.3::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Multicluster Global Hub 1.4.5\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:multicluster_globalhub:1.4::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Multicluster Global Hub 1.5.4\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:multicluster_globalhub:1.5::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Multicluster Global Hub 1.6.2\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:multicluster_globalhub:1.6::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Network Observability (NETOBSERV) 1.11.2\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:network_observ_optr:1.11::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"OpenShift API for Data Protection 1.4\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_api_data_protection:1.4::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"OpenShift API for Data Protection 1.5\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_api_data_protection:1.5::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"OpenShift Compliance Operator 1\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_compliance_operator:1::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"OpenShift File Integrity Operator - FIO 1\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_file_integrity_operator:1::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Advanced Cluster Management for Kubernetes 2.14\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:acm:2.14::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Advanced Cluster Management for Kubernetes 2.15\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:acm:2.15::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Advanced Cluster Security for Kubernetes 4.10\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:advanced_cluster_security:4.10::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Advanced Cluster Security for Kubernetes 4.8\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:advanced_cluster_security:4.8::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Advanced Cluster Security for Kubernetes 4.9\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:advanced_cluster_security:4.9::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Ansible Automation Platform 2.6\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:ansible_automation_platform:2.6::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Developer Hub 1.8\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhdh:1.8::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Developer Hub 1.9\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhdh:1.9::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AI 3.3\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:enterprise_linux_ai:3.3::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Hardened Images\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:hummingbird:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Lightspeed (formerly Insights) for Runtimes 1\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:lightspeed_for_runtimes:1.0::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift AI 2.25\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_ai:2.25::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Builds 1.6.5\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_builds:1.6::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Builds 1.7.3\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_builds:1.7::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Container Platform 4.15\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift:4.15::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Container Platform 4.17\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift:4.17::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Container Platform 4.19\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift:4.19::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Container Platform 4.20\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift:4.20::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Dev Spaces 3.27\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_devspaces:3.27::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Service Mesh 2.6\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:service_mesh:2.6::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Service Mesh 3.0\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:service_mesh:3.0::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Service Mesh 3.1\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:service_mesh:3.1::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Service Mesh 3.2\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:service_mesh:3.2::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Service Mesh 3.3\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:service_mesh:3.3::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift distributed tracing 3.9.3\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_distributed_tracing:3.9::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenStack 1.5\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:stf:1.5::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenStack Services on OpenShift 18\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openstack:18.0::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Quay 3.10\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:quay:3.10::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Quay 3.12\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:quay:3.12::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Quay 3.14\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:quay:3.14::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Quay 3.15\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:quay:3.15::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Quay 3.16\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:quay:3.16::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Quay 3.9\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:quay:3.9::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Satellite 6.18\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:satellite:6.18::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Trusted Artifact Signer 1.3\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:trusted_artifact_signer:1.3::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Update Infrastructure 5\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhui:5::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Web Terminal 1.11\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:webterminal:1.11::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Web Terminal 1.12\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:webterminal:1.12::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Web Terminal 1.13\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:webterminal:1.13::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Web Terminal 1.14\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:webterminal:1.14::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Web Terminal 1.15\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:webterminal:1.15::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"mirror registry for Red Hat OpenShift 2.0\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:mirror_registry:2.0::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Assisted Installer for Red Hat OpenShift Container Platform 2\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:assisted_installer:2\"]},{\"vendor\":\"Red Hat\",\"product\":\"cert-manager Operator for Red Hat OpenShift\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:cert_manager:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Confidential Compute Attestation\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:confidential_compute_attestation:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Deployment Validation Operator\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:deployment_validator_operator\"]},{\"vendor\":\"Red Hat\",\"product\":\"External Secrets Operator for Red Hat OpenShift\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:external_secrets_operator:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"ExternalDNS Operator\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:ext_dns_optr:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Fence Agents Remediation Operator\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:workload_availability_far:0\"]},{\"vendor\":\"Red Hat\",\"product\":\"Gatekeeper 3\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:gatekeeper:3\"]},{\"vendor\":\"Red Hat\",\"product\":\"Logging Subsystem for Red Hat OpenShift\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:logging:5\"]},{\"vendor\":\"Red Hat\",\"product\":\"Logical Volume Manager Storage\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:lvms:4\"]},{\"vendor\":\"Red Hat\",\"product\":\"Machine Deletion Remediation Operator\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:workload_availability_mdr:0\"]},{\"vendor\":\"Red Hat\",\"product\":\"Migration Toolkit for Containers\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhmt:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"mirror registry for Red Hat OpenShift\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:mirror_registry:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Multicluster Engine for Kubernetes\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:multicluster_engine\"]},{\"vendor\":\"Red Hat\",\"product\":\"OpenShift Developer Tools and Services\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:ocp_tools\"]},{\"vendor\":\"Red Hat\",\"product\":\"OpenShift Lightspeed\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_lightspeed\"]},{\"vendor\":\"Red Hat\",\"product\":\"OpenShift Pipelines\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_pipelines:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"OpenShift Serverless\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:serverless:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"OpenShift Service Mesh 2\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:service_mesh:2\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat 3scale API Management Platform 2\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:red_hat_3scale_amp:2\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Certification Program for Red Hat Enterprise Linux 9\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:certifications:9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Connectivity Link 1\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:connectivity_link:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Edge Manager 1\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:edge_manager:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux 10\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:10\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux 7\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:7\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux 8\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux 9\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Cluster Manager CLI\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_cluster_manager_cli:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Container Platform 4\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift:4\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Openshift Data Foundation 4\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_data_foundation:4\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift GitOps\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_gitops:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift on AWS\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_service_on_aws:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Virtualization 4\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:container_native_virtualization:4\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenStack Platform 16.2\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openstack:16.2\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenStack Platform 18.0\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openstack:18.0\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Quay 3\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:quay:3\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Satellite 6\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:satellite:6\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Service Interconnect 1\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:service_interconnect:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Service Interconnect 2\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:service_interconnect:2\"]},{\"vendor\":\"Red Hat\",\"product\":\"Security Profiles Operator\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_security_profiles_operator:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"streams for Apache Kafka 3\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:amq_streams:3\"]},{\"vendor\":\"Red Hat\",\"product\":\"Zero Trust Workload Identity Manager\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:zero_trust_workload_identity_manager:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Zero Trust Workload Identity Manager - Tech Preview\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:zero_trust_workload_identity_manager:0\"]},{\"vendor\":\"Red Hat\",\"product\":\"Migration Toolkit for Applications 8\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/a:redhat:migration_toolkit_applications:8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Node HealthCheck Operator\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/a:redhat:workload_availability_nhc:0\"]},{\"vendor\":\"Red Hat\",\"product\":\"Power monitoring for Red Hat OpenShift\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/a:redhat:openshift_power_monitoring\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat AMQ Clients\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/a:redhat:amq_clients:2023\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Ansible Automation Platform 2\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/a:redhat:ansible_automation_platform:2\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat build of Apache Camel - HawtIO 4\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/a:redhat:apache_camel_hawtio:4\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift AI (RHOAI)\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/a:redhat:openshift_ai\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift for Windows Containers\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/a:redhat:windows_machine_config\"]}]}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6},{\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2026-03-10T13:36:26.554241Z\",\"id\":\"CVE-2026-25679\",\"options\":[{\"exploitation\":\"none\"},{\"automatable\":\"yes\"},{\"technicalImpact\":\"partial\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-425\"}]},{\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-1286\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.25.8\",\"matchCriteriaId\":\"2D293CC0-B163-4E62-B985-52FB6ECA64C5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:go:1.26.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A40FE3CB-0D03-462B-8A19-4DF1920ABE82\"}]}]}],\"references\":[{\"url\":\"https://go.dev/cl/752180\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://go.dev/issue/77578\",\"source\":\"security@golang.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk\",\"source\":\"security@golang.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://pkg.go.dev/vuln/GO-2026-4601\",\"source\":\"security@golang.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:10065\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:10125\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:10133\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:10140\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:10141\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:10158\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:10169\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:10175\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:10184\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:10225\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:10250\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:10701\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:10712\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:10929\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:11217\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:11375\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:11412\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:11413\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:11686\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:11688\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:11747\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:11749\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:11768\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:11800\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:11856\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:11916\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:11996\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:12028\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:12029\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:12030\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:12031\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:12032\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:12033\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:12282\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:13508\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:13512\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:13545\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:13642\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:13643\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:13671\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:13791\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:13829\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:14020\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:14100\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:14774\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:14868\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:14879\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:15091\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:16102\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:16696\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:16874\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:16875\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:17040\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:17084\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:17287\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:17598\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:19017\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:19022\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:19026\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:19027\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:19031\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:19032\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:19049\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:19055\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:19126\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:19128\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:19132\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:19133\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:19135\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:19181\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:19184\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:19185\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:19207\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:19350\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:19353\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:19375\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:19475\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:19634\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:19719\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:19720\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:19721\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:19750\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:20041\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:20088\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:20581\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:20582\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:20584\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:20889\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:21017\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:21655\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:21657\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:21691\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:21696\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:21769\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:22347\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:22423\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:22450\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:22627\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:22714\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:22733\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:22862\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:22937\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:23228\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:23345\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:24386\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:24853\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:25043\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:25127\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:25180\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:25248\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:25250\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:25251\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:25252\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:25253\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:26445\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:26527\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:26541\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:26568\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:26585\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:26636\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:27076\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:28047\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:28441\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:28886\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:28893\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:29035\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:29195\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:29455\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:29702\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:29703\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:29854\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:33722\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:34365\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:5110\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:5549\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:5941\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:5942\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:5943\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:5944\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:6341\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:6344\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:6382\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:6383\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:6388\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:6564\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:6720\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:6802\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:6949\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:7005\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:7009\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:7011\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:7259\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:7291\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:7315\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:7328\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:7385\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:7665\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:7669\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:7674\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:7833\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:7834\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:7876\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:7877\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:7878\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:7879\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:7883\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:7992\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:8151\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:8167\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:8314\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:8322\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:8324\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:8337\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:8338\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:8433\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:8434\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:8456\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:8483\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:8484\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:8490\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:8491\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:8493\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:8840\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:8841\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:8842\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:8845\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:8847\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:8848\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:8849\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:8851\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:8852\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:8853\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:8855\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:8856\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:8860\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:8877\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:8878\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:8879\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:8881\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:8882\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:8930\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:8931\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:8949\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:9043\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:9044\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:9052\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:9090\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:9093\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:9094\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:9097\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:9098\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:9108\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:9109\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:9385\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:9434\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:9435\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:9436\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:9439\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:9440\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:9448\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:9453\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:9461\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:9695\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:9742\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:9872\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/security/cve/CVE-2026-25679\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2445356\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-25679.json\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"net/url: Incorrect parsing of IPv6 host literals in net/url\", \"metrics\": [{\"other\": {\"type\": \"Red Hat severity rating\", \"content\": {\"value\": \"Important\", \"namespace\": \"https://access.redhat.com/security/updates/classification/\"}}}, {\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"cpes\": [\"cpe:/a:redhat:ansible_automation_platform:2.6::el10\", \"cpe:/a:redhat:ansible_automation_platform_developer:2.6::el10\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Ansible Automation Platform 2.6 for RHEL 10\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:rhel_els:7\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux Server (v. 7 ELS)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:ansible_automation_platform:2.5::el8\", \"cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8\", \"cpe:/a:redhat:ansible_automation_platform_inside:2.5::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Ansible Automation Platform 2.5 for RHEL 8\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.12::el8\", \"cpe:/a:redhat:openshift:4.12::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.12\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.13::el8\", \"cpe:/a:redhat:openshift:4.13::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.13\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.14::el8\", \"cpe:/a:redhat:openshift:4.14::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.14\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.16::el8\", \"cpe:/a:redhat:openshift:4.16::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.16\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.18::el8\", \"cpe:/a:redhat:openshift:4.18::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.18\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:satellite:6.16::el8\", \"cpe:/a:redhat:satellite_capsule:6.16::el8\", \"cpe:/a:redhat:satellite_maintenance:6.16::el8\", \"cpe:/a:redhat:satellite_utils:6.16::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Satellite 6.16 for RHEL 8\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:ansible_automation_platform:2.5::el9\", \"cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9\", \"cpe:/a:redhat:ansible_automation_platform_inside:2.5::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Ansible Automation Platform 2.5 for RHEL 9\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:ansible_automation_platform:2.6::el9\", \"cpe:/a:redhat:ansible_automation_platform_developer:2.6::el9\", \"cpe:/a:redhat:ansible_automation_platform_inside:2.6::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Ansible Automation Platform 2.6 for RHEL 9\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:cryostat:4::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Cryostat 4 on RHEL 9\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openstack:17.1\", \"cpe:/a:redhat:openstack:17.1::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenStack Platform 17.1\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:satellite:6.16::el9\", \"cpe:/a:redhat:satellite_capsule:6.16::el9\", \"cpe:/a:redhat:satellite_maintenance:6.16::el9\", \"cpe:/a:redhat:satellite_utils:6.16::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Satellite 6.16 for RHEL 9\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:satellite:6.19::el9\", \"cpe:/a:redhat:satellite_capsule:6.19::el9\", \"cpe:/a:redhat:satellite_maintenance:6.19::el9\", \"cpe:/a:redhat:satellite_utils:6.19::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Satellite 6.19 for RHEL 9\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux_eus:10.0\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AppStream EUS (v. 10.0)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:10.1\", \"cpe:/o:redhat:enterprise_linux:10.2\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AppStream (v. 10)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux:8::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AppStream (v. 8)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_aus:8.2::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AppStream AUS (v. 8.2)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_aus:8.4::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AppStream AUS (v.8.4)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_eus_long_life:8.4::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_aus:8.6::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AppStream AUS (v.8.6)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_e4s:8.6::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AppStream E4S (v.8.6)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_tus:8.6::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AppStream TUS (v.8.6)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_e4s:8.8::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AppStream E4S (v.8.8)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_tus:8.8::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AppStream TUS (v.8.8)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_e4s:9.0::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AppStream E4S (v.9.0)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_e4s:9.2::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AppStream E4S (v.9.2)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_e4s:9.4::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AppStream E4S (v.9.4)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_eus:9.4::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AppStream EUS (v.9.4)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_eus:9.6::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AppStream EUS (v.9.6)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux:9::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AppStream (v. 9)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux_eus:10.0\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:10.1\", \"cpe:/o:redhat:enterprise_linux:10.2\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_eus:9.4::crb\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat CodeReady Linux Builder EUS (v.9.4)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_eus:9.6::crb\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat CodeReady Linux Builder EUS (v.9.6)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux:9::crb\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_custom_metrics_autoscaler:2.19::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Custom Metric Autoscaler 2.19\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:devworkspace:0.40::el9\"], \"vendor\": \"Red Hat\", \"product\": \"DevWorkspace Operator 0.4\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:logging:6.0::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Logging Subsystem for Red Hat OpenShift 6.0\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:logging:6.2::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Logging Subsystem for Red Hat OpenShift 6.2\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:logging:6.4::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Logging Subsystem for Red Hat OpenShift 6.4\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:multicluster_globalhub:1.3::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Multicluster Global Hub 1.3.4\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:multicluster_globalhub:1.4::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Multicluster Global Hub 1.4.5\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:multicluster_globalhub:1.5::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Multicluster Global Hub 1.5.4\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:multicluster_globalhub:1.6::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Multicluster Global Hub 1.6.2\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:network_observ_optr:1.11::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Network Observability (NETOBSERV) 1.11.2\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_api_data_protection:1.4::el9\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift API for Data Protection 1.4\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_api_data_protection:1.5::el9\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift API for Data Protection 1.5\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_compliance_operator:1::el9\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Compliance Operator 1\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_file_integrity_operator:1::el9\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift File Integrity Operator - FIO 1\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:acm:2.14::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Advanced Cluster Management for Kubernetes 2.14\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:acm:2.15::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Advanced Cluster Management for Kubernetes 2.15\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:advanced_cluster_security:4.10::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Advanced Cluster Security for Kubernetes 4.10\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:advanced_cluster_security:4.8::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Advanced Cluster Security for Kubernetes 4.8\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:advanced_cluster_security:4.9::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Advanced Cluster Security for Kubernetes 4.9\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:ansible_automation_platform:2.6::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Ansible Automation Platform 2.6\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhdh:1.8::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Developer Hub 1.8\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhdh:1.9::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Developer Hub 1.9\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux_ai:3.3::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AI 3.3\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:hummingbird:1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Hardened Images\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:lightspeed_for_runtimes:1.0::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Lightspeed (formerly Insights) for Runtimes 1\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_ai:2.25::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift AI 2.25\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_builds:1.6::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Builds 1.6.5\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_builds:1.7::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Builds 1.7.3\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.15::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.15\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.17::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.17\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.19::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.19\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.20::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.20\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_devspaces:3.27::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Dev Spaces 3.27\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:service_mesh:2.6::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Service Mesh 2.6\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:service_mesh:3.0::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Service Mesh 3.0\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:service_mesh:3.1::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Service Mesh 3.1\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:service_mesh:3.2::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Service Mesh 3.2\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:service_mesh:3.3::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Service Mesh 3.3\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_distributed_tracing:3.9::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift distributed tracing 3.9.3\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:stf:1.5::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenStack 1.5\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openstack:18.0::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenStack Services on OpenShift 18\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:quay:3.10::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Quay 3.10\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:quay:3.12::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Quay 3.12\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:quay:3.14::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Quay 3.14\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:quay:3.15::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Quay 3.15\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:quay:3.16::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Quay 3.16\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:quay:3.9::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Quay 3.9\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:satellite:6.18::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Satellite 6.18\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:trusted_artifact_signer:1.3::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Trusted Artifact Signer 1.3\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhui:5::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Update Infrastructure 5\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:webterminal:1.11::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Web Terminal 1.11\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:webterminal:1.12::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Web Terminal 1.12\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:webterminal:1.13::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Web Terminal 1.13\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:webterminal:1.14::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Web Terminal 1.14\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:webterminal:1.15::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Web Terminal 1.15\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:mirror_registry:2.0::el8\"], \"vendor\": \"Red Hat\", \"product\": \"mirror registry for Red Hat OpenShift 2.0\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:assisted_installer:2\"], \"vendor\": \"Red Hat\", \"product\": \"Assisted Installer for Red Hat OpenShift Container Platform 2\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:cert_manager:1\"], \"vendor\": \"Red Hat\", \"product\": \"cert-manager Operator for Red Hat OpenShift\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:confidential_compute_attestation:1\"], \"vendor\": \"Red Hat\", \"product\": \"Confidential Compute Attestation\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:deployment_validator_operator\"], \"vendor\": \"Red Hat\", \"product\": \"Deployment Validation Operator\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:external_secrets_operator:1\"], \"vendor\": \"Red Hat\", \"product\": \"External Secrets Operator for Red Hat OpenShift\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:ext_dns_optr:1\"], \"vendor\": \"Red Hat\", \"product\": \"ExternalDNS Operator\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:workload_availability_far:0\"], \"vendor\": \"Red Hat\", \"product\": \"Fence Agents Remediation Operator\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:gatekeeper:3\"], \"vendor\": \"Red Hat\", \"product\": \"Gatekeeper 3\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:logging:5\"], \"vendor\": \"Red Hat\", \"product\": \"Logging Subsystem for Red Hat OpenShift\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:lvms:4\"], \"vendor\": \"Red Hat\", \"product\": \"Logical Volume Manager Storage\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:workload_availability_mdr:0\"], \"vendor\": \"Red Hat\", \"product\": \"Machine Deletion Remediation Operator\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhmt:1\"], \"vendor\": \"Red Hat\", \"product\": \"Migration Toolkit for Containers\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:mirror_registry:1\"], \"vendor\": \"Red Hat\", \"product\": \"mirror registry for Red Hat OpenShift\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:multicluster_engine\"], \"vendor\": \"Red Hat\", \"product\": \"Multicluster Engine for Kubernetes\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:ocp_tools\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Developer Tools and Services\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_lightspeed\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Lightspeed\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_pipelines:1\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Pipelines\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:serverless:1\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Serverless\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:service_mesh:2\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Service Mesh 2\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:red_hat_3scale_amp:2\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat 3scale API Management Platform 2\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:certifications:9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Certification Program for Red Hat Enterprise Linux 9\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:connectivity_link:1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Connectivity Link 1\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:edge_manager:1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Edge Manager 1\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:10\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 10\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:7\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 7\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_cluster_manager_cli:1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Cluster Manager CLI\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_data_foundation:4\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Openshift Data Foundation 4\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_gitops:1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift GitOps\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_service_on_aws:1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift on AWS\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:container_native_virtualization:4\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Virtualization 4\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openstack:16.2\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenStack Platform 16.2\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openstack:18.0\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenStack Platform 18.0\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:quay:3\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Quay 3\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:satellite:6\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Satellite 6\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:service_interconnect:1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Service Interconnect 1\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:service_interconnect:2\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Service Interconnect 2\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_security_profiles_operator:1\"], \"vendor\": \"Red Hat\", \"product\": \"Security Profiles Operator\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:amq_streams:3\"], \"vendor\": \"Red Hat\", \"product\": \"streams for Apache Kafka 3\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:zero_trust_workload_identity_manager:1\"], \"vendor\": \"Red Hat\", \"product\": \"Zero Trust Workload Identity Manager\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:zero_trust_workload_identity_manager:0\"], \"vendor\": \"Red Hat\", \"product\": \"Zero Trust Workload Identity Manager - Tech Preview\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:migration_toolkit_applications:8\"], \"vendor\": \"Red Hat\", \"product\": \"Migration Toolkit for Applications 8\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:workload_availability_nhc:0\"], \"vendor\": \"Red Hat\", \"product\": \"Node HealthCheck Operator\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_power_monitoring\"], \"vendor\": \"Red Hat\", \"product\": \"Power monitoring for Red Hat OpenShift\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:amq_clients:2023\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat AMQ Clients\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:ansible_automation_platform:2\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Ansible Automation Platform 2\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:apache_camel_hawtio:4\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat build of Apache Camel - HawtIO 4\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_ai\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift AI (RHOAI)\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:windows_machine_config\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift for Windows Containers\", \"defaultStatus\": \"unaffected\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2026-03-06T22:02:11.567Z\", \"value\": \"Reported to Red Hat.\"}, {\"lang\": \"en\", \"time\": \"2026-03-06T21:28:14.211Z\", \"value\": \"Made public.\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"RHSA-2026:13508: Red Hat Ansible Automation Platform 2.6 for RHEL 10, Red Hat Ansible Automation Platform 2.6 for RHEL 9\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:8855: Red Hat Enterprise Linux Server (v. 7 ELS)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:13512: Red Hat Ansible Automation Platform 2.5 for RHEL 8, Red Hat Ansible Automation Platform 2.5 for RHEL 9\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:26527: Red Hat OpenShift Container Platform 4.12\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:26541: Red Hat OpenShift Container Platform 4.13\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:28886: Red Hat OpenShift Container Platform 4.14\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:25043: Red Hat OpenShift Container Platform 4.16\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:21655: Red Hat OpenShift Container Platform 4.18\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:25180: Red Hat OpenShift Container Platform 4.18\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:27076: Red Hat Satellite 6.16 for RHEL 8, Red Hat Satellite 6.16 for RHEL 9\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:6341: Cryostat 4 on RHEL 9\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:28047: Red Hat OpenStack Platform 17.1\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:34365: Red Hat Satellite 6.19 for RHEL 9\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:14868: Red Hat Enterprise Linux AppStream EUS (v. 10.0)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:8314: Red Hat Enterprise Linux AppStream EUS (v. 10.0)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:9435: Red Hat Enterprise Linux AppStream EUS (v. 10.0)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:8856: Red Hat Enterprise Linux AppStream EUS (v. 10.0)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:5943: Red Hat Enterprise Linux AppStream EUS (v. 10.0)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:10133: Red Hat Enterprise Linux AppStream EUS (v. 10.0)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:8849: Red Hat Enterprise Linux AppStream EUS (v. 10.0)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:8931: Red Hat Enterprise Linux AppStream EUS (v. 10.0)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:17084: Red Hat Enterprise Linux AppStream EUS (v. 10.0)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:19719: Red Hat Enterprise Linux AppStream EUS (v. 10.0)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:19750: Red Hat Enterprise Linux AppStream EUS (v. 10.0)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:17040: Red Hat Enterprise Linux AppStream EUS (v. 10.0), Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:7328: Red Hat Enterprise Linux AppStream EUS (v. 10.0)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:10929: Red Hat Enterprise Linux AppStream EUS (v. 10.0)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:16696: Red Hat Enterprise Linux AppStream EUS (v. 10.0)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:11375: Red Hat Enterprise Linux AppStream EUS (v. 10.0), Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:10701: Red Hat Enterprise Linux AppStream EUS (v. 10.0)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:8842: Red Hat Enterprise Linux AppStream (v. 10)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:7005: Red Hat Enterprise Linux AppStream (v. 10)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:8840: Red Hat Enterprise Linux AppStream (v. 10)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:5941: Red Hat Enterprise Linux AppStream (v. 10)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:7992: Red Hat Enterprise Linux AppStream (v. 10)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:6344: Red Hat Enterprise Linux AppStream (v. 10)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:6388: Red Hat Enterprise Linux AppStream (v. 10)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:13642: Red Hat Enterprise Linux AppStream (v. 10)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:13643: Red Hat Enterprise Linux AppStream (v. 10)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:7669: Red Hat Enterprise Linux AppStream (v. 10)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:10169: Red Hat Enterprise Linux AppStream (v. 10)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:11413: Red Hat Enterprise Linux AppStream (v. 10), Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:11412: Red Hat Enterprise Linux AppStream (v. 10)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:19032: Red Hat Enterprise Linux AppStream (v. 10)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:29195: Red Hat Enterprise Linux AppStream (v. 10)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:19133: Red Hat Enterprise Linux AppStream (v. 10)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:19022: Red Hat Enterprise Linux AppStream (v. 10)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:19027: Red Hat Enterprise Linux AppStream (v. 10)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:19026: Red Hat Enterprise Linux AppStream (v. 10)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:22937: Red Hat Enterprise Linux AppStream (v. 10)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:19049: Red Hat Enterprise Linux AppStream (v. 10)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:19135: Red Hat Enterprise Linux AppStream (v. 10)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:22450: Red Hat Enterprise Linux AppStream (v. 10)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:19017: Red Hat Enterprise Linux AppStream (v. 10), Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:24386: Red Hat Enterprise Linux AppStream (v. 10), Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:19055: Red Hat Enterprise Linux AppStream (v. 10)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:19132: Red Hat Enterprise Linux AppStream (v. 10)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:19031: Red Hat Enterprise Linux AppStream (v. 10)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:29035: Red Hat Enterprise Linux AppStream (v. 10)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:19126: Red Hat Enterprise Linux AppStream (v. 10), Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:19128: Red Hat Enterprise Linux AppStream (v. 10)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:33722: Red Hat Enterprise Linux AppStream (v. 8)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:6949: Red Hat Enterprise Linux AppStream (v. 8)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:16875: Red Hat Enterprise Linux AppStream (v. 8)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:7011: Red Hat Enterprise Linux AppStream (v. 8)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:7009: Red Hat Enterprise Linux AppStream (v. 8)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:8456: Red Hat Enterprise Linux AppStream (v. 8)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:7674: Red Hat Enterprise Linux AppStream (v. 8)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:7878: Red Hat Enterprise Linux AppStream AUS (v. 8.2)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:8853: Red Hat Enterprise Linux AppStream AUS (v. 8.2)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:7879: Red Hat Enterprise Linux AppStream AUS (v.8.4), Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:20581: Red Hat Enterprise Linux AppStream AUS (v.8.4), Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:9043: Red Hat Enterprise Linux AppStream AUS (v.8.4), Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:9094: Red Hat Enterprise Linux AppStream AUS (v.8.4), Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:8434: Red Hat Enterprise Linux AppStream AUS (v.8.4), Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:19634: Red Hat Enterprise Linux AppStream AUS (v.8.6), Red Hat Enterprise Linux AppStream E4S (v.8.6), Red Hat Enterprise Linux AppStream TUS (v.8.6)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:7876: Red Hat Enterprise Linux AppStream AUS (v.8.6), Red Hat Enterprise Linux AppStream E4S (v.8.6), Red Hat Enterprise Linux AppStream TUS (v.8.6)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:20582: Red Hat Enterprise Linux AppStream AUS (v.8.6), Red Hat Enterprise Linux AppStream E4S (v.8.6), Red Hat Enterprise Linux AppStream TUS (v.8.6)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:8860: Red Hat Enterprise Linux AppStream AUS (v.8.6), Red Hat Enterprise Linux AppStream E4S (v.8.6), Red Hat Enterprise Linux AppStream TUS (v.8.6)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:9093: Red Hat Enterprise Linux AppStream AUS (v.8.6), Red Hat Enterprise Linux AppStream E4S (v.8.6), Red Hat Enterprise Linux AppStream TUS (v.8.6)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:8851: Red Hat Enterprise Linux AppStream AUS (v.8.6), Red Hat Enterprise Linux AppStream E4S (v.8.6), Red Hat Enterprise Linux AppStream TUS (v.8.6)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:7877: Red Hat Enterprise Linux AppStream E4S (v.8.8), Red Hat Enterprise Linux AppStream TUS (v.8.8)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:20584: Red Hat Enterprise Linux AppStream E4S (v.8.8), Red Hat Enterprise Linux AppStream TUS (v.8.8)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:8877: Red Hat Enterprise Linux AppStream E4S (v.8.8), Red Hat Enterprise Linux AppStream TUS (v.8.8)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:8878: Red Hat Enterprise Linux AppStream E4S (v.8.8), Red Hat Enterprise Linux AppStream TUS (v.8.8)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:9695: Red Hat Enterprise Linux AppStream E4S (v.8.8), Red Hat Enterprise Linux AppStream TUS (v.8.8)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:16102: Red Hat Enterprise Linux AppStream E4S (v.9.0)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:9436: Red Hat Enterprise Linux AppStream E4S (v.9.0)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:7883: Red Hat Enterprise Linux AppStream E4S (v.9.0)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:8881: Red Hat Enterprise Linux AppStream E4S (v.9.0)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:8949: Red Hat Enterprise Linux AppStream E4S (v.9.0)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:8852: Red Hat Enterprise Linux AppStream E4S (v.9.0)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:25252: Red Hat Enterprise Linux AppStream E4S (v.9.2)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:25251: Red Hat Enterprise Linux AppStream E4S (v.9.2)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:9434: Red Hat Enterprise Linux AppStream E4S (v.9.2)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:7833: Red Hat Enterprise Linux AppStream E4S (v.9.2)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:8879: Red Hat Enterprise Linux AppStream E4S (v.9.2)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:9090: Red Hat Enterprise Linux AppStream E4S (v.9.2)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:25248: Red Hat Enterprise Linux AppStream E4S (v.9.2)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:8322: Red Hat Enterprise Linux AppStream E4S (v.9.2)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:25253: Red Hat Enterprise Linux AppStream E4S (v.9.2)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:25250: Red Hat Enterprise Linux AppStream E4S (v.9.2)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:22733: Red Hat Enterprise Linux AppStream E4S (v.9.4)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:12030: Red Hat Enterprise Linux AppStream EUS (v.9.4)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:12032: Red Hat Enterprise Linux AppStream EUS (v.9.4)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:10712: Red Hat Enterprise Linux AppStream EUS (v.9.4)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:7834: Red Hat Enterprise Linux AppStream EUS (v.9.4)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:8930: Red Hat Enterprise Linux AppStream EUS (v.9.4)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:8882: Red Hat Enterprise Linux AppStream EUS (v.9.4)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:12033: Red Hat Enterprise Linux AppStream EUS (v.9.4)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:19721: Red Hat Enterprise Linux AppStream EUS (v.9.4)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:12028: Red Hat Enterprise Linux AppStream EUS (v.9.4)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:8324: Red Hat CodeReady Linux Builder EUS (v.9.4), Red Hat Enterprise Linux AppStream EUS (v.9.4)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:12031: Red Hat Enterprise Linux AppStream EUS (v.9.4)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:12029: Red Hat Enterprise Linux AppStream EUS (v.9.4)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:11749: Red Hat Enterprise Linux AppStream EUS (v.9.6)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:9109: Red Hat Enterprise Linux AppStream EUS (v.9.6)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:9439: Red Hat Enterprise Linux AppStream EUS (v.9.6)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:8848: Red Hat Enterprise Linux AppStream EUS (v.9.6)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:5944: Red Hat Enterprise Linux AppStream EUS (v.9.6)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:8847: Red Hat Enterprise Linux AppStream EUS (v.9.6)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:8845: Red Hat Enterprise Linux AppStream EUS (v.9.6)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:9108: Red Hat Enterprise Linux AppStream EUS (v.9.6)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:19720: Red Hat Enterprise Linux AppStream EUS (v.9.6)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:19475: Red Hat Enterprise Linux AppStream EUS (v.9.6)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:17287: Red Hat Enterprise Linux AppStream EUS (v.9.6)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:7665: Red Hat CodeReady Linux Builder EUS (v.9.6), Red Hat Enterprise Linux AppStream EUS (v.9.6)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:9097: Red Hat Enterprise Linux AppStream EUS (v.9.6)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:9098: Red Hat Enterprise Linux AppStream EUS (v.9.6)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:7259: Red Hat Enterprise Linux AppStream (v. 9)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:8841: Red Hat Enterprise Linux AppStream (v. 9)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:5942: Red Hat Enterprise Linux AppStream (v. 9)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:6382: Red Hat Enterprise Linux AppStream (v. 9)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:6383: Red Hat Enterprise Linux AppStream (v. 9)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:13671: Red Hat Enterprise Linux AppStream (v. 9)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:9044: Red Hat Enterprise Linux AppStream (v. 9)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:7315: Red Hat Enterprise Linux AppStream (v. 9), Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:29455: Red Hat Enterprise Linux AppStream (v. 9)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:29703: Red Hat Enterprise Linux AppStream (v. 9)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:19350: Red Hat Enterprise Linux AppStream (v. 9)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:19181: Red Hat Enterprise Linux AppStream (v. 9)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:19185: Red Hat Enterprise Linux AppStream (v. 9)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:19184: Red Hat Enterprise Linux AppStream (v. 9)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:23228: Red Hat Enterprise Linux AppStream (v. 9)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:19353: Red Hat Enterprise Linux AppStream (v. 9)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:22714: Red Hat Enterprise Linux AppStream (v. 9)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:26445: Red Hat Enterprise Linux AppStream (v. 9)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:19207: Red Hat Enterprise Linux AppStream (v. 9), Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:29702: Red Hat Enterprise Linux AppStream (v. 9)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:26636: Custom Metric Autoscaler 2.19\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:9872: DevWorkspace Operator 0.4\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:26585: Logging Subsystem for Red Hat OpenShift 6.0\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:11800: Logging Subsystem for Red Hat OpenShift 6.2\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:22862: Logging Subsystem for Red Hat OpenShift 6.4\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:22423: Multicluster Global Hub 1.3.4\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:22347: Multicluster Global Hub 1.4.5\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:5110: Multicluster Global Hub 1.5.4\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:21769: Multicluster Global Hub 1.5.4\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:23345: Multicluster Global Hub 1.6.2\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:16874: Network Observability (NETOBSERV) 1.11.2\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:29854: OpenShift API for Data Protection 1.4\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:26568: OpenShift API for Data Protection 1.5\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:8433: OpenShift Compliance Operator 1\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:22627: OpenShift File Integrity Operator - FIO 1\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:25127: Red Hat Advanced Cluster Management for Kubernetes 2.14\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:8151: Red Hat Advanced Cluster Management for Kubernetes 2.15\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:13829: Red Hat Advanced Cluster Security for Kubernetes 4.10\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:20889: Red Hat Advanced Cluster Security for Kubernetes 4.10\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:11217: Red Hat Advanced Cluster Security for Kubernetes 4.8\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:13791: Red Hat Advanced Cluster Security for Kubernetes 4.9\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:13545: Red Hat Ansible Automation Platform 2.6\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:9742: Red Hat Developer Hub 1.8\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:6802: Red Hat Developer Hub 1.9\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:10140: Red Hat Enterprise Linux AI 3.3\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:10141: Red Hat Enterprise Linux AI 3.3\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:7385: Red Hat Hardened Images\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:7291: Red Hat Hardened Images\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:9052: Red Hat Lightspeed (formerly Insights) for Runtimes 1\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:10184: Red Hat OpenShift AI 2.25\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:5549: Red Hat OpenShift Builds 1.6.5\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:10158: Red Hat OpenShift Builds 1.7.3\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:12282: Red Hat OpenShift Container Platform 4.12\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:21696: Red Hat OpenShift Container Platform 4.12\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:14100: Red Hat OpenShift Container Platform 4.12\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:21691: Red Hat OpenShift Container Platform 4.13\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:15091: Red Hat OpenShift Container Platform 4.14\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:28893: Red Hat OpenShift Container Platform 4.14\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:14774: Red Hat OpenShift Container Platform 4.15\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:20088: Red Hat OpenShift Container Platform 4.16\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:17598: Red Hat OpenShift Container Platform 4.17\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:21657: Red Hat OpenShift Container Platform 4.18\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:20041: Red Hat OpenShift Container Platform 4.19\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:6564: Red Hat OpenShift Container Platform 4.20\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:10175: Red Hat OpenShift Dev Spaces 3.27\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:11688: Red Hat OpenShift Service Mesh 2.6\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:8483: Red Hat OpenShift Service Mesh 2.6\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:11686: Red Hat OpenShift Service Mesh 2.6\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:9440: Red Hat OpenShift Service Mesh 3.0\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:8484: Red Hat OpenShift Service Mesh 3.0\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:9448: Red Hat OpenShift Service Mesh 3.1\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:8490: Red Hat OpenShift Service Mesh 3.1\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:9453: Red Hat OpenShift Service Mesh 3.2\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:8491: Red Hat OpenShift Service Mesh 3.2\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:9461: Red Hat OpenShift Service Mesh 3.3\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:8493: Red Hat OpenShift Service Mesh 3.3\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:9385: Red Hat OpenShift distributed tracing 3.9.3\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:14020: Red Hat OpenStack 1.5\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:11747: Red Hat OpenStack Services on OpenShift 18\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:11916: Red Hat Quay 3.10\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:6720: Red Hat Quay 3.12\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:11856: Red Hat Quay 3.12\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:21017: Red Hat Quay 3.14\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:24853: Red Hat Quay 3.15\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:19375: Red Hat Quay 3.16\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:11996: Red Hat Quay 3.9\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:14879: Red Hat Satellite 6.18\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:10125: Red Hat Trusted Artifact Signer 1.3\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:10065: Red Hat Update Infrastructure 5\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:11768: Red Hat Update Infrastructure 5\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:10250: Red Hat Web Terminal 1.11\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:10225: Red Hat Web Terminal 1.12\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:8338: Red Hat Web Terminal 1.13\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:8337: Red Hat Web Terminal 1.14\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:8167: Red Hat Web Terminal 1.15\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:28441: mirror registry for Red Hat OpenShift 2.0\"}], \"x_adpType\": \"supplier\", \"datePublic\": \"2026-03-06T21:28:14.211Z\", \"references\": [{\"url\": \"https://access.redhat.com/security/cve/CVE-2026-25679\", \"tags\": [\"vdb-entry\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2445356\", \"name\": \"RHBZ#2445356\", \"tags\": [\"issue-tracking\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-25679.json\", \"tags\": [\"x_sadp-csaf-vex\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:13508\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:8855\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:13512\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:26527\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:26541\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:28886\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:25043\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:21655\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:25180\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:27076\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:6341\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:28047\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:34365\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:14868\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:8314\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:9435\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:8856\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:5943\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:10133\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:8849\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:8931\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:17084\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:19719\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:19750\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:17040\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:7328\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:10929\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:16696\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:11375\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:10701\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:8842\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:7005\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:8840\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:5941\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:7992\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:6344\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:6388\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:13642\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:13643\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:7669\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:10169\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:11413\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:11412\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:19032\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:29195\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:19133\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:19022\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:19027\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:19026\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:22937\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:19049\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:19135\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:22450\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:19017\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:24386\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:19055\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:19132\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:19031\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:29035\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:19126\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:19128\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:33722\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:6949\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:16875\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:7011\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:7009\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:8456\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:7674\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:7878\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:8853\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:7879\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:20581\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:9043\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:9094\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:8434\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:19634\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:7876\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:20582\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:8860\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:9093\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:8851\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:7877\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:20584\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:8877\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:8878\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:9695\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:16102\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:9436\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:7883\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:8881\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:8949\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:8852\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:25252\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:25251\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:9434\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:7833\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:8879\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:9090\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:25248\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:8322\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:25253\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:25250\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:22733\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:12030\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:12032\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:10712\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:7834\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:8930\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:8882\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:12033\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:19721\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:12028\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:8324\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:12031\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:12029\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:11749\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:9109\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:9439\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:8848\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:5944\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:8847\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:8845\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:9108\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:19720\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:19475\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:17287\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:7665\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:9097\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:9098\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:7259\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:8841\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:5942\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:6382\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:6383\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:13671\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:9044\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:7315\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:29455\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:29703\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:19350\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:19181\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:19185\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:19184\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:23228\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:19353\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:22714\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:26445\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:19207\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:29702\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:26636\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:9872\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:26585\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:11800\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:22862\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:22423\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:22347\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:5110\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:21769\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:23345\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:16874\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:29854\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:26568\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:8433\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:22627\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:25127\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:8151\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:13829\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:20889\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:11217\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:13791\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:13545\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:9742\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:6802\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:10140\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:10141\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:7385\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:7291\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:9052\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:10184\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:5549\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:10158\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:12282\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:21696\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:14100\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:21691\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:15091\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:28893\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:14774\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:20088\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:17598\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:21657\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:20041\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:6564\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:10175\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:11688\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:8483\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:11686\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:9440\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:8484\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:9448\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:8490\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:9453\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:8491\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:9461\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:8493\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:9385\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:14020\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:11747\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:11916\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:6720\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:11856\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:21017\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:24853\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:19375\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:11996\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:14879\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:10125\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:10065\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:11768\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:10250\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:10225\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:8338\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:8337\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:8167\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:28441\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.\"}], \"x_generator\": {\"engine\": \"sadp-cli 1.0.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-1286\", \"description\": \"Improper Validation of Syntactic Correctness of Input\"}]}], \"providerMetadata\": {\"orgId\": \"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\", \"shortName\": \"redhat-SADP\", \"dateUpdated\": \"2026-07-02T12:04:52.558Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-25679\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-03-10T13:36:26.554241Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-03-10T13:36:57.330Z\"}}], \"cna\": {\"title\": \"Incorrect parsing of IPv6 host literals in net/url\", \"credits\": [{\"lang\": \"en\", \"value\": \"Masaki Hara (https://github.com/qnighy) of Wantedly\"}], \"affected\": [{\"vendor\": \"Go standard library\", \"product\": \"net/url\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"1.25.8\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"1.26.0-0\", \"lessThan\": \"1.26.1\", \"versionType\": \"semver\"}], \"packageName\": \"net/url\", \"collectionURL\": \"https://pkg.go.dev\", \"defaultStatus\": \"unaffected\", \"programRoutines\": [{\"name\": \"parseHost\"}, {\"name\": \"JoinPath\"}, {\"name\": \"Parse\"}, {\"name\": \"ParseRequestURI\"}, {\"name\": \"URL.Parse\"}, {\"name\": \"URL.UnmarshalBinary\"}]}], \"references\": [{\"url\": \"https://go.dev/cl/752180\"}, {\"url\": \"https://go.dev/issue/77578\"}, {\"url\": \"https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk\"}, {\"url\": \"https://pkg.go.dev/vuln/GO-2026-4601\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"url.Parse insufficiently validated the host/authority component and accepted some invalid URLs.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"CWE-1286: Improper Validation of Syntactic Correctness of Input\"}]}], \"providerMetadata\": {\"orgId\": \"1bb62c36-49e3-4200-9d77-64a1400537cc\", \"shortName\": \"Go\", \"dateUpdated\": \"2026-03-06T21:28:14.211Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-25679\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-07-02T12:04:52.558Z\", \"dateReserved\": \"2026-02-05T01:33:41.943Z\", \"assignerOrgId\": \"1bb62c36-49e3-4200-9d77-64a1400537cc\", \"datePublished\": \"2026-03-06T21:28:14.211Z\", \"assignerShortName\": \"Go\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
RHSA-2026:9439
Vulnerability from csaf_redhat - Published: 2026-04-21 17:53 - Updated: 2026-07-03 00:52The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.6.0.Z.EUS:git-lfs-0:3.6.1-2.el9_6.3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:git-lfs-0:3.6.1-2.el9_6.3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:git-lfs-0:3.6.1-2.el9_6.3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:git-lfs-0:3.6.1-2.el9_6.3.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:git-lfs-0:3.6.1-2.el9_6.3.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:git-lfs-debuginfo-0:3.6.1-2.el9_6.3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:git-lfs-debuginfo-0:3.6.1-2.el9_6.3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:git-lfs-debuginfo-0:3.6.1-2.el9_6.3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:git-lfs-debuginfo-0:3.6.1-2.el9_6.3.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:git-lfs-debugsource-0:3.6.1-2.el9_6.3.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:git-lfs-debugsource-0:3.6.1-2.el9_6.3.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:git-lfs-debugsource-0:3.6.1-2.el9_6.3.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.6.0.Z.EUS:git-lfs-debugsource-0:3.6.1-2.el9_6.3.x86_64 | — |
Vendor Fix
fix
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for git-lfs is now available for Red Hat Enterprise Linux 9.6 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Git Large File Storage (LFS) replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server.\n\nSecurity Fix(es):\n\n* net/url: Incorrect parsing of IPv6 host literals in net/url (CVE-2026-25679)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:9439",
"url": "https://access.redhat.com/errata/RHSA-2026:9439"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2445356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445356"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_9439.json"
}
],
"title": "Red Hat Security Advisory: git-lfs security update",
"tracking": {
"current_release_date": "2026-07-03T00:52:34+00:00",
"generator": {
"date": "2026-07-03T00:52:34+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:9439",
"initial_release_date": "2026-04-21T17:53:20+00:00",
"revision_history": [
{
"date": "2026-04-21T17:53:20+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-04-21T17:53:20+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-03T00:52:34+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product": {
"name": "Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_eus:9.6::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "git-lfs-0:3.6.1-2.el9_6.3.src",
"product": {
"name": "git-lfs-0:3.6.1-2.el9_6.3.src",
"product_id": "git-lfs-0:3.6.1-2.el9_6.3.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/git-lfs@3.6.1-2.el9_6.3?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "git-lfs-0:3.6.1-2.el9_6.3.aarch64",
"product": {
"name": "git-lfs-0:3.6.1-2.el9_6.3.aarch64",
"product_id": "git-lfs-0:3.6.1-2.el9_6.3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/git-lfs@3.6.1-2.el9_6.3?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "git-lfs-debugsource-0:3.6.1-2.el9_6.3.aarch64",
"product": {
"name": "git-lfs-debugsource-0:3.6.1-2.el9_6.3.aarch64",
"product_id": "git-lfs-debugsource-0:3.6.1-2.el9_6.3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/git-lfs-debugsource@3.6.1-2.el9_6.3?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "git-lfs-debuginfo-0:3.6.1-2.el9_6.3.aarch64",
"product": {
"name": "git-lfs-debuginfo-0:3.6.1-2.el9_6.3.aarch64",
"product_id": "git-lfs-debuginfo-0:3.6.1-2.el9_6.3.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/git-lfs-debuginfo@3.6.1-2.el9_6.3?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "git-lfs-0:3.6.1-2.el9_6.3.ppc64le",
"product": {
"name": "git-lfs-0:3.6.1-2.el9_6.3.ppc64le",
"product_id": "git-lfs-0:3.6.1-2.el9_6.3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/git-lfs@3.6.1-2.el9_6.3?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "git-lfs-debugsource-0:3.6.1-2.el9_6.3.ppc64le",
"product": {
"name": "git-lfs-debugsource-0:3.6.1-2.el9_6.3.ppc64le",
"product_id": "git-lfs-debugsource-0:3.6.1-2.el9_6.3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/git-lfs-debugsource@3.6.1-2.el9_6.3?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "git-lfs-debuginfo-0:3.6.1-2.el9_6.3.ppc64le",
"product": {
"name": "git-lfs-debuginfo-0:3.6.1-2.el9_6.3.ppc64le",
"product_id": "git-lfs-debuginfo-0:3.6.1-2.el9_6.3.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/git-lfs-debuginfo@3.6.1-2.el9_6.3?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "git-lfs-0:3.6.1-2.el9_6.3.x86_64",
"product": {
"name": "git-lfs-0:3.6.1-2.el9_6.3.x86_64",
"product_id": "git-lfs-0:3.6.1-2.el9_6.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/git-lfs@3.6.1-2.el9_6.3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "git-lfs-debugsource-0:3.6.1-2.el9_6.3.x86_64",
"product": {
"name": "git-lfs-debugsource-0:3.6.1-2.el9_6.3.x86_64",
"product_id": "git-lfs-debugsource-0:3.6.1-2.el9_6.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/git-lfs-debugsource@3.6.1-2.el9_6.3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "git-lfs-debuginfo-0:3.6.1-2.el9_6.3.x86_64",
"product": {
"name": "git-lfs-debuginfo-0:3.6.1-2.el9_6.3.x86_64",
"product_id": "git-lfs-debuginfo-0:3.6.1-2.el9_6.3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/git-lfs-debuginfo@3.6.1-2.el9_6.3?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "git-lfs-0:3.6.1-2.el9_6.3.s390x",
"product": {
"name": "git-lfs-0:3.6.1-2.el9_6.3.s390x",
"product_id": "git-lfs-0:3.6.1-2.el9_6.3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/git-lfs@3.6.1-2.el9_6.3?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "git-lfs-debugsource-0:3.6.1-2.el9_6.3.s390x",
"product": {
"name": "git-lfs-debugsource-0:3.6.1-2.el9_6.3.s390x",
"product_id": "git-lfs-debugsource-0:3.6.1-2.el9_6.3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/git-lfs-debugsource@3.6.1-2.el9_6.3?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "git-lfs-debuginfo-0:3.6.1-2.el9_6.3.s390x",
"product": {
"name": "git-lfs-debuginfo-0:3.6.1-2.el9_6.3.s390x",
"product_id": "git-lfs-debuginfo-0:3.6.1-2.el9_6.3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/git-lfs-debuginfo@3.6.1-2.el9_6.3?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "git-lfs-0:3.6.1-2.el9_6.3.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:git-lfs-0:3.6.1-2.el9_6.3.aarch64"
},
"product_reference": "git-lfs-0:3.6.1-2.el9_6.3.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "git-lfs-0:3.6.1-2.el9_6.3.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:git-lfs-0:3.6.1-2.el9_6.3.ppc64le"
},
"product_reference": "git-lfs-0:3.6.1-2.el9_6.3.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "git-lfs-0:3.6.1-2.el9_6.3.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:git-lfs-0:3.6.1-2.el9_6.3.s390x"
},
"product_reference": "git-lfs-0:3.6.1-2.el9_6.3.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "git-lfs-0:3.6.1-2.el9_6.3.src as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:git-lfs-0:3.6.1-2.el9_6.3.src"
},
"product_reference": "git-lfs-0:3.6.1-2.el9_6.3.src",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "git-lfs-0:3.6.1-2.el9_6.3.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:git-lfs-0:3.6.1-2.el9_6.3.x86_64"
},
"product_reference": "git-lfs-0:3.6.1-2.el9_6.3.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "git-lfs-debuginfo-0:3.6.1-2.el9_6.3.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:git-lfs-debuginfo-0:3.6.1-2.el9_6.3.aarch64"
},
"product_reference": "git-lfs-debuginfo-0:3.6.1-2.el9_6.3.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "git-lfs-debuginfo-0:3.6.1-2.el9_6.3.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:git-lfs-debuginfo-0:3.6.1-2.el9_6.3.ppc64le"
},
"product_reference": "git-lfs-debuginfo-0:3.6.1-2.el9_6.3.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "git-lfs-debuginfo-0:3.6.1-2.el9_6.3.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:git-lfs-debuginfo-0:3.6.1-2.el9_6.3.s390x"
},
"product_reference": "git-lfs-debuginfo-0:3.6.1-2.el9_6.3.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "git-lfs-debuginfo-0:3.6.1-2.el9_6.3.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:git-lfs-debuginfo-0:3.6.1-2.el9_6.3.x86_64"
},
"product_reference": "git-lfs-debuginfo-0:3.6.1-2.el9_6.3.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "git-lfs-debugsource-0:3.6.1-2.el9_6.3.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:git-lfs-debugsource-0:3.6.1-2.el9_6.3.aarch64"
},
"product_reference": "git-lfs-debugsource-0:3.6.1-2.el9_6.3.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "git-lfs-debugsource-0:3.6.1-2.el9_6.3.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:git-lfs-debugsource-0:3.6.1-2.el9_6.3.ppc64le"
},
"product_reference": "git-lfs-debugsource-0:3.6.1-2.el9_6.3.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "git-lfs-debugsource-0:3.6.1-2.el9_6.3.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:git-lfs-debugsource-0:3.6.1-2.el9_6.3.s390x"
},
"product_reference": "git-lfs-debugsource-0:3.6.1-2.el9_6.3.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "git-lfs-debugsource-0:3.6.1-2.el9_6.3.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:git-lfs-debugsource-0:3.6.1-2.el9_6.3.x86_64"
},
"product_reference": "git-lfs-debugsource-0:3.6.1-2.el9_6.3.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-25679",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2026-03-06T22:02:11.567841+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445356"
}
],
"notes": [
{
"category": "description",
"text": "The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/url: Incorrect parsing of IPv6 host literals in net/url",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.Z.EUS:git-lfs-0:3.6.1-2.el9_6.3.aarch64",
"AppStream-9.6.0.Z.EUS:git-lfs-0:3.6.1-2.el9_6.3.ppc64le",
"AppStream-9.6.0.Z.EUS:git-lfs-0:3.6.1-2.el9_6.3.s390x",
"AppStream-9.6.0.Z.EUS:git-lfs-0:3.6.1-2.el9_6.3.src",
"AppStream-9.6.0.Z.EUS:git-lfs-0:3.6.1-2.el9_6.3.x86_64",
"AppStream-9.6.0.Z.EUS:git-lfs-debuginfo-0:3.6.1-2.el9_6.3.aarch64",
"AppStream-9.6.0.Z.EUS:git-lfs-debuginfo-0:3.6.1-2.el9_6.3.ppc64le",
"AppStream-9.6.0.Z.EUS:git-lfs-debuginfo-0:3.6.1-2.el9_6.3.s390x",
"AppStream-9.6.0.Z.EUS:git-lfs-debuginfo-0:3.6.1-2.el9_6.3.x86_64",
"AppStream-9.6.0.Z.EUS:git-lfs-debugsource-0:3.6.1-2.el9_6.3.aarch64",
"AppStream-9.6.0.Z.EUS:git-lfs-debugsource-0:3.6.1-2.el9_6.3.ppc64le",
"AppStream-9.6.0.Z.EUS:git-lfs-debugsource-0:3.6.1-2.el9_6.3.s390x",
"AppStream-9.6.0.Z.EUS:git-lfs-debugsource-0:3.6.1-2.el9_6.3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "RHBZ#2445356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445356"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25679",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://go.dev/cl/752180",
"url": "https://go.dev/cl/752180"
},
{
"category": "external",
"summary": "https://go.dev/issue/77578",
"url": "https://go.dev/issue/77578"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk",
"url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4601",
"url": "https://pkg.go.dev/vuln/GO-2026-4601"
}
],
"release_date": "2026-03-06T21:28:14.211000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-21T17:53:20+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.Z.EUS:git-lfs-0:3.6.1-2.el9_6.3.aarch64",
"AppStream-9.6.0.Z.EUS:git-lfs-0:3.6.1-2.el9_6.3.ppc64le",
"AppStream-9.6.0.Z.EUS:git-lfs-0:3.6.1-2.el9_6.3.s390x",
"AppStream-9.6.0.Z.EUS:git-lfs-0:3.6.1-2.el9_6.3.src",
"AppStream-9.6.0.Z.EUS:git-lfs-0:3.6.1-2.el9_6.3.x86_64",
"AppStream-9.6.0.Z.EUS:git-lfs-debuginfo-0:3.6.1-2.el9_6.3.aarch64",
"AppStream-9.6.0.Z.EUS:git-lfs-debuginfo-0:3.6.1-2.el9_6.3.ppc64le",
"AppStream-9.6.0.Z.EUS:git-lfs-debuginfo-0:3.6.1-2.el9_6.3.s390x",
"AppStream-9.6.0.Z.EUS:git-lfs-debuginfo-0:3.6.1-2.el9_6.3.x86_64",
"AppStream-9.6.0.Z.EUS:git-lfs-debugsource-0:3.6.1-2.el9_6.3.aarch64",
"AppStream-9.6.0.Z.EUS:git-lfs-debugsource-0:3.6.1-2.el9_6.3.ppc64le",
"AppStream-9.6.0.Z.EUS:git-lfs-debugsource-0:3.6.1-2.el9_6.3.s390x",
"AppStream-9.6.0.Z.EUS:git-lfs-debugsource-0:3.6.1-2.el9_6.3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9439"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.6.0.Z.EUS:git-lfs-0:3.6.1-2.el9_6.3.aarch64",
"AppStream-9.6.0.Z.EUS:git-lfs-0:3.6.1-2.el9_6.3.ppc64le",
"AppStream-9.6.0.Z.EUS:git-lfs-0:3.6.1-2.el9_6.3.s390x",
"AppStream-9.6.0.Z.EUS:git-lfs-0:3.6.1-2.el9_6.3.src",
"AppStream-9.6.0.Z.EUS:git-lfs-0:3.6.1-2.el9_6.3.x86_64",
"AppStream-9.6.0.Z.EUS:git-lfs-debuginfo-0:3.6.1-2.el9_6.3.aarch64",
"AppStream-9.6.0.Z.EUS:git-lfs-debuginfo-0:3.6.1-2.el9_6.3.ppc64le",
"AppStream-9.6.0.Z.EUS:git-lfs-debuginfo-0:3.6.1-2.el9_6.3.s390x",
"AppStream-9.6.0.Z.EUS:git-lfs-debuginfo-0:3.6.1-2.el9_6.3.x86_64",
"AppStream-9.6.0.Z.EUS:git-lfs-debugsource-0:3.6.1-2.el9_6.3.aarch64",
"AppStream-9.6.0.Z.EUS:git-lfs-debugsource-0:3.6.1-2.el9_6.3.ppc64le",
"AppStream-9.6.0.Z.EUS:git-lfs-debugsource-0:3.6.1-2.el9_6.3.s390x",
"AppStream-9.6.0.Z.EUS:git-lfs-debugsource-0:3.6.1-2.el9_6.3.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.Z.EUS:git-lfs-0:3.6.1-2.el9_6.3.aarch64",
"AppStream-9.6.0.Z.EUS:git-lfs-0:3.6.1-2.el9_6.3.ppc64le",
"AppStream-9.6.0.Z.EUS:git-lfs-0:3.6.1-2.el9_6.3.s390x",
"AppStream-9.6.0.Z.EUS:git-lfs-0:3.6.1-2.el9_6.3.src",
"AppStream-9.6.0.Z.EUS:git-lfs-0:3.6.1-2.el9_6.3.x86_64",
"AppStream-9.6.0.Z.EUS:git-lfs-debuginfo-0:3.6.1-2.el9_6.3.aarch64",
"AppStream-9.6.0.Z.EUS:git-lfs-debuginfo-0:3.6.1-2.el9_6.3.ppc64le",
"AppStream-9.6.0.Z.EUS:git-lfs-debuginfo-0:3.6.1-2.el9_6.3.s390x",
"AppStream-9.6.0.Z.EUS:git-lfs-debuginfo-0:3.6.1-2.el9_6.3.x86_64",
"AppStream-9.6.0.Z.EUS:git-lfs-debugsource-0:3.6.1-2.el9_6.3.aarch64",
"AppStream-9.6.0.Z.EUS:git-lfs-debugsource-0:3.6.1-2.el9_6.3.ppc64le",
"AppStream-9.6.0.Z.EUS:git-lfs-debugsource-0:3.6.1-2.el9_6.3.s390x",
"AppStream-9.6.0.Z.EUS:git-lfs-debugsource-0:3.6.1-2.el9_6.3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/url: Incorrect parsing of IPv6 host literals in net/url"
}
]
}
RHSA-2026:9440
Vulnerability from csaf_redhat - Published: 2026-04-21 17:12 - Updated: 2026-07-03 06:29The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1fd5ff140d8d559cfd3c5ba85036579e0e72fa4ce7125e16c1ea24d70e94ff86_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:46e186d49081b64a4291e49e5f2acd77184699b66cdc08acdbb7e82c259b2b74_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:86787f164505d6ef3917997ad7a424d65da313fe50f0f952f13f55ce9d798b99_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bf1d68837cdb05f9c95e3c42692cc9e83fd4a0c5ac3dc7da3ffae49626502a9c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:66d3a47929e31772f8cde153eb0523fb0f1696547ab2dbe98b30a453306b8adc_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b00869deda7269236cb315b95c8abf4930b97995dcac9212a99b561251a401a9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b383628612ef6aff4328bd880b2400fd4011b53a1429a2ffacfc4d15f515d634_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:e86ddb9ffc3b50dc508f5eae310bcf1e7c994e7dbe3d538baebc1dc41316722d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:3113f8ef93a2abecad7ad6bd44d800c9c2735888b93f7a9b713ee93669fc3802_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5f9b2a458158fbf02a611d8d2822c6425d186ce4cd73c091a097a3c0218f18ff_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a2650c47f50206054063e8a62a8073d29a29808b21c2ab3d9964bd70995ff6eb_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e33cee7e3c778713dd44e3109609155061de98b83fbb91a89182179163ec05d4_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:5931cffa333330d80fa57431080621e8f39cdb9257201fad7d56da31b01c569f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:aea2066308c02465b7d1edc6afd52d3b6c37a92d1ca38e929a7354be2bb36493_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:b4339c9932dc7d84ce95f6b84a70f428f5f8da03e607f19602da5f83b6cacf1b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d37b966d871535c9277cda4c8aef1d9306b4f47f38043718ab4f13ccebbebc6b_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:3c8a43dac72fcb80665579849150ce601046fbcf6c2306583b0490605115ac0f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:693b5c635be68ad83f43140b36603d99a20c879bf345d12a44890b45bcd07b01_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:734219183920ce01e754291dd7611715a69a9403f9633b3400755786fcc275cd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:8cbf69617323c8c5a34eb52591608ec28f43de129ed6140baf3f9a9a7fa483f8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2a6694107707703209034473f159ab1f7e22106c7d1e1d722f373627dd9d7c47_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5faebff2c06c92bbff9453f577c9b6c259e5365fb4f452f630c592e7a06673a2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:8bec8dff7483dcb749deca1d7df6042b94d2a84abed4cf82e69230a8c28c59ca_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:9fa72261b4c4a178430ab10cecb79e1c9599740c3fc06192014245b1db1edffc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:c09e38353c9125431890b9cbd0be760b8b6c3d1faf6bb515e20c2c414dd70f2d_amd64 | — |
Workaround
|
A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 `:path` pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed `:path` that omits the mandatory leading slash. This allows the attacker to bypass defined security policies, potentially leading to unauthorized access to services or information disclosure.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:3113f8ef93a2abecad7ad6bd44d800c9c2735888b93f7a9b713ee93669fc3802_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5f9b2a458158fbf02a611d8d2822c6425d186ce4cd73c091a097a3c0218f18ff_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a2650c47f50206054063e8a62a8073d29a29808b21c2ab3d9964bd70995ff6eb_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e33cee7e3c778713dd44e3109609155061de98b83fbb91a89182179163ec05d4_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:3c8a43dac72fcb80665579849150ce601046fbcf6c2306583b0490605115ac0f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:693b5c635be68ad83f43140b36603d99a20c879bf345d12a44890b45bcd07b01_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:734219183920ce01e754291dd7611715a69a9403f9633b3400755786fcc275cd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:8cbf69617323c8c5a34eb52591608ec28f43de129ed6140baf3f9a9a7fa483f8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1fd5ff140d8d559cfd3c5ba85036579e0e72fa4ce7125e16c1ea24d70e94ff86_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:46e186d49081b64a4291e49e5f2acd77184699b66cdc08acdbb7e82c259b2b74_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:86787f164505d6ef3917997ad7a424d65da313fe50f0f952f13f55ce9d798b99_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bf1d68837cdb05f9c95e3c42692cc9e83fd4a0c5ac3dc7da3ffae49626502a9c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2a6694107707703209034473f159ab1f7e22106c7d1e1d722f373627dd9d7c47_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5faebff2c06c92bbff9453f577c9b6c259e5365fb4f452f630c592e7a06673a2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:8bec8dff7483dcb749deca1d7df6042b94d2a84abed4cf82e69230a8c28c59ca_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:9fa72261b4c4a178430ab10cecb79e1c9599740c3fc06192014245b1db1edffc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:66d3a47929e31772f8cde153eb0523fb0f1696547ab2dbe98b30a453306b8adc_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b00869deda7269236cb315b95c8abf4930b97995dcac9212a99b561251a401a9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b383628612ef6aff4328bd880b2400fd4011b53a1429a2ffacfc4d15f515d634_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:e86ddb9ffc3b50dc508f5eae310bcf1e7c994e7dbe3d538baebc1dc41316722d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:5931cffa333330d80fa57431080621e8f39cdb9257201fad7d56da31b01c569f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:aea2066308c02465b7d1edc6afd52d3b6c37a92d1ca38e929a7354be2bb36493_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:b4339c9932dc7d84ce95f6b84a70f428f5f8da03e607f19602da5f83b6cacf1b_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d37b966d871535c9277cda4c8aef1d9306b4f47f38043718ab4f13ccebbebc6b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:c09e38353c9125431890b9cbd0be760b8b6c3d1faf6bb515e20c2c414dd70f2d_amd64 | — |
Workaround
|
A flaw was found in BuildKit, a toolkit for converting source code to build artifacts. An untrusted BuildKit frontend can be leveraged to craft a malicious API message, allowing files to be written outside of the designated BuildKit state directory. This vulnerability, which is a form of arbitrary file write, could enable an attacker to execute unauthorized code or escalate their privileges on the system. This issue arises when custom BuildKit frontends are used with specific configuration options.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:3113f8ef93a2abecad7ad6bd44d800c9c2735888b93f7a9b713ee93669fc3802_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5f9b2a458158fbf02a611d8d2822c6425d186ce4cd73c091a097a3c0218f18ff_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a2650c47f50206054063e8a62a8073d29a29808b21c2ab3d9964bd70995ff6eb_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e33cee7e3c778713dd44e3109609155061de98b83fbb91a89182179163ec05d4_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:3c8a43dac72fcb80665579849150ce601046fbcf6c2306583b0490605115ac0f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:693b5c635be68ad83f43140b36603d99a20c879bf345d12a44890b45bcd07b01_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:734219183920ce01e754291dd7611715a69a9403f9633b3400755786fcc275cd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:8cbf69617323c8c5a34eb52591608ec28f43de129ed6140baf3f9a9a7fa483f8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1fd5ff140d8d559cfd3c5ba85036579e0e72fa4ce7125e16c1ea24d70e94ff86_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:46e186d49081b64a4291e49e5f2acd77184699b66cdc08acdbb7e82c259b2b74_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:86787f164505d6ef3917997ad7a424d65da313fe50f0f952f13f55ce9d798b99_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bf1d68837cdb05f9c95e3c42692cc9e83fd4a0c5ac3dc7da3ffae49626502a9c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2a6694107707703209034473f159ab1f7e22106c7d1e1d722f373627dd9d7c47_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5faebff2c06c92bbff9453f577c9b6c259e5365fb4f452f630c592e7a06673a2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:8bec8dff7483dcb749deca1d7df6042b94d2a84abed4cf82e69230a8c28c59ca_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:9fa72261b4c4a178430ab10cecb79e1c9599740c3fc06192014245b1db1edffc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:66d3a47929e31772f8cde153eb0523fb0f1696547ab2dbe98b30a453306b8adc_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b00869deda7269236cb315b95c8abf4930b97995dcac9212a99b561251a401a9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b383628612ef6aff4328bd880b2400fd4011b53a1429a2ffacfc4d15f515d634_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:e86ddb9ffc3b50dc508f5eae310bcf1e7c994e7dbe3d538baebc1dc41316722d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:5931cffa333330d80fa57431080621e8f39cdb9257201fad7d56da31b01c569f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:aea2066308c02465b7d1edc6afd52d3b6c37a92d1ca38e929a7354be2bb36493_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:b4339c9932dc7d84ce95f6b84a70f428f5f8da03e607f19602da5f83b6cacf1b_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d37b966d871535c9277cda4c8aef1d9306b4f47f38043718ab4f13ccebbebc6b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:c09e38353c9125431890b9cbd0be760b8b6c3d1faf6bb515e20c2c414dd70f2d_amd64 | — |
Workaround
|
A flaw was found in BuildKit. Insufficient validation of Git URL fragment subdirectory components may allow a remote attacker to access files outside the checked-out Git repository root. This access is limited to files on the same mounted filesystem. This vulnerability could lead to unauthorized information disclosure.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:3113f8ef93a2abecad7ad6bd44d800c9c2735888b93f7a9b713ee93669fc3802_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5f9b2a458158fbf02a611d8d2822c6425d186ce4cd73c091a097a3c0218f18ff_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a2650c47f50206054063e8a62a8073d29a29808b21c2ab3d9964bd70995ff6eb_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e33cee7e3c778713dd44e3109609155061de98b83fbb91a89182179163ec05d4_ppc64le | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:3c8a43dac72fcb80665579849150ce601046fbcf6c2306583b0490605115ac0f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:693b5c635be68ad83f43140b36603d99a20c879bf345d12a44890b45bcd07b01_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:734219183920ce01e754291dd7611715a69a9403f9633b3400755786fcc275cd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:8cbf69617323c8c5a34eb52591608ec28f43de129ed6140baf3f9a9a7fa483f8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1fd5ff140d8d559cfd3c5ba85036579e0e72fa4ce7125e16c1ea24d70e94ff86_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:46e186d49081b64a4291e49e5f2acd77184699b66cdc08acdbb7e82c259b2b74_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:86787f164505d6ef3917997ad7a424d65da313fe50f0f952f13f55ce9d798b99_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bf1d68837cdb05f9c95e3c42692cc9e83fd4a0c5ac3dc7da3ffae49626502a9c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2a6694107707703209034473f159ab1f7e22106c7d1e1d722f373627dd9d7c47_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5faebff2c06c92bbff9453f577c9b6c259e5365fb4f452f630c592e7a06673a2_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:8bec8dff7483dcb749deca1d7df6042b94d2a84abed4cf82e69230a8c28c59ca_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:9fa72261b4c4a178430ab10cecb79e1c9599740c3fc06192014245b1db1edffc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:66d3a47929e31772f8cde153eb0523fb0f1696547ab2dbe98b30a453306b8adc_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b00869deda7269236cb315b95c8abf4930b97995dcac9212a99b561251a401a9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b383628612ef6aff4328bd880b2400fd4011b53a1429a2ffacfc4d15f515d634_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:e86ddb9ffc3b50dc508f5eae310bcf1e7c994e7dbe3d538baebc1dc41316722d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:5931cffa333330d80fa57431080621e8f39cdb9257201fad7d56da31b01c569f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:aea2066308c02465b7d1edc6afd52d3b6c37a92d1ca38e929a7354be2bb36493_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:b4339c9932dc7d84ce95f6b84a70f428f5f8da03e607f19602da5f83b6cacf1b_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d37b966d871535c9277cda4c8aef1d9306b4f47f38043718ab4f13ccebbebc6b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:c09e38353c9125431890b9cbd0be760b8b6c3d1faf6bb515e20c2c414dd70f2d_amd64 | — |
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Service Mesh 3.0.10\n\nThis update has a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Service Mesh 3.0.10, which is based on the open source Istio project, addresses a variety of problems in a microservice architecture by creating a centralized point of control in an application.\n\nFixes/Improvements:\n\nSecurity Fix(es):\n\n* istio-rhel9-operator: Incorrect parsing of IPv6 host literals in net/url (CVE-2026-25679)\n\n* istio-cni-rhel9: Incorrect parsing of IPv6 host literals in net/url (CVE-2026-25679)\n\n* istio-pilot-rhel9: Incorrect parsing of IPv6 host literals in net/url (CVE-2026-25679)\n\n* istio-proxyv2-rhel9: Incorrect parsing of IPv6 host literals in net/url (CVE-2026-25679)\n\n* istio-proxyv2-rhel9: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation (CVE-2026-33186)\n\n* istio-proxyv2-rhel9: BuildKit: Arbitrary file write and code execution via untrusted frontend (CVE-2026-33747)\n\n* istio-proxyv2-rhel9: BuildKit: Unauthorized file access via Git URL fragment subdir components (CVE-2026-33748)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:9440",
"url": "https://access.redhat.com/errata/RHSA-2026:9440"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-25679",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33186",
"url": "https://access.redhat.com/security/cve/CVE-2026-33186"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33747",
"url": "https://access.redhat.com/security/cve/CVE-2026-33747"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33748",
"url": "https://access.redhat.com/security/cve/CVE-2026-33748"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/cve-2026-25679",
"url": "https://access.redhat.com/security/cve/cve-2026-25679"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/cve-2026-33186",
"url": "https://access.redhat.com/security/cve/cve-2026-33186"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/cve-2026-33747",
"url": "https://access.redhat.com/security/cve/cve-2026-33747"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/cve-2026-33748",
"url": "https://access.redhat.com/security/cve/cve-2026-33748"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification",
"url": "https://access.redhat.com/security/updates/classification"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_9440.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Service Mesh 3.0.10",
"tracking": {
"current_release_date": "2026-07-03T06:29:45+00:00",
"generator": {
"date": "2026-07-03T06:29:45+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:9440",
"initial_release_date": "2026-04-21T17:12:20+00:00",
"revision_history": [
{
"date": "2026-04-21T17:12:20+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-04-21T17:12:28+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-03T06:29:45+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Service Mesh 3.0",
"product": {
"name": "Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:service_mesh:3.0::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Service Mesh"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:c09e38353c9125431890b9cbd0be760b8b6c3d1faf6bb515e20c2c414dd70f2d_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:c09e38353c9125431890b9cbd0be760b8b6c3d1faf6bb515e20c2c414dd70f2d_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:c09e38353c9125431890b9cbd0be760b8b6c3d1faf6bb515e20c2c414dd70f2d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-sail-operator-bundle@sha256%3Ac09e38353c9125431890b9cbd0be760b8b6c3d1faf6bb515e20c2c414dd70f2d?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776442219"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bf1d68837cdb05f9c95e3c42692cc9e83fd4a0c5ac3dc7da3ffae49626502a9c_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bf1d68837cdb05f9c95e3c42692cc9e83fd4a0c5ac3dc7da3ffae49626502a9c_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bf1d68837cdb05f9c95e3c42692cc9e83fd4a0c5ac3dc7da3ffae49626502a9c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel9@sha256%3Abf1d68837cdb05f9c95e3c42692cc9e83fd4a0c5ac3dc7da3ffae49626502a9c?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776181080"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:8bec8dff7483dcb749deca1d7df6042b94d2a84abed4cf82e69230a8c28c59ca_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:8bec8dff7483dcb749deca1d7df6042b94d2a84abed4cf82e69230a8c28c59ca_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:8bec8dff7483dcb749deca1d7df6042b94d2a84abed4cf82e69230a8c28c59ca_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel9@sha256%3A8bec8dff7483dcb749deca1d7df6042b94d2a84abed4cf82e69230a8c28c59ca?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776181079"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:5931cffa333330d80fa57431080621e8f39cdb9257201fad7d56da31b01c569f_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:5931cffa333330d80fa57431080621e8f39cdb9257201fad7d56da31b01c569f_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:5931cffa333330d80fa57431080621e8f39cdb9257201fad7d56da31b01c569f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel9-operator@sha256%3A5931cffa333330d80fa57431080621e8f39cdb9257201fad7d56da31b01c569f?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776180733"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b00869deda7269236cb315b95c8abf4930b97995dcac9212a99b561251a401a9_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b00869deda7269236cb315b95c8abf4930b97995dcac9212a99b561251a401a9_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b00869deda7269236cb315b95c8abf4930b97995dcac9212a99b561251a401a9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-pilot-rhel9@sha256%3Ab00869deda7269236cb315b95c8abf4930b97995dcac9212a99b561251a401a9?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776181166"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:3113f8ef93a2abecad7ad6bd44d800c9c2735888b93f7a9b713ee93669fc3802_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:3113f8ef93a2abecad7ad6bd44d800c9c2735888b93f7a9b713ee93669fc3802_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:3113f8ef93a2abecad7ad6bd44d800c9c2735888b93f7a9b713ee93669fc3802_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-proxyv2-rhel9@sha256%3A3113f8ef93a2abecad7ad6bd44d800c9c2735888b93f7a9b713ee93669fc3802?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776240392"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:8cbf69617323c8c5a34eb52591608ec28f43de129ed6140baf3f9a9a7fa483f8_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:8cbf69617323c8c5a34eb52591608ec28f43de129ed6140baf3f9a9a7fa483f8_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:8cbf69617323c8c5a34eb52591608ec28f43de129ed6140baf3f9a9a7fa483f8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-ztunnel-rhel9@sha256%3A8cbf69617323c8c5a34eb52591608ec28f43de129ed6140baf3f9a9a7fa483f8?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh-dev-preview-beta\u0026tag=1776181708"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:46e186d49081b64a4291e49e5f2acd77184699b66cdc08acdbb7e82c259b2b74_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:46e186d49081b64a4291e49e5f2acd77184699b66cdc08acdbb7e82c259b2b74_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:46e186d49081b64a4291e49e5f2acd77184699b66cdc08acdbb7e82c259b2b74_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel9@sha256%3A46e186d49081b64a4291e49e5f2acd77184699b66cdc08acdbb7e82c259b2b74?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776181080"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2a6694107707703209034473f159ab1f7e22106c7d1e1d722f373627dd9d7c47_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2a6694107707703209034473f159ab1f7e22106c7d1e1d722f373627dd9d7c47_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2a6694107707703209034473f159ab1f7e22106c7d1e1d722f373627dd9d7c47_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel9@sha256%3A2a6694107707703209034473f159ab1f7e22106c7d1e1d722f373627dd9d7c47?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776181079"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:b4339c9932dc7d84ce95f6b84a70f428f5f8da03e607f19602da5f83b6cacf1b_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:b4339c9932dc7d84ce95f6b84a70f428f5f8da03e607f19602da5f83b6cacf1b_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:b4339c9932dc7d84ce95f6b84a70f428f5f8da03e607f19602da5f83b6cacf1b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel9-operator@sha256%3Ab4339c9932dc7d84ce95f6b84a70f428f5f8da03e607f19602da5f83b6cacf1b?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776180733"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:66d3a47929e31772f8cde153eb0523fb0f1696547ab2dbe98b30a453306b8adc_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:66d3a47929e31772f8cde153eb0523fb0f1696547ab2dbe98b30a453306b8adc_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:66d3a47929e31772f8cde153eb0523fb0f1696547ab2dbe98b30a453306b8adc_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-pilot-rhel9@sha256%3A66d3a47929e31772f8cde153eb0523fb0f1696547ab2dbe98b30a453306b8adc?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776181166"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a2650c47f50206054063e8a62a8073d29a29808b21c2ab3d9964bd70995ff6eb_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a2650c47f50206054063e8a62a8073d29a29808b21c2ab3d9964bd70995ff6eb_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a2650c47f50206054063e8a62a8073d29a29808b21c2ab3d9964bd70995ff6eb_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-proxyv2-rhel9@sha256%3Aa2650c47f50206054063e8a62a8073d29a29808b21c2ab3d9964bd70995ff6eb?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776240392"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:3c8a43dac72fcb80665579849150ce601046fbcf6c2306583b0490605115ac0f_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:3c8a43dac72fcb80665579849150ce601046fbcf6c2306583b0490605115ac0f_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:3c8a43dac72fcb80665579849150ce601046fbcf6c2306583b0490605115ac0f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-ztunnel-rhel9@sha256%3A3c8a43dac72fcb80665579849150ce601046fbcf6c2306583b0490605115ac0f?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh-dev-preview-beta\u0026tag=1776181708"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1fd5ff140d8d559cfd3c5ba85036579e0e72fa4ce7125e16c1ea24d70e94ff86_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1fd5ff140d8d559cfd3c5ba85036579e0e72fa4ce7125e16c1ea24d70e94ff86_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1fd5ff140d8d559cfd3c5ba85036579e0e72fa4ce7125e16c1ea24d70e94ff86_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel9@sha256%3A1fd5ff140d8d559cfd3c5ba85036579e0e72fa4ce7125e16c1ea24d70e94ff86?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776181080"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:9fa72261b4c4a178430ab10cecb79e1c9599740c3fc06192014245b1db1edffc_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:9fa72261b4c4a178430ab10cecb79e1c9599740c3fc06192014245b1db1edffc_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:9fa72261b4c4a178430ab10cecb79e1c9599740c3fc06192014245b1db1edffc_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel9@sha256%3A9fa72261b4c4a178430ab10cecb79e1c9599740c3fc06192014245b1db1edffc?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776181079"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:aea2066308c02465b7d1edc6afd52d3b6c37a92d1ca38e929a7354be2bb36493_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:aea2066308c02465b7d1edc6afd52d3b6c37a92d1ca38e929a7354be2bb36493_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:aea2066308c02465b7d1edc6afd52d3b6c37a92d1ca38e929a7354be2bb36493_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel9-operator@sha256%3Aaea2066308c02465b7d1edc6afd52d3b6c37a92d1ca38e929a7354be2bb36493?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776180733"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:e86ddb9ffc3b50dc508f5eae310bcf1e7c994e7dbe3d538baebc1dc41316722d_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:e86ddb9ffc3b50dc508f5eae310bcf1e7c994e7dbe3d538baebc1dc41316722d_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:e86ddb9ffc3b50dc508f5eae310bcf1e7c994e7dbe3d538baebc1dc41316722d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-pilot-rhel9@sha256%3Ae86ddb9ffc3b50dc508f5eae310bcf1e7c994e7dbe3d538baebc1dc41316722d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776181166"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e33cee7e3c778713dd44e3109609155061de98b83fbb91a89182179163ec05d4_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e33cee7e3c778713dd44e3109609155061de98b83fbb91a89182179163ec05d4_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e33cee7e3c778713dd44e3109609155061de98b83fbb91a89182179163ec05d4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-proxyv2-rhel9@sha256%3Ae33cee7e3c778713dd44e3109609155061de98b83fbb91a89182179163ec05d4?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776240392"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:734219183920ce01e754291dd7611715a69a9403f9633b3400755786fcc275cd_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:734219183920ce01e754291dd7611715a69a9403f9633b3400755786fcc275cd_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:734219183920ce01e754291dd7611715a69a9403f9633b3400755786fcc275cd_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-ztunnel-rhel9@sha256%3A734219183920ce01e754291dd7611715a69a9403f9633b3400755786fcc275cd?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh-dev-preview-beta\u0026tag=1776181708"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:86787f164505d6ef3917997ad7a424d65da313fe50f0f952f13f55ce9d798b99_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:86787f164505d6ef3917997ad7a424d65da313fe50f0f952f13f55ce9d798b99_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:86787f164505d6ef3917997ad7a424d65da313fe50f0f952f13f55ce9d798b99_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel9@sha256%3A86787f164505d6ef3917997ad7a424d65da313fe50f0f952f13f55ce9d798b99?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776181080"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5faebff2c06c92bbff9453f577c9b6c259e5365fb4f452f630c592e7a06673a2_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5faebff2c06c92bbff9453f577c9b6c259e5365fb4f452f630c592e7a06673a2_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5faebff2c06c92bbff9453f577c9b6c259e5365fb4f452f630c592e7a06673a2_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel9@sha256%3A5faebff2c06c92bbff9453f577c9b6c259e5365fb4f452f630c592e7a06673a2?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776181079"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d37b966d871535c9277cda4c8aef1d9306b4f47f38043718ab4f13ccebbebc6b_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d37b966d871535c9277cda4c8aef1d9306b4f47f38043718ab4f13ccebbebc6b_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d37b966d871535c9277cda4c8aef1d9306b4f47f38043718ab4f13ccebbebc6b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel9-operator@sha256%3Ad37b966d871535c9277cda4c8aef1d9306b4f47f38043718ab4f13ccebbebc6b?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776180733"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b383628612ef6aff4328bd880b2400fd4011b53a1429a2ffacfc4d15f515d634_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b383628612ef6aff4328bd880b2400fd4011b53a1429a2ffacfc4d15f515d634_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b383628612ef6aff4328bd880b2400fd4011b53a1429a2ffacfc4d15f515d634_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-pilot-rhel9@sha256%3Ab383628612ef6aff4328bd880b2400fd4011b53a1429a2ffacfc4d15f515d634?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776181166"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5f9b2a458158fbf02a611d8d2822c6425d186ce4cd73c091a097a3c0218f18ff_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5f9b2a458158fbf02a611d8d2822c6425d186ce4cd73c091a097a3c0218f18ff_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5f9b2a458158fbf02a611d8d2822c6425d186ce4cd73c091a097a3c0218f18ff_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-proxyv2-rhel9@sha256%3A5f9b2a458158fbf02a611d8d2822c6425d186ce4cd73c091a097a3c0218f18ff?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776240392"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:693b5c635be68ad83f43140b36603d99a20c879bf345d12a44890b45bcd07b01_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:693b5c635be68ad83f43140b36603d99a20c879bf345d12a44890b45bcd07b01_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:693b5c635be68ad83f43140b36603d99a20c879bf345d12a44890b45bcd07b01_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-ztunnel-rhel9@sha256%3A693b5c635be68ad83f43140b36603d99a20c879bf345d12a44890b45bcd07b01?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh-dev-preview-beta\u0026tag=1776181708"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:3c8a43dac72fcb80665579849150ce601046fbcf6c2306583b0490605115ac0f_arm64 as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:3c8a43dac72fcb80665579849150ce601046fbcf6c2306583b0490605115ac0f_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:3c8a43dac72fcb80665579849150ce601046fbcf6c2306583b0490605115ac0f_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:693b5c635be68ad83f43140b36603d99a20c879bf345d12a44890b45bcd07b01_s390x as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:693b5c635be68ad83f43140b36603d99a20c879bf345d12a44890b45bcd07b01_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:693b5c635be68ad83f43140b36603d99a20c879bf345d12a44890b45bcd07b01_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:734219183920ce01e754291dd7611715a69a9403f9633b3400755786fcc275cd_ppc64le as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:734219183920ce01e754291dd7611715a69a9403f9633b3400755786fcc275cd_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:734219183920ce01e754291dd7611715a69a9403f9633b3400755786fcc275cd_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:8cbf69617323c8c5a34eb52591608ec28f43de129ed6140baf3f9a9a7fa483f8_amd64 as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:8cbf69617323c8c5a34eb52591608ec28f43de129ed6140baf3f9a9a7fa483f8_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:8cbf69617323c8c5a34eb52591608ec28f43de129ed6140baf3f9a9a7fa483f8_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1fd5ff140d8d559cfd3c5ba85036579e0e72fa4ce7125e16c1ea24d70e94ff86_ppc64le as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1fd5ff140d8d559cfd3c5ba85036579e0e72fa4ce7125e16c1ea24d70e94ff86_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1fd5ff140d8d559cfd3c5ba85036579e0e72fa4ce7125e16c1ea24d70e94ff86_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:46e186d49081b64a4291e49e5f2acd77184699b66cdc08acdbb7e82c259b2b74_arm64 as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:46e186d49081b64a4291e49e5f2acd77184699b66cdc08acdbb7e82c259b2b74_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:46e186d49081b64a4291e49e5f2acd77184699b66cdc08acdbb7e82c259b2b74_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:86787f164505d6ef3917997ad7a424d65da313fe50f0f952f13f55ce9d798b99_s390x as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:86787f164505d6ef3917997ad7a424d65da313fe50f0f952f13f55ce9d798b99_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:86787f164505d6ef3917997ad7a424d65da313fe50f0f952f13f55ce9d798b99_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bf1d68837cdb05f9c95e3c42692cc9e83fd4a0c5ac3dc7da3ffae49626502a9c_amd64 as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bf1d68837cdb05f9c95e3c42692cc9e83fd4a0c5ac3dc7da3ffae49626502a9c_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bf1d68837cdb05f9c95e3c42692cc9e83fd4a0c5ac3dc7da3ffae49626502a9c_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2a6694107707703209034473f159ab1f7e22106c7d1e1d722f373627dd9d7c47_arm64 as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2a6694107707703209034473f159ab1f7e22106c7d1e1d722f373627dd9d7c47_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2a6694107707703209034473f159ab1f7e22106c7d1e1d722f373627dd9d7c47_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5faebff2c06c92bbff9453f577c9b6c259e5365fb4f452f630c592e7a06673a2_s390x as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5faebff2c06c92bbff9453f577c9b6c259e5365fb4f452f630c592e7a06673a2_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5faebff2c06c92bbff9453f577c9b6c259e5365fb4f452f630c592e7a06673a2_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:8bec8dff7483dcb749deca1d7df6042b94d2a84abed4cf82e69230a8c28c59ca_amd64 as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:8bec8dff7483dcb749deca1d7df6042b94d2a84abed4cf82e69230a8c28c59ca_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:8bec8dff7483dcb749deca1d7df6042b94d2a84abed4cf82e69230a8c28c59ca_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:9fa72261b4c4a178430ab10cecb79e1c9599740c3fc06192014245b1db1edffc_ppc64le as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:9fa72261b4c4a178430ab10cecb79e1c9599740c3fc06192014245b1db1edffc_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:9fa72261b4c4a178430ab10cecb79e1c9599740c3fc06192014245b1db1edffc_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:66d3a47929e31772f8cde153eb0523fb0f1696547ab2dbe98b30a453306b8adc_arm64 as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:66d3a47929e31772f8cde153eb0523fb0f1696547ab2dbe98b30a453306b8adc_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:66d3a47929e31772f8cde153eb0523fb0f1696547ab2dbe98b30a453306b8adc_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b00869deda7269236cb315b95c8abf4930b97995dcac9212a99b561251a401a9_amd64 as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b00869deda7269236cb315b95c8abf4930b97995dcac9212a99b561251a401a9_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b00869deda7269236cb315b95c8abf4930b97995dcac9212a99b561251a401a9_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b383628612ef6aff4328bd880b2400fd4011b53a1429a2ffacfc4d15f515d634_s390x as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b383628612ef6aff4328bd880b2400fd4011b53a1429a2ffacfc4d15f515d634_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b383628612ef6aff4328bd880b2400fd4011b53a1429a2ffacfc4d15f515d634_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:e86ddb9ffc3b50dc508f5eae310bcf1e7c994e7dbe3d538baebc1dc41316722d_ppc64le as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:e86ddb9ffc3b50dc508f5eae310bcf1e7c994e7dbe3d538baebc1dc41316722d_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:e86ddb9ffc3b50dc508f5eae310bcf1e7c994e7dbe3d538baebc1dc41316722d_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:3113f8ef93a2abecad7ad6bd44d800c9c2735888b93f7a9b713ee93669fc3802_amd64 as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:3113f8ef93a2abecad7ad6bd44d800c9c2735888b93f7a9b713ee93669fc3802_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:3113f8ef93a2abecad7ad6bd44d800c9c2735888b93f7a9b713ee93669fc3802_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5f9b2a458158fbf02a611d8d2822c6425d186ce4cd73c091a097a3c0218f18ff_s390x as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5f9b2a458158fbf02a611d8d2822c6425d186ce4cd73c091a097a3c0218f18ff_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5f9b2a458158fbf02a611d8d2822c6425d186ce4cd73c091a097a3c0218f18ff_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a2650c47f50206054063e8a62a8073d29a29808b21c2ab3d9964bd70995ff6eb_arm64 as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a2650c47f50206054063e8a62a8073d29a29808b21c2ab3d9964bd70995ff6eb_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a2650c47f50206054063e8a62a8073d29a29808b21c2ab3d9964bd70995ff6eb_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e33cee7e3c778713dd44e3109609155061de98b83fbb91a89182179163ec05d4_ppc64le as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e33cee7e3c778713dd44e3109609155061de98b83fbb91a89182179163ec05d4_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e33cee7e3c778713dd44e3109609155061de98b83fbb91a89182179163ec05d4_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:5931cffa333330d80fa57431080621e8f39cdb9257201fad7d56da31b01c569f_amd64 as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:5931cffa333330d80fa57431080621e8f39cdb9257201fad7d56da31b01c569f_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:5931cffa333330d80fa57431080621e8f39cdb9257201fad7d56da31b01c569f_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:aea2066308c02465b7d1edc6afd52d3b6c37a92d1ca38e929a7354be2bb36493_ppc64le as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:aea2066308c02465b7d1edc6afd52d3b6c37a92d1ca38e929a7354be2bb36493_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:aea2066308c02465b7d1edc6afd52d3b6c37a92d1ca38e929a7354be2bb36493_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:b4339c9932dc7d84ce95f6b84a70f428f5f8da03e607f19602da5f83b6cacf1b_arm64 as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:b4339c9932dc7d84ce95f6b84a70f428f5f8da03e607f19602da5f83b6cacf1b_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:b4339c9932dc7d84ce95f6b84a70f428f5f8da03e607f19602da5f83b6cacf1b_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d37b966d871535c9277cda4c8aef1d9306b4f47f38043718ab4f13ccebbebc6b_s390x as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d37b966d871535c9277cda4c8aef1d9306b4f47f38043718ab4f13ccebbebc6b_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d37b966d871535c9277cda4c8aef1d9306b4f47f38043718ab4f13ccebbebc6b_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:c09e38353c9125431890b9cbd0be760b8b6c3d1faf6bb515e20c2c414dd70f2d_amd64 as a component of Red Hat OpenShift Service Mesh 3.0",
"product_id": "Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:c09e38353c9125431890b9cbd0be760b8b6c3d1faf6bb515e20c2c414dd70f2d_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:c09e38353c9125431890b9cbd0be760b8b6c3d1faf6bb515e20c2c414dd70f2d_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-25679",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2026-03-06T22:02:11.567841+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:3c8a43dac72fcb80665579849150ce601046fbcf6c2306583b0490605115ac0f_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:693b5c635be68ad83f43140b36603d99a20c879bf345d12a44890b45bcd07b01_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:734219183920ce01e754291dd7611715a69a9403f9633b3400755786fcc275cd_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:8cbf69617323c8c5a34eb52591608ec28f43de129ed6140baf3f9a9a7fa483f8_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2a6694107707703209034473f159ab1f7e22106c7d1e1d722f373627dd9d7c47_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5faebff2c06c92bbff9453f577c9b6c259e5365fb4f452f630c592e7a06673a2_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:8bec8dff7483dcb749deca1d7df6042b94d2a84abed4cf82e69230a8c28c59ca_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:9fa72261b4c4a178430ab10cecb79e1c9599740c3fc06192014245b1db1edffc_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:c09e38353c9125431890b9cbd0be760b8b6c3d1faf6bb515e20c2c414dd70f2d_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445356"
}
],
"notes": [
{
"category": "description",
"text": "The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/url: Incorrect parsing of IPv6 host literals in net/url",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1fd5ff140d8d559cfd3c5ba85036579e0e72fa4ce7125e16c1ea24d70e94ff86_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:46e186d49081b64a4291e49e5f2acd77184699b66cdc08acdbb7e82c259b2b74_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:86787f164505d6ef3917997ad7a424d65da313fe50f0f952f13f55ce9d798b99_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bf1d68837cdb05f9c95e3c42692cc9e83fd4a0c5ac3dc7da3ffae49626502a9c_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:66d3a47929e31772f8cde153eb0523fb0f1696547ab2dbe98b30a453306b8adc_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b00869deda7269236cb315b95c8abf4930b97995dcac9212a99b561251a401a9_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b383628612ef6aff4328bd880b2400fd4011b53a1429a2ffacfc4d15f515d634_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:e86ddb9ffc3b50dc508f5eae310bcf1e7c994e7dbe3d538baebc1dc41316722d_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:3113f8ef93a2abecad7ad6bd44d800c9c2735888b93f7a9b713ee93669fc3802_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5f9b2a458158fbf02a611d8d2822c6425d186ce4cd73c091a097a3c0218f18ff_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a2650c47f50206054063e8a62a8073d29a29808b21c2ab3d9964bd70995ff6eb_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e33cee7e3c778713dd44e3109609155061de98b83fbb91a89182179163ec05d4_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:5931cffa333330d80fa57431080621e8f39cdb9257201fad7d56da31b01c569f_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:aea2066308c02465b7d1edc6afd52d3b6c37a92d1ca38e929a7354be2bb36493_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:b4339c9932dc7d84ce95f6b84a70f428f5f8da03e607f19602da5f83b6cacf1b_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d37b966d871535c9277cda4c8aef1d9306b4f47f38043718ab4f13ccebbebc6b_s390x"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:3c8a43dac72fcb80665579849150ce601046fbcf6c2306583b0490605115ac0f_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:693b5c635be68ad83f43140b36603d99a20c879bf345d12a44890b45bcd07b01_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:734219183920ce01e754291dd7611715a69a9403f9633b3400755786fcc275cd_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:8cbf69617323c8c5a34eb52591608ec28f43de129ed6140baf3f9a9a7fa483f8_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2a6694107707703209034473f159ab1f7e22106c7d1e1d722f373627dd9d7c47_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5faebff2c06c92bbff9453f577c9b6c259e5365fb4f452f630c592e7a06673a2_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:8bec8dff7483dcb749deca1d7df6042b94d2a84abed4cf82e69230a8c28c59ca_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:9fa72261b4c4a178430ab10cecb79e1c9599740c3fc06192014245b1db1edffc_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:c09e38353c9125431890b9cbd0be760b8b6c3d1faf6bb515e20c2c414dd70f2d_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "RHBZ#2445356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445356"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25679",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://go.dev/cl/752180",
"url": "https://go.dev/cl/752180"
},
{
"category": "external",
"summary": "https://go.dev/issue/77578",
"url": "https://go.dev/issue/77578"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk",
"url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4601",
"url": "https://pkg.go.dev/vuln/GO-2026-4601"
}
],
"release_date": "2026-03-06T21:28:14.211000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-21T17:12:20+00:00",
"details": "See Red Hat OpenShift Service Mesh 3.0.10 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.0",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1fd5ff140d8d559cfd3c5ba85036579e0e72fa4ce7125e16c1ea24d70e94ff86_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:46e186d49081b64a4291e49e5f2acd77184699b66cdc08acdbb7e82c259b2b74_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:86787f164505d6ef3917997ad7a424d65da313fe50f0f952f13f55ce9d798b99_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bf1d68837cdb05f9c95e3c42692cc9e83fd4a0c5ac3dc7da3ffae49626502a9c_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:66d3a47929e31772f8cde153eb0523fb0f1696547ab2dbe98b30a453306b8adc_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b00869deda7269236cb315b95c8abf4930b97995dcac9212a99b561251a401a9_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b383628612ef6aff4328bd880b2400fd4011b53a1429a2ffacfc4d15f515d634_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:e86ddb9ffc3b50dc508f5eae310bcf1e7c994e7dbe3d538baebc1dc41316722d_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:3113f8ef93a2abecad7ad6bd44d800c9c2735888b93f7a9b713ee93669fc3802_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5f9b2a458158fbf02a611d8d2822c6425d186ce4cd73c091a097a3c0218f18ff_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a2650c47f50206054063e8a62a8073d29a29808b21c2ab3d9964bd70995ff6eb_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e33cee7e3c778713dd44e3109609155061de98b83fbb91a89182179163ec05d4_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:5931cffa333330d80fa57431080621e8f39cdb9257201fad7d56da31b01c569f_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:aea2066308c02465b7d1edc6afd52d3b6c37a92d1ca38e929a7354be2bb36493_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:b4339c9932dc7d84ce95f6b84a70f428f5f8da03e607f19602da5f83b6cacf1b_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d37b966d871535c9277cda4c8aef1d9306b4f47f38043718ab4f13ccebbebc6b_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9440"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:3c8a43dac72fcb80665579849150ce601046fbcf6c2306583b0490605115ac0f_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:693b5c635be68ad83f43140b36603d99a20c879bf345d12a44890b45bcd07b01_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:734219183920ce01e754291dd7611715a69a9403f9633b3400755786fcc275cd_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:8cbf69617323c8c5a34eb52591608ec28f43de129ed6140baf3f9a9a7fa483f8_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1fd5ff140d8d559cfd3c5ba85036579e0e72fa4ce7125e16c1ea24d70e94ff86_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:46e186d49081b64a4291e49e5f2acd77184699b66cdc08acdbb7e82c259b2b74_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:86787f164505d6ef3917997ad7a424d65da313fe50f0f952f13f55ce9d798b99_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bf1d68837cdb05f9c95e3c42692cc9e83fd4a0c5ac3dc7da3ffae49626502a9c_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2a6694107707703209034473f159ab1f7e22106c7d1e1d722f373627dd9d7c47_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5faebff2c06c92bbff9453f577c9b6c259e5365fb4f452f630c592e7a06673a2_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:8bec8dff7483dcb749deca1d7df6042b94d2a84abed4cf82e69230a8c28c59ca_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:9fa72261b4c4a178430ab10cecb79e1c9599740c3fc06192014245b1db1edffc_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:66d3a47929e31772f8cde153eb0523fb0f1696547ab2dbe98b30a453306b8adc_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b00869deda7269236cb315b95c8abf4930b97995dcac9212a99b561251a401a9_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b383628612ef6aff4328bd880b2400fd4011b53a1429a2ffacfc4d15f515d634_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:e86ddb9ffc3b50dc508f5eae310bcf1e7c994e7dbe3d538baebc1dc41316722d_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:3113f8ef93a2abecad7ad6bd44d800c9c2735888b93f7a9b713ee93669fc3802_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5f9b2a458158fbf02a611d8d2822c6425d186ce4cd73c091a097a3c0218f18ff_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a2650c47f50206054063e8a62a8073d29a29808b21c2ab3d9964bd70995ff6eb_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e33cee7e3c778713dd44e3109609155061de98b83fbb91a89182179163ec05d4_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:5931cffa333330d80fa57431080621e8f39cdb9257201fad7d56da31b01c569f_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:aea2066308c02465b7d1edc6afd52d3b6c37a92d1ca38e929a7354be2bb36493_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:b4339c9932dc7d84ce95f6b84a70f428f5f8da03e607f19602da5f83b6cacf1b_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d37b966d871535c9277cda4c8aef1d9306b4f47f38043718ab4f13ccebbebc6b_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:c09e38353c9125431890b9cbd0be760b8b6c3d1faf6bb515e20c2c414dd70f2d_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:3c8a43dac72fcb80665579849150ce601046fbcf6c2306583b0490605115ac0f_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:693b5c635be68ad83f43140b36603d99a20c879bf345d12a44890b45bcd07b01_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:734219183920ce01e754291dd7611715a69a9403f9633b3400755786fcc275cd_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:8cbf69617323c8c5a34eb52591608ec28f43de129ed6140baf3f9a9a7fa483f8_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1fd5ff140d8d559cfd3c5ba85036579e0e72fa4ce7125e16c1ea24d70e94ff86_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:46e186d49081b64a4291e49e5f2acd77184699b66cdc08acdbb7e82c259b2b74_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:86787f164505d6ef3917997ad7a424d65da313fe50f0f952f13f55ce9d798b99_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bf1d68837cdb05f9c95e3c42692cc9e83fd4a0c5ac3dc7da3ffae49626502a9c_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2a6694107707703209034473f159ab1f7e22106c7d1e1d722f373627dd9d7c47_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5faebff2c06c92bbff9453f577c9b6c259e5365fb4f452f630c592e7a06673a2_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:8bec8dff7483dcb749deca1d7df6042b94d2a84abed4cf82e69230a8c28c59ca_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:9fa72261b4c4a178430ab10cecb79e1c9599740c3fc06192014245b1db1edffc_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:66d3a47929e31772f8cde153eb0523fb0f1696547ab2dbe98b30a453306b8adc_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b00869deda7269236cb315b95c8abf4930b97995dcac9212a99b561251a401a9_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b383628612ef6aff4328bd880b2400fd4011b53a1429a2ffacfc4d15f515d634_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:e86ddb9ffc3b50dc508f5eae310bcf1e7c994e7dbe3d538baebc1dc41316722d_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:3113f8ef93a2abecad7ad6bd44d800c9c2735888b93f7a9b713ee93669fc3802_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5f9b2a458158fbf02a611d8d2822c6425d186ce4cd73c091a097a3c0218f18ff_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a2650c47f50206054063e8a62a8073d29a29808b21c2ab3d9964bd70995ff6eb_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e33cee7e3c778713dd44e3109609155061de98b83fbb91a89182179163ec05d4_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:5931cffa333330d80fa57431080621e8f39cdb9257201fad7d56da31b01c569f_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:aea2066308c02465b7d1edc6afd52d3b6c37a92d1ca38e929a7354be2bb36493_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:b4339c9932dc7d84ce95f6b84a70f428f5f8da03e607f19602da5f83b6cacf1b_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d37b966d871535c9277cda4c8aef1d9306b4f47f38043718ab4f13ccebbebc6b_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:c09e38353c9125431890b9cbd0be760b8b6c3d1faf6bb515e20c2c414dd70f2d_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/url: Incorrect parsing of IPv6 host literals in net/url"
},
{
"cve": "CVE-2026-33186",
"cwe": {
"id": "CWE-551",
"name": "Incorrect Behavior Order: Authorization Before Parsing and Canonicalization"
},
"discovery_date": "2026-03-20T23:02:27.802640+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:3c8a43dac72fcb80665579849150ce601046fbcf6c2306583b0490605115ac0f_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:693b5c635be68ad83f43140b36603d99a20c879bf345d12a44890b45bcd07b01_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:734219183920ce01e754291dd7611715a69a9403f9633b3400755786fcc275cd_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:8cbf69617323c8c5a34eb52591608ec28f43de129ed6140baf3f9a9a7fa483f8_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1fd5ff140d8d559cfd3c5ba85036579e0e72fa4ce7125e16c1ea24d70e94ff86_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:46e186d49081b64a4291e49e5f2acd77184699b66cdc08acdbb7e82c259b2b74_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:86787f164505d6ef3917997ad7a424d65da313fe50f0f952f13f55ce9d798b99_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bf1d68837cdb05f9c95e3c42692cc9e83fd4a0c5ac3dc7da3ffae49626502a9c_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2a6694107707703209034473f159ab1f7e22106c7d1e1d722f373627dd9d7c47_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5faebff2c06c92bbff9453f577c9b6c259e5365fb4f452f630c592e7a06673a2_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:8bec8dff7483dcb749deca1d7df6042b94d2a84abed4cf82e69230a8c28c59ca_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:9fa72261b4c4a178430ab10cecb79e1c9599740c3fc06192014245b1db1edffc_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:66d3a47929e31772f8cde153eb0523fb0f1696547ab2dbe98b30a453306b8adc_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b00869deda7269236cb315b95c8abf4930b97995dcac9212a99b561251a401a9_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b383628612ef6aff4328bd880b2400fd4011b53a1429a2ffacfc4d15f515d634_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:e86ddb9ffc3b50dc508f5eae310bcf1e7c994e7dbe3d538baebc1dc41316722d_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:5931cffa333330d80fa57431080621e8f39cdb9257201fad7d56da31b01c569f_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:aea2066308c02465b7d1edc6afd52d3b6c37a92d1ca38e929a7354be2bb36493_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:b4339c9932dc7d84ce95f6b84a70f428f5f8da03e607f19602da5f83b6cacf1b_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d37b966d871535c9277cda4c8aef1d9306b4f47f38043718ab4f13ccebbebc6b_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:c09e38353c9125431890b9cbd0be760b8b6c3d1faf6bb515e20c2c414dd70f2d_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2449833"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 `:path` pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed `:path` that omits the mandatory leading slash. This allows the attacker to bypass defined security policies, potentially leading to unauthorized access to services or information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:3113f8ef93a2abecad7ad6bd44d800c9c2735888b93f7a9b713ee93669fc3802_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5f9b2a458158fbf02a611d8d2822c6425d186ce4cd73c091a097a3c0218f18ff_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a2650c47f50206054063e8a62a8073d29a29808b21c2ab3d9964bd70995ff6eb_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e33cee7e3c778713dd44e3109609155061de98b83fbb91a89182179163ec05d4_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:3c8a43dac72fcb80665579849150ce601046fbcf6c2306583b0490605115ac0f_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:693b5c635be68ad83f43140b36603d99a20c879bf345d12a44890b45bcd07b01_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:734219183920ce01e754291dd7611715a69a9403f9633b3400755786fcc275cd_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:8cbf69617323c8c5a34eb52591608ec28f43de129ed6140baf3f9a9a7fa483f8_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1fd5ff140d8d559cfd3c5ba85036579e0e72fa4ce7125e16c1ea24d70e94ff86_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:46e186d49081b64a4291e49e5f2acd77184699b66cdc08acdbb7e82c259b2b74_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:86787f164505d6ef3917997ad7a424d65da313fe50f0f952f13f55ce9d798b99_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bf1d68837cdb05f9c95e3c42692cc9e83fd4a0c5ac3dc7da3ffae49626502a9c_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2a6694107707703209034473f159ab1f7e22106c7d1e1d722f373627dd9d7c47_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5faebff2c06c92bbff9453f577c9b6c259e5365fb4f452f630c592e7a06673a2_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:8bec8dff7483dcb749deca1d7df6042b94d2a84abed4cf82e69230a8c28c59ca_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:9fa72261b4c4a178430ab10cecb79e1c9599740c3fc06192014245b1db1edffc_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:66d3a47929e31772f8cde153eb0523fb0f1696547ab2dbe98b30a453306b8adc_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b00869deda7269236cb315b95c8abf4930b97995dcac9212a99b561251a401a9_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b383628612ef6aff4328bd880b2400fd4011b53a1429a2ffacfc4d15f515d634_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:e86ddb9ffc3b50dc508f5eae310bcf1e7c994e7dbe3d538baebc1dc41316722d_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:5931cffa333330d80fa57431080621e8f39cdb9257201fad7d56da31b01c569f_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:aea2066308c02465b7d1edc6afd52d3b6c37a92d1ca38e929a7354be2bb36493_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:b4339c9932dc7d84ce95f6b84a70f428f5f8da03e607f19602da5f83b6cacf1b_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d37b966d871535c9277cda4c8aef1d9306b4f47f38043718ab4f13ccebbebc6b_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:c09e38353c9125431890b9cbd0be760b8b6c3d1faf6bb515e20c2c414dd70f2d_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33186"
},
{
"category": "external",
"summary": "RHBZ#2449833",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449833"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33186",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33186"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
},
{
"category": "external",
"summary": "https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3",
"url": "https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3"
}
],
"release_date": "2026-03-20T22:23:32.147000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-21T17:12:20+00:00",
"details": "See Red Hat OpenShift Service Mesh 3.0.10 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.0",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:3113f8ef93a2abecad7ad6bd44d800c9c2735888b93f7a9b713ee93669fc3802_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5f9b2a458158fbf02a611d8d2822c6425d186ce4cd73c091a097a3c0218f18ff_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a2650c47f50206054063e8a62a8073d29a29808b21c2ab3d9964bd70995ff6eb_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e33cee7e3c778713dd44e3109609155061de98b83fbb91a89182179163ec05d4_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9440"
},
{
"category": "workaround",
"details": "To mitigate this issue, implement infrastructure-level normalization to ensure all incoming HTTP/2 `:path` headers are properly formatted with a leading slash before reaching the gRPC-Go server. This can be achieved by configuring a reverse proxy or API gateway to validate and normalize the `:path` header. Ensure that any such intermediary is properly configured and restarted to apply the changes, which may temporarily impact service availability.",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:3c8a43dac72fcb80665579849150ce601046fbcf6c2306583b0490605115ac0f_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:693b5c635be68ad83f43140b36603d99a20c879bf345d12a44890b45bcd07b01_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:734219183920ce01e754291dd7611715a69a9403f9633b3400755786fcc275cd_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:8cbf69617323c8c5a34eb52591608ec28f43de129ed6140baf3f9a9a7fa483f8_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1fd5ff140d8d559cfd3c5ba85036579e0e72fa4ce7125e16c1ea24d70e94ff86_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:46e186d49081b64a4291e49e5f2acd77184699b66cdc08acdbb7e82c259b2b74_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:86787f164505d6ef3917997ad7a424d65da313fe50f0f952f13f55ce9d798b99_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bf1d68837cdb05f9c95e3c42692cc9e83fd4a0c5ac3dc7da3ffae49626502a9c_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2a6694107707703209034473f159ab1f7e22106c7d1e1d722f373627dd9d7c47_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5faebff2c06c92bbff9453f577c9b6c259e5365fb4f452f630c592e7a06673a2_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:8bec8dff7483dcb749deca1d7df6042b94d2a84abed4cf82e69230a8c28c59ca_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:9fa72261b4c4a178430ab10cecb79e1c9599740c3fc06192014245b1db1edffc_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:66d3a47929e31772f8cde153eb0523fb0f1696547ab2dbe98b30a453306b8adc_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b00869deda7269236cb315b95c8abf4930b97995dcac9212a99b561251a401a9_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b383628612ef6aff4328bd880b2400fd4011b53a1429a2ffacfc4d15f515d634_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:e86ddb9ffc3b50dc508f5eae310bcf1e7c994e7dbe3d538baebc1dc41316722d_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:3113f8ef93a2abecad7ad6bd44d800c9c2735888b93f7a9b713ee93669fc3802_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5f9b2a458158fbf02a611d8d2822c6425d186ce4cd73c091a097a3c0218f18ff_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a2650c47f50206054063e8a62a8073d29a29808b21c2ab3d9964bd70995ff6eb_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e33cee7e3c778713dd44e3109609155061de98b83fbb91a89182179163ec05d4_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:5931cffa333330d80fa57431080621e8f39cdb9257201fad7d56da31b01c569f_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:aea2066308c02465b7d1edc6afd52d3b6c37a92d1ca38e929a7354be2bb36493_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:b4339c9932dc7d84ce95f6b84a70f428f5f8da03e607f19602da5f83b6cacf1b_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d37b966d871535c9277cda4c8aef1d9306b4f47f38043718ab4f13ccebbebc6b_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:c09e38353c9125431890b9cbd0be760b8b6c3d1faf6bb515e20c2c414dd70f2d_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:3c8a43dac72fcb80665579849150ce601046fbcf6c2306583b0490605115ac0f_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:693b5c635be68ad83f43140b36603d99a20c879bf345d12a44890b45bcd07b01_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:734219183920ce01e754291dd7611715a69a9403f9633b3400755786fcc275cd_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:8cbf69617323c8c5a34eb52591608ec28f43de129ed6140baf3f9a9a7fa483f8_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1fd5ff140d8d559cfd3c5ba85036579e0e72fa4ce7125e16c1ea24d70e94ff86_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:46e186d49081b64a4291e49e5f2acd77184699b66cdc08acdbb7e82c259b2b74_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:86787f164505d6ef3917997ad7a424d65da313fe50f0f952f13f55ce9d798b99_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bf1d68837cdb05f9c95e3c42692cc9e83fd4a0c5ac3dc7da3ffae49626502a9c_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2a6694107707703209034473f159ab1f7e22106c7d1e1d722f373627dd9d7c47_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5faebff2c06c92bbff9453f577c9b6c259e5365fb4f452f630c592e7a06673a2_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:8bec8dff7483dcb749deca1d7df6042b94d2a84abed4cf82e69230a8c28c59ca_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:9fa72261b4c4a178430ab10cecb79e1c9599740c3fc06192014245b1db1edffc_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:66d3a47929e31772f8cde153eb0523fb0f1696547ab2dbe98b30a453306b8adc_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b00869deda7269236cb315b95c8abf4930b97995dcac9212a99b561251a401a9_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b383628612ef6aff4328bd880b2400fd4011b53a1429a2ffacfc4d15f515d634_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:e86ddb9ffc3b50dc508f5eae310bcf1e7c994e7dbe3d538baebc1dc41316722d_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:3113f8ef93a2abecad7ad6bd44d800c9c2735888b93f7a9b713ee93669fc3802_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5f9b2a458158fbf02a611d8d2822c6425d186ce4cd73c091a097a3c0218f18ff_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a2650c47f50206054063e8a62a8073d29a29808b21c2ab3d9964bd70995ff6eb_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e33cee7e3c778713dd44e3109609155061de98b83fbb91a89182179163ec05d4_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:5931cffa333330d80fa57431080621e8f39cdb9257201fad7d56da31b01c569f_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:aea2066308c02465b7d1edc6afd52d3b6c37a92d1ca38e929a7354be2bb36493_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:b4339c9932dc7d84ce95f6b84a70f428f5f8da03e607f19602da5f83b6cacf1b_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d37b966d871535c9277cda4c8aef1d9306b4f47f38043718ab4f13ccebbebc6b_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:c09e38353c9125431890b9cbd0be760b8b6c3d1faf6bb515e20c2c414dd70f2d_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation"
},
{
"cve": "CVE-2026-33747",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2026-03-27T02:01:29.921765+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:3c8a43dac72fcb80665579849150ce601046fbcf6c2306583b0490605115ac0f_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:693b5c635be68ad83f43140b36603d99a20c879bf345d12a44890b45bcd07b01_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:734219183920ce01e754291dd7611715a69a9403f9633b3400755786fcc275cd_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:8cbf69617323c8c5a34eb52591608ec28f43de129ed6140baf3f9a9a7fa483f8_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1fd5ff140d8d559cfd3c5ba85036579e0e72fa4ce7125e16c1ea24d70e94ff86_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:46e186d49081b64a4291e49e5f2acd77184699b66cdc08acdbb7e82c259b2b74_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:86787f164505d6ef3917997ad7a424d65da313fe50f0f952f13f55ce9d798b99_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bf1d68837cdb05f9c95e3c42692cc9e83fd4a0c5ac3dc7da3ffae49626502a9c_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2a6694107707703209034473f159ab1f7e22106c7d1e1d722f373627dd9d7c47_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5faebff2c06c92bbff9453f577c9b6c259e5365fb4f452f630c592e7a06673a2_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:8bec8dff7483dcb749deca1d7df6042b94d2a84abed4cf82e69230a8c28c59ca_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:9fa72261b4c4a178430ab10cecb79e1c9599740c3fc06192014245b1db1edffc_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:66d3a47929e31772f8cde153eb0523fb0f1696547ab2dbe98b30a453306b8adc_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b00869deda7269236cb315b95c8abf4930b97995dcac9212a99b561251a401a9_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b383628612ef6aff4328bd880b2400fd4011b53a1429a2ffacfc4d15f515d634_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:e86ddb9ffc3b50dc508f5eae310bcf1e7c994e7dbe3d538baebc1dc41316722d_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:5931cffa333330d80fa57431080621e8f39cdb9257201fad7d56da31b01c569f_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:aea2066308c02465b7d1edc6afd52d3b6c37a92d1ca38e929a7354be2bb36493_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:b4339c9932dc7d84ce95f6b84a70f428f5f8da03e607f19602da5f83b6cacf1b_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d37b966d871535c9277cda4c8aef1d9306b4f47f38043718ab4f13ccebbebc6b_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:c09e38353c9125431890b9cbd0be760b8b6c3d1faf6bb515e20c2c414dd70f2d_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2452076"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in BuildKit, a toolkit for converting source code to build artifacts. An untrusted BuildKit frontend can be leveraged to craft a malicious API message, allowing files to be written outside of the designated BuildKit state directory. This vulnerability, which is a form of arbitrary file write, could enable an attacker to execute unauthorized code or escalate their privileges on the system. This issue arises when custom BuildKit frontends are used with specific configuration options.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "BuildKit: github.com/moby/buildkit: BuildKit: Arbitrary file write and code execution via untrusted frontend",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:3113f8ef93a2abecad7ad6bd44d800c9c2735888b93f7a9b713ee93669fc3802_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5f9b2a458158fbf02a611d8d2822c6425d186ce4cd73c091a097a3c0218f18ff_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a2650c47f50206054063e8a62a8073d29a29808b21c2ab3d9964bd70995ff6eb_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e33cee7e3c778713dd44e3109609155061de98b83fbb91a89182179163ec05d4_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:3c8a43dac72fcb80665579849150ce601046fbcf6c2306583b0490605115ac0f_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:693b5c635be68ad83f43140b36603d99a20c879bf345d12a44890b45bcd07b01_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:734219183920ce01e754291dd7611715a69a9403f9633b3400755786fcc275cd_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:8cbf69617323c8c5a34eb52591608ec28f43de129ed6140baf3f9a9a7fa483f8_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1fd5ff140d8d559cfd3c5ba85036579e0e72fa4ce7125e16c1ea24d70e94ff86_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:46e186d49081b64a4291e49e5f2acd77184699b66cdc08acdbb7e82c259b2b74_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:86787f164505d6ef3917997ad7a424d65da313fe50f0f952f13f55ce9d798b99_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bf1d68837cdb05f9c95e3c42692cc9e83fd4a0c5ac3dc7da3ffae49626502a9c_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2a6694107707703209034473f159ab1f7e22106c7d1e1d722f373627dd9d7c47_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5faebff2c06c92bbff9453f577c9b6c259e5365fb4f452f630c592e7a06673a2_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:8bec8dff7483dcb749deca1d7df6042b94d2a84abed4cf82e69230a8c28c59ca_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:9fa72261b4c4a178430ab10cecb79e1c9599740c3fc06192014245b1db1edffc_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:66d3a47929e31772f8cde153eb0523fb0f1696547ab2dbe98b30a453306b8adc_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b00869deda7269236cb315b95c8abf4930b97995dcac9212a99b561251a401a9_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b383628612ef6aff4328bd880b2400fd4011b53a1429a2ffacfc4d15f515d634_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:e86ddb9ffc3b50dc508f5eae310bcf1e7c994e7dbe3d538baebc1dc41316722d_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:5931cffa333330d80fa57431080621e8f39cdb9257201fad7d56da31b01c569f_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:aea2066308c02465b7d1edc6afd52d3b6c37a92d1ca38e929a7354be2bb36493_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:b4339c9932dc7d84ce95f6b84a70f428f5f8da03e607f19602da5f83b6cacf1b_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d37b966d871535c9277cda4c8aef1d9306b4f47f38043718ab4f13ccebbebc6b_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:c09e38353c9125431890b9cbd0be760b8b6c3d1faf6bb515e20c2c414dd70f2d_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33747"
},
{
"category": "external",
"summary": "RHBZ#2452076",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452076"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33747",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33747"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33747",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33747"
},
{
"category": "external",
"summary": "https://github.com/moby/buildkit/releases/tag/v0.28.1",
"url": "https://github.com/moby/buildkit/releases/tag/v0.28.1"
},
{
"category": "external",
"summary": "https://github.com/moby/buildkit/security/advisories/GHSA-4c29-8rgm-jvjj",
"url": "https://github.com/moby/buildkit/security/advisories/GHSA-4c29-8rgm-jvjj"
}
],
"release_date": "2026-03-27T00:49:06.165000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-21T17:12:20+00:00",
"details": "See Red Hat OpenShift Service Mesh 3.0.10 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.0",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:3113f8ef93a2abecad7ad6bd44d800c9c2735888b93f7a9b713ee93669fc3802_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5f9b2a458158fbf02a611d8d2822c6425d186ce4cd73c091a097a3c0218f18ff_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a2650c47f50206054063e8a62a8073d29a29808b21c2ab3d9964bd70995ff6eb_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e33cee7e3c778713dd44e3109609155061de98b83fbb91a89182179163ec05d4_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9440"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, avoid using untrusted BuildKit frontends. Restrict the use of custom BuildKit frontends to only those from verified and trusted sources. Do not specify untrusted frontends via `#syntax` or `--build-arg BUILDKIT_SYNTAX`.",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:3c8a43dac72fcb80665579849150ce601046fbcf6c2306583b0490605115ac0f_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:693b5c635be68ad83f43140b36603d99a20c879bf345d12a44890b45bcd07b01_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:734219183920ce01e754291dd7611715a69a9403f9633b3400755786fcc275cd_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:8cbf69617323c8c5a34eb52591608ec28f43de129ed6140baf3f9a9a7fa483f8_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1fd5ff140d8d559cfd3c5ba85036579e0e72fa4ce7125e16c1ea24d70e94ff86_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:46e186d49081b64a4291e49e5f2acd77184699b66cdc08acdbb7e82c259b2b74_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:86787f164505d6ef3917997ad7a424d65da313fe50f0f952f13f55ce9d798b99_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bf1d68837cdb05f9c95e3c42692cc9e83fd4a0c5ac3dc7da3ffae49626502a9c_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2a6694107707703209034473f159ab1f7e22106c7d1e1d722f373627dd9d7c47_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5faebff2c06c92bbff9453f577c9b6c259e5365fb4f452f630c592e7a06673a2_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:8bec8dff7483dcb749deca1d7df6042b94d2a84abed4cf82e69230a8c28c59ca_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:9fa72261b4c4a178430ab10cecb79e1c9599740c3fc06192014245b1db1edffc_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:66d3a47929e31772f8cde153eb0523fb0f1696547ab2dbe98b30a453306b8adc_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b00869deda7269236cb315b95c8abf4930b97995dcac9212a99b561251a401a9_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b383628612ef6aff4328bd880b2400fd4011b53a1429a2ffacfc4d15f515d634_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:e86ddb9ffc3b50dc508f5eae310bcf1e7c994e7dbe3d538baebc1dc41316722d_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:3113f8ef93a2abecad7ad6bd44d800c9c2735888b93f7a9b713ee93669fc3802_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5f9b2a458158fbf02a611d8d2822c6425d186ce4cd73c091a097a3c0218f18ff_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a2650c47f50206054063e8a62a8073d29a29808b21c2ab3d9964bd70995ff6eb_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e33cee7e3c778713dd44e3109609155061de98b83fbb91a89182179163ec05d4_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:5931cffa333330d80fa57431080621e8f39cdb9257201fad7d56da31b01c569f_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:aea2066308c02465b7d1edc6afd52d3b6c37a92d1ca38e929a7354be2bb36493_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:b4339c9932dc7d84ce95f6b84a70f428f5f8da03e607f19602da5f83b6cacf1b_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d37b966d871535c9277cda4c8aef1d9306b4f47f38043718ab4f13ccebbebc6b_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:c09e38353c9125431890b9cbd0be760b8b6c3d1faf6bb515e20c2c414dd70f2d_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:3c8a43dac72fcb80665579849150ce601046fbcf6c2306583b0490605115ac0f_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:693b5c635be68ad83f43140b36603d99a20c879bf345d12a44890b45bcd07b01_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:734219183920ce01e754291dd7611715a69a9403f9633b3400755786fcc275cd_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:8cbf69617323c8c5a34eb52591608ec28f43de129ed6140baf3f9a9a7fa483f8_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1fd5ff140d8d559cfd3c5ba85036579e0e72fa4ce7125e16c1ea24d70e94ff86_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:46e186d49081b64a4291e49e5f2acd77184699b66cdc08acdbb7e82c259b2b74_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:86787f164505d6ef3917997ad7a424d65da313fe50f0f952f13f55ce9d798b99_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bf1d68837cdb05f9c95e3c42692cc9e83fd4a0c5ac3dc7da3ffae49626502a9c_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2a6694107707703209034473f159ab1f7e22106c7d1e1d722f373627dd9d7c47_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5faebff2c06c92bbff9453f577c9b6c259e5365fb4f452f630c592e7a06673a2_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:8bec8dff7483dcb749deca1d7df6042b94d2a84abed4cf82e69230a8c28c59ca_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:9fa72261b4c4a178430ab10cecb79e1c9599740c3fc06192014245b1db1edffc_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:66d3a47929e31772f8cde153eb0523fb0f1696547ab2dbe98b30a453306b8adc_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b00869deda7269236cb315b95c8abf4930b97995dcac9212a99b561251a401a9_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b383628612ef6aff4328bd880b2400fd4011b53a1429a2ffacfc4d15f515d634_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:e86ddb9ffc3b50dc508f5eae310bcf1e7c994e7dbe3d538baebc1dc41316722d_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:3113f8ef93a2abecad7ad6bd44d800c9c2735888b93f7a9b713ee93669fc3802_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5f9b2a458158fbf02a611d8d2822c6425d186ce4cd73c091a097a3c0218f18ff_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a2650c47f50206054063e8a62a8073d29a29808b21c2ab3d9964bd70995ff6eb_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e33cee7e3c778713dd44e3109609155061de98b83fbb91a89182179163ec05d4_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:5931cffa333330d80fa57431080621e8f39cdb9257201fad7d56da31b01c569f_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:aea2066308c02465b7d1edc6afd52d3b6c37a92d1ca38e929a7354be2bb36493_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:b4339c9932dc7d84ce95f6b84a70f428f5f8da03e607f19602da5f83b6cacf1b_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d37b966d871535c9277cda4c8aef1d9306b4f47f38043718ab4f13ccebbebc6b_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:c09e38353c9125431890b9cbd0be760b8b6c3d1faf6bb515e20c2c414dd70f2d_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "BuildKit: github.com/moby/buildkit: BuildKit: Arbitrary file write and code execution via untrusted frontend"
},
{
"cve": "CVE-2026-33748",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2026-03-27T15:02:00.107493+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:3c8a43dac72fcb80665579849150ce601046fbcf6c2306583b0490605115ac0f_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:693b5c635be68ad83f43140b36603d99a20c879bf345d12a44890b45bcd07b01_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:734219183920ce01e754291dd7611715a69a9403f9633b3400755786fcc275cd_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:8cbf69617323c8c5a34eb52591608ec28f43de129ed6140baf3f9a9a7fa483f8_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1fd5ff140d8d559cfd3c5ba85036579e0e72fa4ce7125e16c1ea24d70e94ff86_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:46e186d49081b64a4291e49e5f2acd77184699b66cdc08acdbb7e82c259b2b74_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:86787f164505d6ef3917997ad7a424d65da313fe50f0f952f13f55ce9d798b99_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bf1d68837cdb05f9c95e3c42692cc9e83fd4a0c5ac3dc7da3ffae49626502a9c_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2a6694107707703209034473f159ab1f7e22106c7d1e1d722f373627dd9d7c47_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5faebff2c06c92bbff9453f577c9b6c259e5365fb4f452f630c592e7a06673a2_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:8bec8dff7483dcb749deca1d7df6042b94d2a84abed4cf82e69230a8c28c59ca_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:9fa72261b4c4a178430ab10cecb79e1c9599740c3fc06192014245b1db1edffc_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:66d3a47929e31772f8cde153eb0523fb0f1696547ab2dbe98b30a453306b8adc_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b00869deda7269236cb315b95c8abf4930b97995dcac9212a99b561251a401a9_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b383628612ef6aff4328bd880b2400fd4011b53a1429a2ffacfc4d15f515d634_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:e86ddb9ffc3b50dc508f5eae310bcf1e7c994e7dbe3d538baebc1dc41316722d_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:5931cffa333330d80fa57431080621e8f39cdb9257201fad7d56da31b01c569f_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:aea2066308c02465b7d1edc6afd52d3b6c37a92d1ca38e929a7354be2bb36493_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:b4339c9932dc7d84ce95f6b84a70f428f5f8da03e607f19602da5f83b6cacf1b_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d37b966d871535c9277cda4c8aef1d9306b4f47f38043718ab4f13ccebbebc6b_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:c09e38353c9125431890b9cbd0be760b8b6c3d1faf6bb515e20c2c414dd70f2d_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2452271"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in BuildKit. Insufficient validation of Git URL fragment subdirectory components may allow a remote attacker to access files outside the checked-out Git repository root. This access is limited to files on the same mounted filesystem. This vulnerability could lead to unauthorized information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/moby/buildkit: BuildKit: Unauthorized file access via Git URL fragment subdir components",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:3113f8ef93a2abecad7ad6bd44d800c9c2735888b93f7a9b713ee93669fc3802_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5f9b2a458158fbf02a611d8d2822c6425d186ce4cd73c091a097a3c0218f18ff_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a2650c47f50206054063e8a62a8073d29a29808b21c2ab3d9964bd70995ff6eb_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e33cee7e3c778713dd44e3109609155061de98b83fbb91a89182179163ec05d4_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:3c8a43dac72fcb80665579849150ce601046fbcf6c2306583b0490605115ac0f_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:693b5c635be68ad83f43140b36603d99a20c879bf345d12a44890b45bcd07b01_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:734219183920ce01e754291dd7611715a69a9403f9633b3400755786fcc275cd_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:8cbf69617323c8c5a34eb52591608ec28f43de129ed6140baf3f9a9a7fa483f8_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1fd5ff140d8d559cfd3c5ba85036579e0e72fa4ce7125e16c1ea24d70e94ff86_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:46e186d49081b64a4291e49e5f2acd77184699b66cdc08acdbb7e82c259b2b74_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:86787f164505d6ef3917997ad7a424d65da313fe50f0f952f13f55ce9d798b99_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bf1d68837cdb05f9c95e3c42692cc9e83fd4a0c5ac3dc7da3ffae49626502a9c_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2a6694107707703209034473f159ab1f7e22106c7d1e1d722f373627dd9d7c47_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5faebff2c06c92bbff9453f577c9b6c259e5365fb4f452f630c592e7a06673a2_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:8bec8dff7483dcb749deca1d7df6042b94d2a84abed4cf82e69230a8c28c59ca_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:9fa72261b4c4a178430ab10cecb79e1c9599740c3fc06192014245b1db1edffc_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:66d3a47929e31772f8cde153eb0523fb0f1696547ab2dbe98b30a453306b8adc_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b00869deda7269236cb315b95c8abf4930b97995dcac9212a99b561251a401a9_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b383628612ef6aff4328bd880b2400fd4011b53a1429a2ffacfc4d15f515d634_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:e86ddb9ffc3b50dc508f5eae310bcf1e7c994e7dbe3d538baebc1dc41316722d_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:5931cffa333330d80fa57431080621e8f39cdb9257201fad7d56da31b01c569f_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:aea2066308c02465b7d1edc6afd52d3b6c37a92d1ca38e929a7354be2bb36493_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:b4339c9932dc7d84ce95f6b84a70f428f5f8da03e607f19602da5f83b6cacf1b_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d37b966d871535c9277cda4c8aef1d9306b4f47f38043718ab4f13ccebbebc6b_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:c09e38353c9125431890b9cbd0be760b8b6c3d1faf6bb515e20c2c414dd70f2d_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33748"
},
{
"category": "external",
"summary": "RHBZ#2452271",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452271"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33748",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33748"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33748",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33748"
},
{
"category": "external",
"summary": "https://docs.docker.com/build/concepts/context/#url-fragments",
"url": "https://docs.docker.com/build/concepts/context/#url-fragments"
},
{
"category": "external",
"summary": "https://github.com/moby/buildkit/releases/tag/v0.28.1",
"url": "https://github.com/moby/buildkit/releases/tag/v0.28.1"
},
{
"category": "external",
"summary": "https://github.com/moby/buildkit/security/advisories/GHSA-4vrq-3vrq-g6gg",
"url": "https://github.com/moby/buildkit/security/advisories/GHSA-4vrq-3vrq-g6gg"
}
],
"release_date": "2026-03-27T14:00:21.200000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-21T17:12:20+00:00",
"details": "See Red Hat OpenShift Service Mesh 3.0.10 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.0",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:3113f8ef93a2abecad7ad6bd44d800c9c2735888b93f7a9b713ee93669fc3802_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5f9b2a458158fbf02a611d8d2822c6425d186ce4cd73c091a097a3c0218f18ff_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a2650c47f50206054063e8a62a8073d29a29808b21c2ab3d9964bd70995ff6eb_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e33cee7e3c778713dd44e3109609155061de98b83fbb91a89182179163ec05d4_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9440"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:3c8a43dac72fcb80665579849150ce601046fbcf6c2306583b0490605115ac0f_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:693b5c635be68ad83f43140b36603d99a20c879bf345d12a44890b45bcd07b01_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:734219183920ce01e754291dd7611715a69a9403f9633b3400755786fcc275cd_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:8cbf69617323c8c5a34eb52591608ec28f43de129ed6140baf3f9a9a7fa483f8_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1fd5ff140d8d559cfd3c5ba85036579e0e72fa4ce7125e16c1ea24d70e94ff86_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:46e186d49081b64a4291e49e5f2acd77184699b66cdc08acdbb7e82c259b2b74_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:86787f164505d6ef3917997ad7a424d65da313fe50f0f952f13f55ce9d798b99_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bf1d68837cdb05f9c95e3c42692cc9e83fd4a0c5ac3dc7da3ffae49626502a9c_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2a6694107707703209034473f159ab1f7e22106c7d1e1d722f373627dd9d7c47_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5faebff2c06c92bbff9453f577c9b6c259e5365fb4f452f630c592e7a06673a2_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:8bec8dff7483dcb749deca1d7df6042b94d2a84abed4cf82e69230a8c28c59ca_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:9fa72261b4c4a178430ab10cecb79e1c9599740c3fc06192014245b1db1edffc_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:66d3a47929e31772f8cde153eb0523fb0f1696547ab2dbe98b30a453306b8adc_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b00869deda7269236cb315b95c8abf4930b97995dcac9212a99b561251a401a9_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b383628612ef6aff4328bd880b2400fd4011b53a1429a2ffacfc4d15f515d634_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:e86ddb9ffc3b50dc508f5eae310bcf1e7c994e7dbe3d538baebc1dc41316722d_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:3113f8ef93a2abecad7ad6bd44d800c9c2735888b93f7a9b713ee93669fc3802_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5f9b2a458158fbf02a611d8d2822c6425d186ce4cd73c091a097a3c0218f18ff_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a2650c47f50206054063e8a62a8073d29a29808b21c2ab3d9964bd70995ff6eb_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e33cee7e3c778713dd44e3109609155061de98b83fbb91a89182179163ec05d4_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:5931cffa333330d80fa57431080621e8f39cdb9257201fad7d56da31b01c569f_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:aea2066308c02465b7d1edc6afd52d3b6c37a92d1ca38e929a7354be2bb36493_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:b4339c9932dc7d84ce95f6b84a70f428f5f8da03e607f19602da5f83b6cacf1b_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d37b966d871535c9277cda4c8aef1d9306b4f47f38043718ab4f13ccebbebc6b_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:c09e38353c9125431890b9cbd0be760b8b6c3d1faf6bb515e20c2c414dd70f2d_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:3c8a43dac72fcb80665579849150ce601046fbcf6c2306583b0490605115ac0f_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:693b5c635be68ad83f43140b36603d99a20c879bf345d12a44890b45bcd07b01_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:734219183920ce01e754291dd7611715a69a9403f9633b3400755786fcc275cd_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9@sha256:8cbf69617323c8c5a34eb52591608ec28f43de129ed6140baf3f9a9a7fa483f8_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1fd5ff140d8d559cfd3c5ba85036579e0e72fa4ce7125e16c1ea24d70e94ff86_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:46e186d49081b64a4291e49e5f2acd77184699b66cdc08acdbb7e82c259b2b74_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:86787f164505d6ef3917997ad7a424d65da313fe50f0f952f13f55ce9d798b99_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:bf1d68837cdb05f9c95e3c42692cc9e83fd4a0c5ac3dc7da3ffae49626502a9c_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2a6694107707703209034473f159ab1f7e22106c7d1e1d722f373627dd9d7c47_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5faebff2c06c92bbff9453f577c9b6c259e5365fb4f452f630c592e7a06673a2_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:8bec8dff7483dcb749deca1d7df6042b94d2a84abed4cf82e69230a8c28c59ca_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:9fa72261b4c4a178430ab10cecb79e1c9599740c3fc06192014245b1db1edffc_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:66d3a47929e31772f8cde153eb0523fb0f1696547ab2dbe98b30a453306b8adc_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b00869deda7269236cb315b95c8abf4930b97995dcac9212a99b561251a401a9_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b383628612ef6aff4328bd880b2400fd4011b53a1429a2ffacfc4d15f515d634_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:e86ddb9ffc3b50dc508f5eae310bcf1e7c994e7dbe3d538baebc1dc41316722d_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:3113f8ef93a2abecad7ad6bd44d800c9c2735888b93f7a9b713ee93669fc3802_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5f9b2a458158fbf02a611d8d2822c6425d186ce4cd73c091a097a3c0218f18ff_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a2650c47f50206054063e8a62a8073d29a29808b21c2ab3d9964bd70995ff6eb_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:e33cee7e3c778713dd44e3109609155061de98b83fbb91a89182179163ec05d4_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:5931cffa333330d80fa57431080621e8f39cdb9257201fad7d56da31b01c569f_amd64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:aea2066308c02465b7d1edc6afd52d3b6c37a92d1ca38e929a7354be2bb36493_ppc64le",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:b4339c9932dc7d84ce95f6b84a70f428f5f8da03e607f19602da5f83b6cacf1b_arm64",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:d37b966d871535c9277cda4c8aef1d9306b4f47f38043718ab4f13ccebbebc6b_s390x",
"Red Hat OpenShift Service Mesh 3.0:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:c09e38353c9125431890b9cbd0be760b8b6c3d1faf6bb515e20c2c414dd70f2d_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "github.com/moby/buildkit: BuildKit: Unauthorized file access via Git URL fragment subdir components"
}
]
}
RHSA-2026:9448
Vulnerability from csaf_redhat - Published: 2026-04-21 17:23 - Updated: 2026-07-03 06:49The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:0f0dfc2423b897ec2b43dc9fff794690809d845f065c7ae4635191348f4af1d2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:2040cfbc531f36c1a8387e41911e3e9d26f53a4ef4a24bc712cbe7f33264f356_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:3ba4910ac8b0bed39310344d4cfa21c645922f80cd287b7f66f4b2873871a26a_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:65368e8e6648247d5efe4edb74085384e833d7cac67c93518f3a6efc059fafbd_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:702f60c7aa0927bf2b8a4e2077d972222a0fe13b06a6afd5ce6d3e518cae42a5_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7bc9ffa1c1d9895be132f424d80643bc804a4e99d886762ed16bc8c3d2121c74_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a55d6fe6d7d1d94134e35aa47f3578348b8f0185b7f2c51a69aecb6b8eb2e976_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:e496840d6cf9f281ba71596f477044f370530f37cc5a694d7d538eb37b4f903a_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:321be87a16bb3b4564223709a86bf2d00c831a249de86d48e03855855776d250_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d1dda2038649d6dcae41d9ef83d0391cdb7499bb6ebedf8453d197fb06ce055_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7055e7c41cc056bfb96e5b429a78e27e7a7584d97f26eec6601cad5eca403cc9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7c918bae6c51890395296e41239ae3101226595d07b880aefd02e765119dbffb_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:149448cd15ef98964551a2527d3287851e3e7726a64e10f94b846a41ed756766_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:2fc0af6b178529161647bc102dd8c762dd850b2598296bf7b045e6b1e31b6606_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:8f18db5e45ba3934b5878c824cd38ffe989fedad1d28c7d1b39e472f4c0fb43a_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:bfd02648a63140c8f810011cbc3f345e0e883a6c3893bb785319fd74871b9ccd_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:1a1a9cf19de45b8920e70d8123da7f1e7b2568fe356d98203dc0053cee541339_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:46f11470d7627e5a74663770efb3e8118910f5e2f84a1191f6b14805efc10c73_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:883910879ec4940cd9221bd64fbfa392d1ca28503f4e63277169441cb0addeae_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:8e5be961ce5b17d43e49ad3a0bd5339af75f19d46d11881423c1e86b8bc45a0c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:18dc040c6df63b00dbb419895f754d4d728122cf8e245d40cfd9d1f625609bfc_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:4d4ba0754e38ed8824e2a4c1c0e9f603b55650366883339acb67efdbcefae8e0_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5aee5dd20238fc15d863e2b700f4b510a758d6fcb696b384bcb7aa0854061428_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:629b6b3147b374e2ee5398b4778ef13d7377bc617391df92e0e7b19a4194a6aa_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:2f1655b06910cc596ef10f55ad2d34882b82e30b4c6c1a2456bc25cf6e4928c5_amd64 | — |
Workaround
|
A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 `:path` pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed `:path` that omits the mandatory leading slash. This allows the attacker to bypass defined security policies, potentially leading to unauthorized access to services or information disclosure.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:321be87a16bb3b4564223709a86bf2d00c831a249de86d48e03855855776d250_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d1dda2038649d6dcae41d9ef83d0391cdb7499bb6ebedf8453d197fb06ce055_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7055e7c41cc056bfb96e5b429a78e27e7a7584d97f26eec6601cad5eca403cc9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7c918bae6c51890395296e41239ae3101226595d07b880aefd02e765119dbffb_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:1a1a9cf19de45b8920e70d8123da7f1e7b2568fe356d98203dc0053cee541339_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:46f11470d7627e5a74663770efb3e8118910f5e2f84a1191f6b14805efc10c73_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:883910879ec4940cd9221bd64fbfa392d1ca28503f4e63277169441cb0addeae_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:8e5be961ce5b17d43e49ad3a0bd5339af75f19d46d11881423c1e86b8bc45a0c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:0f0dfc2423b897ec2b43dc9fff794690809d845f065c7ae4635191348f4af1d2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:2040cfbc531f36c1a8387e41911e3e9d26f53a4ef4a24bc712cbe7f33264f356_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:3ba4910ac8b0bed39310344d4cfa21c645922f80cd287b7f66f4b2873871a26a_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:65368e8e6648247d5efe4edb74085384e833d7cac67c93518f3a6efc059fafbd_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:18dc040c6df63b00dbb419895f754d4d728122cf8e245d40cfd9d1f625609bfc_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:4d4ba0754e38ed8824e2a4c1c0e9f603b55650366883339acb67efdbcefae8e0_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5aee5dd20238fc15d863e2b700f4b510a758d6fcb696b384bcb7aa0854061428_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:629b6b3147b374e2ee5398b4778ef13d7377bc617391df92e0e7b19a4194a6aa_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:702f60c7aa0927bf2b8a4e2077d972222a0fe13b06a6afd5ce6d3e518cae42a5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7bc9ffa1c1d9895be132f424d80643bc804a4e99d886762ed16bc8c3d2121c74_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a55d6fe6d7d1d94134e35aa47f3578348b8f0185b7f2c51a69aecb6b8eb2e976_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:e496840d6cf9f281ba71596f477044f370530f37cc5a694d7d538eb37b4f903a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:149448cd15ef98964551a2527d3287851e3e7726a64e10f94b846a41ed756766_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:2fc0af6b178529161647bc102dd8c762dd850b2598296bf7b045e6b1e31b6606_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:8f18db5e45ba3934b5878c824cd38ffe989fedad1d28c7d1b39e472f4c0fb43a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:bfd02648a63140c8f810011cbc3f345e0e883a6c3893bb785319fd74871b9ccd_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:2f1655b06910cc596ef10f55ad2d34882b82e30b4c6c1a2456bc25cf6e4928c5_amd64 | — |
Workaround
|
A flaw was found in BuildKit, a toolkit for converting source code to build artifacts. An untrusted BuildKit frontend can be leveraged to craft a malicious API message, allowing files to be written outside of the designated BuildKit state directory. This vulnerability, which is a form of arbitrary file write, could enable an attacker to execute unauthorized code or escalate their privileges on the system. This issue arises when custom BuildKit frontends are used with specific configuration options.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:321be87a16bb3b4564223709a86bf2d00c831a249de86d48e03855855776d250_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d1dda2038649d6dcae41d9ef83d0391cdb7499bb6ebedf8453d197fb06ce055_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7055e7c41cc056bfb96e5b429a78e27e7a7584d97f26eec6601cad5eca403cc9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7c918bae6c51890395296e41239ae3101226595d07b880aefd02e765119dbffb_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:1a1a9cf19de45b8920e70d8123da7f1e7b2568fe356d98203dc0053cee541339_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:46f11470d7627e5a74663770efb3e8118910f5e2f84a1191f6b14805efc10c73_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:883910879ec4940cd9221bd64fbfa392d1ca28503f4e63277169441cb0addeae_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:8e5be961ce5b17d43e49ad3a0bd5339af75f19d46d11881423c1e86b8bc45a0c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:0f0dfc2423b897ec2b43dc9fff794690809d845f065c7ae4635191348f4af1d2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:2040cfbc531f36c1a8387e41911e3e9d26f53a4ef4a24bc712cbe7f33264f356_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:3ba4910ac8b0bed39310344d4cfa21c645922f80cd287b7f66f4b2873871a26a_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:65368e8e6648247d5efe4edb74085384e833d7cac67c93518f3a6efc059fafbd_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:18dc040c6df63b00dbb419895f754d4d728122cf8e245d40cfd9d1f625609bfc_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:4d4ba0754e38ed8824e2a4c1c0e9f603b55650366883339acb67efdbcefae8e0_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5aee5dd20238fc15d863e2b700f4b510a758d6fcb696b384bcb7aa0854061428_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:629b6b3147b374e2ee5398b4778ef13d7377bc617391df92e0e7b19a4194a6aa_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:702f60c7aa0927bf2b8a4e2077d972222a0fe13b06a6afd5ce6d3e518cae42a5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7bc9ffa1c1d9895be132f424d80643bc804a4e99d886762ed16bc8c3d2121c74_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a55d6fe6d7d1d94134e35aa47f3578348b8f0185b7f2c51a69aecb6b8eb2e976_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:e496840d6cf9f281ba71596f477044f370530f37cc5a694d7d538eb37b4f903a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:149448cd15ef98964551a2527d3287851e3e7726a64e10f94b846a41ed756766_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:2fc0af6b178529161647bc102dd8c762dd850b2598296bf7b045e6b1e31b6606_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:8f18db5e45ba3934b5878c824cd38ffe989fedad1d28c7d1b39e472f4c0fb43a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:bfd02648a63140c8f810011cbc3f345e0e883a6c3893bb785319fd74871b9ccd_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:2f1655b06910cc596ef10f55ad2d34882b82e30b4c6c1a2456bc25cf6e4928c5_amd64 | — |
Workaround
|
A flaw was found in BuildKit. Insufficient validation of Git URL fragment subdirectory components may allow a remote attacker to access files outside the checked-out Git repository root. This access is limited to files on the same mounted filesystem. This vulnerability could lead to unauthorized information disclosure.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:321be87a16bb3b4564223709a86bf2d00c831a249de86d48e03855855776d250_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d1dda2038649d6dcae41d9ef83d0391cdb7499bb6ebedf8453d197fb06ce055_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7055e7c41cc056bfb96e5b429a78e27e7a7584d97f26eec6601cad5eca403cc9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7c918bae6c51890395296e41239ae3101226595d07b880aefd02e765119dbffb_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:1a1a9cf19de45b8920e70d8123da7f1e7b2568fe356d98203dc0053cee541339_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:46f11470d7627e5a74663770efb3e8118910f5e2f84a1191f6b14805efc10c73_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:883910879ec4940cd9221bd64fbfa392d1ca28503f4e63277169441cb0addeae_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:8e5be961ce5b17d43e49ad3a0bd5339af75f19d46d11881423c1e86b8bc45a0c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:0f0dfc2423b897ec2b43dc9fff794690809d845f065c7ae4635191348f4af1d2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:2040cfbc531f36c1a8387e41911e3e9d26f53a4ef4a24bc712cbe7f33264f356_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:3ba4910ac8b0bed39310344d4cfa21c645922f80cd287b7f66f4b2873871a26a_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:65368e8e6648247d5efe4edb74085384e833d7cac67c93518f3a6efc059fafbd_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:18dc040c6df63b00dbb419895f754d4d728122cf8e245d40cfd9d1f625609bfc_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:4d4ba0754e38ed8824e2a4c1c0e9f603b55650366883339acb67efdbcefae8e0_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5aee5dd20238fc15d863e2b700f4b510a758d6fcb696b384bcb7aa0854061428_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:629b6b3147b374e2ee5398b4778ef13d7377bc617391df92e0e7b19a4194a6aa_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:702f60c7aa0927bf2b8a4e2077d972222a0fe13b06a6afd5ce6d3e518cae42a5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7bc9ffa1c1d9895be132f424d80643bc804a4e99d886762ed16bc8c3d2121c74_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a55d6fe6d7d1d94134e35aa47f3578348b8f0185b7f2c51a69aecb6b8eb2e976_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:e496840d6cf9f281ba71596f477044f370530f37cc5a694d7d538eb37b4f903a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:149448cd15ef98964551a2527d3287851e3e7726a64e10f94b846a41ed756766_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:2fc0af6b178529161647bc102dd8c762dd850b2598296bf7b045e6b1e31b6606_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:8f18db5e45ba3934b5878c824cd38ffe989fedad1d28c7d1b39e472f4c0fb43a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:bfd02648a63140c8f810011cbc3f345e0e883a6c3893bb785319fd74871b9ccd_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:2f1655b06910cc596ef10f55ad2d34882b82e30b4c6c1a2456bc25cf6e4928c5_amd64 | — |
Workaround
|
A flaw was found in Go JOSE, a library for handling JSON Web Encryption (JWE) objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the application can crash. This leads to a denial of service (DoS), making the affected service unavailable to legitimate users.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:0f0dfc2423b897ec2b43dc9fff794690809d845f065c7ae4635191348f4af1d2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:2040cfbc531f36c1a8387e41911e3e9d26f53a4ef4a24bc712cbe7f33264f356_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:3ba4910ac8b0bed39310344d4cfa21c645922f80cd287b7f66f4b2873871a26a_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:65368e8e6648247d5efe4edb74085384e833d7cac67c93518f3a6efc059fafbd_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:702f60c7aa0927bf2b8a4e2077d972222a0fe13b06a6afd5ce6d3e518cae42a5_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7bc9ffa1c1d9895be132f424d80643bc804a4e99d886762ed16bc8c3d2121c74_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a55d6fe6d7d1d94134e35aa47f3578348b8f0185b7f2c51a69aecb6b8eb2e976_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:e496840d6cf9f281ba71596f477044f370530f37cc5a694d7d538eb37b4f903a_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:1a1a9cf19de45b8920e70d8123da7f1e7b2568fe356d98203dc0053cee541339_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:46f11470d7627e5a74663770efb3e8118910f5e2f84a1191f6b14805efc10c73_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:883910879ec4940cd9221bd64fbfa392d1ca28503f4e63277169441cb0addeae_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:8e5be961ce5b17d43e49ad3a0bd5339af75f19d46d11881423c1e86b8bc45a0c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:18dc040c6df63b00dbb419895f754d4d728122cf8e245d40cfd9d1f625609bfc_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:4d4ba0754e38ed8824e2a4c1c0e9f603b55650366883339acb67efdbcefae8e0_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5aee5dd20238fc15d863e2b700f4b510a758d6fcb696b384bcb7aa0854061428_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:629b6b3147b374e2ee5398b4778ef13d7377bc617391df92e0e7b19a4194a6aa_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:321be87a16bb3b4564223709a86bf2d00c831a249de86d48e03855855776d250_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d1dda2038649d6dcae41d9ef83d0391cdb7499bb6ebedf8453d197fb06ce055_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7055e7c41cc056bfb96e5b429a78e27e7a7584d97f26eec6601cad5eca403cc9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7c918bae6c51890395296e41239ae3101226595d07b880aefd02e765119dbffb_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:149448cd15ef98964551a2527d3287851e3e7726a64e10f94b846a41ed756766_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:2fc0af6b178529161647bc102dd8c762dd850b2598296bf7b045e6b1e31b6606_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:8f18db5e45ba3934b5878c824cd38ffe989fedad1d28c7d1b39e472f4c0fb43a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:bfd02648a63140c8f810011cbc3f345e0e883a6c3893bb785319fd74871b9ccd_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:2f1655b06910cc596ef10f55ad2d34882b82e30b4c6c1a2456bc25cf6e4928c5_amd64 | — |
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Service Mesh 3.1.7\n\nThis update has a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Service Mesh 3.1.7, which is based on the open source Istio project, addresses a variety of problems in a microservice architecture by creating a centralized point of control in an application.\n\nFixes/Improvements:\n\nSecurity Fix(es):\n\n* istio-rhel9-operator: Incorrect parsing of IPv6 host literals in net/url (CVE-2026-25679)\n\n* istio-cni-rhel9: Incorrect parsing of IPv6 host literals in net/url (CVE-2026-25679)\n\n* istio-pilot-rhel9: Incorrect parsing of IPv6 host literals in net/url (CVE-2026-25679)\n\n* istio-proxyv2-rhel9: Incorrect parsing of IPv6 host literals in net/url (CVE-2026-25679)\n\n* istio-proxyv2-rhel9: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation (CVE-2026-33186)\n\n* istio-proxyv2-rhel9: BuildKit: Arbitrary file write and code execution via untrusted frontend (CVE-2026-33747)\n\n* istio-proxyv2-rhel9: BuildKit: Unauthorized file access via Git URL fragment subdir components (CVE-2026-33748)\n\n* istio-cni-rhel9: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object (CVE-2026-34986)\n\n* istio-pilot-rhel9: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object (CVE-2026-34986)\n\nBug Fix(es):\n\n* OSSM operator metrics reader ClusterRole conflicts with other operators (OSSM-13106)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:9448",
"url": "https://access.redhat.com/errata/RHSA-2026:9448"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-25679",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33186",
"url": "https://access.redhat.com/security/cve/CVE-2026-33186"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33747",
"url": "https://access.redhat.com/security/cve/CVE-2026-33747"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33748",
"url": "https://access.redhat.com/security/cve/CVE-2026-33748"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-34986",
"url": "https://access.redhat.com/security/cve/CVE-2026-34986"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/cve-2026-25679",
"url": "https://access.redhat.com/security/cve/cve-2026-25679"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/cve-2026-33186",
"url": "https://access.redhat.com/security/cve/cve-2026-33186"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/cve-2026-33747",
"url": "https://access.redhat.com/security/cve/cve-2026-33747"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/cve-2026-33748",
"url": "https://access.redhat.com/security/cve/cve-2026-33748"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/cve-2026-34986",
"url": "https://access.redhat.com/security/cve/cve-2026-34986"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification",
"url": "https://access.redhat.com/security/updates/classification"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_9448.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Service Mesh 3.1.7",
"tracking": {
"current_release_date": "2026-07-03T06:49:32+00:00",
"generator": {
"date": "2026-07-03T06:49:32+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:9448",
"initial_release_date": "2026-04-21T17:23:46+00:00",
"revision_history": [
{
"date": "2026-04-21T17:23:46+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-04-21T17:23:52+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-03T06:49:32+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Service Mesh 3.1",
"product": {
"name": "Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:service_mesh:3.1::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Service Mesh"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:2f1655b06910cc596ef10f55ad2d34882b82e30b4c6c1a2456bc25cf6e4928c5_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:2f1655b06910cc596ef10f55ad2d34882b82e30b4c6c1a2456bc25cf6e4928c5_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:2f1655b06910cc596ef10f55ad2d34882b82e30b4c6c1a2456bc25cf6e4928c5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-sail-operator-bundle@sha256%3A2f1655b06910cc596ef10f55ad2d34882b82e30b4c6c1a2456bc25cf6e4928c5?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776677125"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:0f0dfc2423b897ec2b43dc9fff794690809d845f065c7ae4635191348f4af1d2_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:0f0dfc2423b897ec2b43dc9fff794690809d845f065c7ae4635191348f4af1d2_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:0f0dfc2423b897ec2b43dc9fff794690809d845f065c7ae4635191348f4af1d2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel9@sha256%3A0f0dfc2423b897ec2b43dc9fff794690809d845f065c7ae4635191348f4af1d2?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776238635"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:18dc040c6df63b00dbb419895f754d4d728122cf8e245d40cfd9d1f625609bfc_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:18dc040c6df63b00dbb419895f754d4d728122cf8e245d40cfd9d1f625609bfc_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:18dc040c6df63b00dbb419895f754d4d728122cf8e245d40cfd9d1f625609bfc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel9@sha256%3A18dc040c6df63b00dbb419895f754d4d728122cf8e245d40cfd9d1f625609bfc?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776412783"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:149448cd15ef98964551a2527d3287851e3e7726a64e10f94b846a41ed756766_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:149448cd15ef98964551a2527d3287851e3e7726a64e10f94b846a41ed756766_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:149448cd15ef98964551a2527d3287851e3e7726a64e10f94b846a41ed756766_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel9-operator@sha256%3A149448cd15ef98964551a2527d3287851e3e7726a64e10f94b846a41ed756766?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776232570"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:e496840d6cf9f281ba71596f477044f370530f37cc5a694d7d538eb37b4f903a_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:e496840d6cf9f281ba71596f477044f370530f37cc5a694d7d538eb37b4f903a_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:e496840d6cf9f281ba71596f477044f370530f37cc5a694d7d538eb37b4f903a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-pilot-rhel9@sha256%3Ae496840d6cf9f281ba71596f477044f370530f37cc5a694d7d538eb37b4f903a?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776256858"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7055e7c41cc056bfb96e5b429a78e27e7a7584d97f26eec6601cad5eca403cc9_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7055e7c41cc056bfb96e5b429a78e27e7a7584d97f26eec6601cad5eca403cc9_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7055e7c41cc056bfb96e5b429a78e27e7a7584d97f26eec6601cad5eca403cc9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-proxyv2-rhel9@sha256%3A7055e7c41cc056bfb96e5b429a78e27e7a7584d97f26eec6601cad5eca403cc9?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776315466"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:8e5be961ce5b17d43e49ad3a0bd5339af75f19d46d11881423c1e86b8bc45a0c_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:8e5be961ce5b17d43e49ad3a0bd5339af75f19d46d11881423c1e86b8bc45a0c_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:8e5be961ce5b17d43e49ad3a0bd5339af75f19d46d11881423c1e86b8bc45a0c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-ztunnel-rhel9@sha256%3A8e5be961ce5b17d43e49ad3a0bd5339af75f19d46d11881423c1e86b8bc45a0c?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh-tech-preview\u0026tag=1776177800"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:65368e8e6648247d5efe4edb74085384e833d7cac67c93518f3a6efc059fafbd_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:65368e8e6648247d5efe4edb74085384e833d7cac67c93518f3a6efc059fafbd_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:65368e8e6648247d5efe4edb74085384e833d7cac67c93518f3a6efc059fafbd_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel9@sha256%3A65368e8e6648247d5efe4edb74085384e833d7cac67c93518f3a6efc059fafbd?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776238635"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:4d4ba0754e38ed8824e2a4c1c0e9f603b55650366883339acb67efdbcefae8e0_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:4d4ba0754e38ed8824e2a4c1c0e9f603b55650366883339acb67efdbcefae8e0_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:4d4ba0754e38ed8824e2a4c1c0e9f603b55650366883339acb67efdbcefae8e0_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel9@sha256%3A4d4ba0754e38ed8824e2a4c1c0e9f603b55650366883339acb67efdbcefae8e0?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776412783"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:bfd02648a63140c8f810011cbc3f345e0e883a6c3893bb785319fd74871b9ccd_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:bfd02648a63140c8f810011cbc3f345e0e883a6c3893bb785319fd74871b9ccd_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:bfd02648a63140c8f810011cbc3f345e0e883a6c3893bb785319fd74871b9ccd_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel9-operator@sha256%3Abfd02648a63140c8f810011cbc3f345e0e883a6c3893bb785319fd74871b9ccd?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776232570"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7bc9ffa1c1d9895be132f424d80643bc804a4e99d886762ed16bc8c3d2121c74_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7bc9ffa1c1d9895be132f424d80643bc804a4e99d886762ed16bc8c3d2121c74_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7bc9ffa1c1d9895be132f424d80643bc804a4e99d886762ed16bc8c3d2121c74_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-pilot-rhel9@sha256%3A7bc9ffa1c1d9895be132f424d80643bc804a4e99d886762ed16bc8c3d2121c74?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776256858"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7c918bae6c51890395296e41239ae3101226595d07b880aefd02e765119dbffb_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7c918bae6c51890395296e41239ae3101226595d07b880aefd02e765119dbffb_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7c918bae6c51890395296e41239ae3101226595d07b880aefd02e765119dbffb_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-proxyv2-rhel9@sha256%3A7c918bae6c51890395296e41239ae3101226595d07b880aefd02e765119dbffb?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776315466"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:883910879ec4940cd9221bd64fbfa392d1ca28503f4e63277169441cb0addeae_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:883910879ec4940cd9221bd64fbfa392d1ca28503f4e63277169441cb0addeae_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:883910879ec4940cd9221bd64fbfa392d1ca28503f4e63277169441cb0addeae_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-ztunnel-rhel9@sha256%3A883910879ec4940cd9221bd64fbfa392d1ca28503f4e63277169441cb0addeae?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh-tech-preview\u0026tag=1776177800"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:2040cfbc531f36c1a8387e41911e3e9d26f53a4ef4a24bc712cbe7f33264f356_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:2040cfbc531f36c1a8387e41911e3e9d26f53a4ef4a24bc712cbe7f33264f356_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:2040cfbc531f36c1a8387e41911e3e9d26f53a4ef4a24bc712cbe7f33264f356_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel9@sha256%3A2040cfbc531f36c1a8387e41911e3e9d26f53a4ef4a24bc712cbe7f33264f356?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776238635"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5aee5dd20238fc15d863e2b700f4b510a758d6fcb696b384bcb7aa0854061428_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5aee5dd20238fc15d863e2b700f4b510a758d6fcb696b384bcb7aa0854061428_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5aee5dd20238fc15d863e2b700f4b510a758d6fcb696b384bcb7aa0854061428_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel9@sha256%3A5aee5dd20238fc15d863e2b700f4b510a758d6fcb696b384bcb7aa0854061428?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776412783"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:8f18db5e45ba3934b5878c824cd38ffe989fedad1d28c7d1b39e472f4c0fb43a_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:8f18db5e45ba3934b5878c824cd38ffe989fedad1d28c7d1b39e472f4c0fb43a_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:8f18db5e45ba3934b5878c824cd38ffe989fedad1d28c7d1b39e472f4c0fb43a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel9-operator@sha256%3A8f18db5e45ba3934b5878c824cd38ffe989fedad1d28c7d1b39e472f4c0fb43a?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776232570"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a55d6fe6d7d1d94134e35aa47f3578348b8f0185b7f2c51a69aecb6b8eb2e976_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a55d6fe6d7d1d94134e35aa47f3578348b8f0185b7f2c51a69aecb6b8eb2e976_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a55d6fe6d7d1d94134e35aa47f3578348b8f0185b7f2c51a69aecb6b8eb2e976_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-pilot-rhel9@sha256%3Aa55d6fe6d7d1d94134e35aa47f3578348b8f0185b7f2c51a69aecb6b8eb2e976?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776256858"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:321be87a16bb3b4564223709a86bf2d00c831a249de86d48e03855855776d250_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:321be87a16bb3b4564223709a86bf2d00c831a249de86d48e03855855776d250_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:321be87a16bb3b4564223709a86bf2d00c831a249de86d48e03855855776d250_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-proxyv2-rhel9@sha256%3A321be87a16bb3b4564223709a86bf2d00c831a249de86d48e03855855776d250?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776315466"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:46f11470d7627e5a74663770efb3e8118910f5e2f84a1191f6b14805efc10c73_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:46f11470d7627e5a74663770efb3e8118910f5e2f84a1191f6b14805efc10c73_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:46f11470d7627e5a74663770efb3e8118910f5e2f84a1191f6b14805efc10c73_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-ztunnel-rhel9@sha256%3A46f11470d7627e5a74663770efb3e8118910f5e2f84a1191f6b14805efc10c73?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh-tech-preview\u0026tag=1776177800"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:3ba4910ac8b0bed39310344d4cfa21c645922f80cd287b7f66f4b2873871a26a_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:3ba4910ac8b0bed39310344d4cfa21c645922f80cd287b7f66f4b2873871a26a_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:3ba4910ac8b0bed39310344d4cfa21c645922f80cd287b7f66f4b2873871a26a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel9@sha256%3A3ba4910ac8b0bed39310344d4cfa21c645922f80cd287b7f66f4b2873871a26a?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776238635"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:629b6b3147b374e2ee5398b4778ef13d7377bc617391df92e0e7b19a4194a6aa_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:629b6b3147b374e2ee5398b4778ef13d7377bc617391df92e0e7b19a4194a6aa_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:629b6b3147b374e2ee5398b4778ef13d7377bc617391df92e0e7b19a4194a6aa_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel9@sha256%3A629b6b3147b374e2ee5398b4778ef13d7377bc617391df92e0e7b19a4194a6aa?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776412783"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:2fc0af6b178529161647bc102dd8c762dd850b2598296bf7b045e6b1e31b6606_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:2fc0af6b178529161647bc102dd8c762dd850b2598296bf7b045e6b1e31b6606_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:2fc0af6b178529161647bc102dd8c762dd850b2598296bf7b045e6b1e31b6606_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel9-operator@sha256%3A2fc0af6b178529161647bc102dd8c762dd850b2598296bf7b045e6b1e31b6606?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776232570"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:702f60c7aa0927bf2b8a4e2077d972222a0fe13b06a6afd5ce6d3e518cae42a5_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:702f60c7aa0927bf2b8a4e2077d972222a0fe13b06a6afd5ce6d3e518cae42a5_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:702f60c7aa0927bf2b8a4e2077d972222a0fe13b06a6afd5ce6d3e518cae42a5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-pilot-rhel9@sha256%3A702f60c7aa0927bf2b8a4e2077d972222a0fe13b06a6afd5ce6d3e518cae42a5?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776256858"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d1dda2038649d6dcae41d9ef83d0391cdb7499bb6ebedf8453d197fb06ce055_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d1dda2038649d6dcae41d9ef83d0391cdb7499bb6ebedf8453d197fb06ce055_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d1dda2038649d6dcae41d9ef83d0391cdb7499bb6ebedf8453d197fb06ce055_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-proxyv2-rhel9@sha256%3A5d1dda2038649d6dcae41d9ef83d0391cdb7499bb6ebedf8453d197fb06ce055?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776315466"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:1a1a9cf19de45b8920e70d8123da7f1e7b2568fe356d98203dc0053cee541339_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:1a1a9cf19de45b8920e70d8123da7f1e7b2568fe356d98203dc0053cee541339_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:1a1a9cf19de45b8920e70d8123da7f1e7b2568fe356d98203dc0053cee541339_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-ztunnel-rhel9@sha256%3A1a1a9cf19de45b8920e70d8123da7f1e7b2568fe356d98203dc0053cee541339?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh-tech-preview\u0026tag=1776177800"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:1a1a9cf19de45b8920e70d8123da7f1e7b2568fe356d98203dc0053cee541339_s390x as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:1a1a9cf19de45b8920e70d8123da7f1e7b2568fe356d98203dc0053cee541339_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:1a1a9cf19de45b8920e70d8123da7f1e7b2568fe356d98203dc0053cee541339_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:46f11470d7627e5a74663770efb3e8118910f5e2f84a1191f6b14805efc10c73_ppc64le as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:46f11470d7627e5a74663770efb3e8118910f5e2f84a1191f6b14805efc10c73_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:46f11470d7627e5a74663770efb3e8118910f5e2f84a1191f6b14805efc10c73_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:883910879ec4940cd9221bd64fbfa392d1ca28503f4e63277169441cb0addeae_arm64 as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:883910879ec4940cd9221bd64fbfa392d1ca28503f4e63277169441cb0addeae_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:883910879ec4940cd9221bd64fbfa392d1ca28503f4e63277169441cb0addeae_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:8e5be961ce5b17d43e49ad3a0bd5339af75f19d46d11881423c1e86b8bc45a0c_amd64 as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:8e5be961ce5b17d43e49ad3a0bd5339af75f19d46d11881423c1e86b8bc45a0c_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:8e5be961ce5b17d43e49ad3a0bd5339af75f19d46d11881423c1e86b8bc45a0c_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:0f0dfc2423b897ec2b43dc9fff794690809d845f065c7ae4635191348f4af1d2_amd64 as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:0f0dfc2423b897ec2b43dc9fff794690809d845f065c7ae4635191348f4af1d2_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:0f0dfc2423b897ec2b43dc9fff794690809d845f065c7ae4635191348f4af1d2_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:2040cfbc531f36c1a8387e41911e3e9d26f53a4ef4a24bc712cbe7f33264f356_ppc64le as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:2040cfbc531f36c1a8387e41911e3e9d26f53a4ef4a24bc712cbe7f33264f356_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:2040cfbc531f36c1a8387e41911e3e9d26f53a4ef4a24bc712cbe7f33264f356_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:3ba4910ac8b0bed39310344d4cfa21c645922f80cd287b7f66f4b2873871a26a_s390x as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:3ba4910ac8b0bed39310344d4cfa21c645922f80cd287b7f66f4b2873871a26a_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:3ba4910ac8b0bed39310344d4cfa21c645922f80cd287b7f66f4b2873871a26a_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:65368e8e6648247d5efe4edb74085384e833d7cac67c93518f3a6efc059fafbd_arm64 as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:65368e8e6648247d5efe4edb74085384e833d7cac67c93518f3a6efc059fafbd_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:65368e8e6648247d5efe4edb74085384e833d7cac67c93518f3a6efc059fafbd_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:18dc040c6df63b00dbb419895f754d4d728122cf8e245d40cfd9d1f625609bfc_amd64 as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:18dc040c6df63b00dbb419895f754d4d728122cf8e245d40cfd9d1f625609bfc_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:18dc040c6df63b00dbb419895f754d4d728122cf8e245d40cfd9d1f625609bfc_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:4d4ba0754e38ed8824e2a4c1c0e9f603b55650366883339acb67efdbcefae8e0_arm64 as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:4d4ba0754e38ed8824e2a4c1c0e9f603b55650366883339acb67efdbcefae8e0_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:4d4ba0754e38ed8824e2a4c1c0e9f603b55650366883339acb67efdbcefae8e0_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5aee5dd20238fc15d863e2b700f4b510a758d6fcb696b384bcb7aa0854061428_ppc64le as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5aee5dd20238fc15d863e2b700f4b510a758d6fcb696b384bcb7aa0854061428_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5aee5dd20238fc15d863e2b700f4b510a758d6fcb696b384bcb7aa0854061428_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:629b6b3147b374e2ee5398b4778ef13d7377bc617391df92e0e7b19a4194a6aa_s390x as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:629b6b3147b374e2ee5398b4778ef13d7377bc617391df92e0e7b19a4194a6aa_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:629b6b3147b374e2ee5398b4778ef13d7377bc617391df92e0e7b19a4194a6aa_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:702f60c7aa0927bf2b8a4e2077d972222a0fe13b06a6afd5ce6d3e518cae42a5_s390x as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:702f60c7aa0927bf2b8a4e2077d972222a0fe13b06a6afd5ce6d3e518cae42a5_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:702f60c7aa0927bf2b8a4e2077d972222a0fe13b06a6afd5ce6d3e518cae42a5_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7bc9ffa1c1d9895be132f424d80643bc804a4e99d886762ed16bc8c3d2121c74_arm64 as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7bc9ffa1c1d9895be132f424d80643bc804a4e99d886762ed16bc8c3d2121c74_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7bc9ffa1c1d9895be132f424d80643bc804a4e99d886762ed16bc8c3d2121c74_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a55d6fe6d7d1d94134e35aa47f3578348b8f0185b7f2c51a69aecb6b8eb2e976_ppc64le as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a55d6fe6d7d1d94134e35aa47f3578348b8f0185b7f2c51a69aecb6b8eb2e976_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a55d6fe6d7d1d94134e35aa47f3578348b8f0185b7f2c51a69aecb6b8eb2e976_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:e496840d6cf9f281ba71596f477044f370530f37cc5a694d7d538eb37b4f903a_amd64 as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:e496840d6cf9f281ba71596f477044f370530f37cc5a694d7d538eb37b4f903a_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:e496840d6cf9f281ba71596f477044f370530f37cc5a694d7d538eb37b4f903a_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:321be87a16bb3b4564223709a86bf2d00c831a249de86d48e03855855776d250_ppc64le as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:321be87a16bb3b4564223709a86bf2d00c831a249de86d48e03855855776d250_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:321be87a16bb3b4564223709a86bf2d00c831a249de86d48e03855855776d250_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d1dda2038649d6dcae41d9ef83d0391cdb7499bb6ebedf8453d197fb06ce055_s390x as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d1dda2038649d6dcae41d9ef83d0391cdb7499bb6ebedf8453d197fb06ce055_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d1dda2038649d6dcae41d9ef83d0391cdb7499bb6ebedf8453d197fb06ce055_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7055e7c41cc056bfb96e5b429a78e27e7a7584d97f26eec6601cad5eca403cc9_amd64 as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7055e7c41cc056bfb96e5b429a78e27e7a7584d97f26eec6601cad5eca403cc9_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7055e7c41cc056bfb96e5b429a78e27e7a7584d97f26eec6601cad5eca403cc9_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7c918bae6c51890395296e41239ae3101226595d07b880aefd02e765119dbffb_arm64 as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7c918bae6c51890395296e41239ae3101226595d07b880aefd02e765119dbffb_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7c918bae6c51890395296e41239ae3101226595d07b880aefd02e765119dbffb_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:149448cd15ef98964551a2527d3287851e3e7726a64e10f94b846a41ed756766_amd64 as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:149448cd15ef98964551a2527d3287851e3e7726a64e10f94b846a41ed756766_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:149448cd15ef98964551a2527d3287851e3e7726a64e10f94b846a41ed756766_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:2fc0af6b178529161647bc102dd8c762dd850b2598296bf7b045e6b1e31b6606_s390x as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:2fc0af6b178529161647bc102dd8c762dd850b2598296bf7b045e6b1e31b6606_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:2fc0af6b178529161647bc102dd8c762dd850b2598296bf7b045e6b1e31b6606_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:8f18db5e45ba3934b5878c824cd38ffe989fedad1d28c7d1b39e472f4c0fb43a_ppc64le as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:8f18db5e45ba3934b5878c824cd38ffe989fedad1d28c7d1b39e472f4c0fb43a_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:8f18db5e45ba3934b5878c824cd38ffe989fedad1d28c7d1b39e472f4c0fb43a_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:bfd02648a63140c8f810011cbc3f345e0e883a6c3893bb785319fd74871b9ccd_arm64 as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:bfd02648a63140c8f810011cbc3f345e0e883a6c3893bb785319fd74871b9ccd_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:bfd02648a63140c8f810011cbc3f345e0e883a6c3893bb785319fd74871b9ccd_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:2f1655b06910cc596ef10f55ad2d34882b82e30b4c6c1a2456bc25cf6e4928c5_amd64 as a component of Red Hat OpenShift Service Mesh 3.1",
"product_id": "Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:2f1655b06910cc596ef10f55ad2d34882b82e30b4c6c1a2456bc25cf6e4928c5_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:2f1655b06910cc596ef10f55ad2d34882b82e30b4c6c1a2456bc25cf6e4928c5_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-25679",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2026-03-06T22:02:11.567841+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:1a1a9cf19de45b8920e70d8123da7f1e7b2568fe356d98203dc0053cee541339_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:46f11470d7627e5a74663770efb3e8118910f5e2f84a1191f6b14805efc10c73_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:883910879ec4940cd9221bd64fbfa392d1ca28503f4e63277169441cb0addeae_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:8e5be961ce5b17d43e49ad3a0bd5339af75f19d46d11881423c1e86b8bc45a0c_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:18dc040c6df63b00dbb419895f754d4d728122cf8e245d40cfd9d1f625609bfc_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:4d4ba0754e38ed8824e2a4c1c0e9f603b55650366883339acb67efdbcefae8e0_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5aee5dd20238fc15d863e2b700f4b510a758d6fcb696b384bcb7aa0854061428_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:629b6b3147b374e2ee5398b4778ef13d7377bc617391df92e0e7b19a4194a6aa_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:2f1655b06910cc596ef10f55ad2d34882b82e30b4c6c1a2456bc25cf6e4928c5_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445356"
}
],
"notes": [
{
"category": "description",
"text": "The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/url: Incorrect parsing of IPv6 host literals in net/url",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:0f0dfc2423b897ec2b43dc9fff794690809d845f065c7ae4635191348f4af1d2_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:2040cfbc531f36c1a8387e41911e3e9d26f53a4ef4a24bc712cbe7f33264f356_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:3ba4910ac8b0bed39310344d4cfa21c645922f80cd287b7f66f4b2873871a26a_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:65368e8e6648247d5efe4edb74085384e833d7cac67c93518f3a6efc059fafbd_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:702f60c7aa0927bf2b8a4e2077d972222a0fe13b06a6afd5ce6d3e518cae42a5_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7bc9ffa1c1d9895be132f424d80643bc804a4e99d886762ed16bc8c3d2121c74_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a55d6fe6d7d1d94134e35aa47f3578348b8f0185b7f2c51a69aecb6b8eb2e976_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:e496840d6cf9f281ba71596f477044f370530f37cc5a694d7d538eb37b4f903a_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:321be87a16bb3b4564223709a86bf2d00c831a249de86d48e03855855776d250_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d1dda2038649d6dcae41d9ef83d0391cdb7499bb6ebedf8453d197fb06ce055_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7055e7c41cc056bfb96e5b429a78e27e7a7584d97f26eec6601cad5eca403cc9_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7c918bae6c51890395296e41239ae3101226595d07b880aefd02e765119dbffb_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:149448cd15ef98964551a2527d3287851e3e7726a64e10f94b846a41ed756766_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:2fc0af6b178529161647bc102dd8c762dd850b2598296bf7b045e6b1e31b6606_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:8f18db5e45ba3934b5878c824cd38ffe989fedad1d28c7d1b39e472f4c0fb43a_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:bfd02648a63140c8f810011cbc3f345e0e883a6c3893bb785319fd74871b9ccd_arm64"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:1a1a9cf19de45b8920e70d8123da7f1e7b2568fe356d98203dc0053cee541339_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:46f11470d7627e5a74663770efb3e8118910f5e2f84a1191f6b14805efc10c73_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:883910879ec4940cd9221bd64fbfa392d1ca28503f4e63277169441cb0addeae_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:8e5be961ce5b17d43e49ad3a0bd5339af75f19d46d11881423c1e86b8bc45a0c_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:18dc040c6df63b00dbb419895f754d4d728122cf8e245d40cfd9d1f625609bfc_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:4d4ba0754e38ed8824e2a4c1c0e9f603b55650366883339acb67efdbcefae8e0_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5aee5dd20238fc15d863e2b700f4b510a758d6fcb696b384bcb7aa0854061428_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:629b6b3147b374e2ee5398b4778ef13d7377bc617391df92e0e7b19a4194a6aa_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:2f1655b06910cc596ef10f55ad2d34882b82e30b4c6c1a2456bc25cf6e4928c5_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "RHBZ#2445356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445356"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25679",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://go.dev/cl/752180",
"url": "https://go.dev/cl/752180"
},
{
"category": "external",
"summary": "https://go.dev/issue/77578",
"url": "https://go.dev/issue/77578"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk",
"url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4601",
"url": "https://pkg.go.dev/vuln/GO-2026-4601"
}
],
"release_date": "2026-03-06T21:28:14.211000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-21T17:23:46+00:00",
"details": "See Red Hat OpenShift Service Mesh 3.1.7 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.1",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:0f0dfc2423b897ec2b43dc9fff794690809d845f065c7ae4635191348f4af1d2_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:2040cfbc531f36c1a8387e41911e3e9d26f53a4ef4a24bc712cbe7f33264f356_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:3ba4910ac8b0bed39310344d4cfa21c645922f80cd287b7f66f4b2873871a26a_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:65368e8e6648247d5efe4edb74085384e833d7cac67c93518f3a6efc059fafbd_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:702f60c7aa0927bf2b8a4e2077d972222a0fe13b06a6afd5ce6d3e518cae42a5_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7bc9ffa1c1d9895be132f424d80643bc804a4e99d886762ed16bc8c3d2121c74_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a55d6fe6d7d1d94134e35aa47f3578348b8f0185b7f2c51a69aecb6b8eb2e976_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:e496840d6cf9f281ba71596f477044f370530f37cc5a694d7d538eb37b4f903a_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:321be87a16bb3b4564223709a86bf2d00c831a249de86d48e03855855776d250_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d1dda2038649d6dcae41d9ef83d0391cdb7499bb6ebedf8453d197fb06ce055_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7055e7c41cc056bfb96e5b429a78e27e7a7584d97f26eec6601cad5eca403cc9_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7c918bae6c51890395296e41239ae3101226595d07b880aefd02e765119dbffb_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:149448cd15ef98964551a2527d3287851e3e7726a64e10f94b846a41ed756766_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:2fc0af6b178529161647bc102dd8c762dd850b2598296bf7b045e6b1e31b6606_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:8f18db5e45ba3934b5878c824cd38ffe989fedad1d28c7d1b39e472f4c0fb43a_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:bfd02648a63140c8f810011cbc3f345e0e883a6c3893bb785319fd74871b9ccd_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9448"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:1a1a9cf19de45b8920e70d8123da7f1e7b2568fe356d98203dc0053cee541339_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:46f11470d7627e5a74663770efb3e8118910f5e2f84a1191f6b14805efc10c73_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:883910879ec4940cd9221bd64fbfa392d1ca28503f4e63277169441cb0addeae_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:8e5be961ce5b17d43e49ad3a0bd5339af75f19d46d11881423c1e86b8bc45a0c_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:0f0dfc2423b897ec2b43dc9fff794690809d845f065c7ae4635191348f4af1d2_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:2040cfbc531f36c1a8387e41911e3e9d26f53a4ef4a24bc712cbe7f33264f356_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:3ba4910ac8b0bed39310344d4cfa21c645922f80cd287b7f66f4b2873871a26a_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:65368e8e6648247d5efe4edb74085384e833d7cac67c93518f3a6efc059fafbd_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:18dc040c6df63b00dbb419895f754d4d728122cf8e245d40cfd9d1f625609bfc_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:4d4ba0754e38ed8824e2a4c1c0e9f603b55650366883339acb67efdbcefae8e0_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5aee5dd20238fc15d863e2b700f4b510a758d6fcb696b384bcb7aa0854061428_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:629b6b3147b374e2ee5398b4778ef13d7377bc617391df92e0e7b19a4194a6aa_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:702f60c7aa0927bf2b8a4e2077d972222a0fe13b06a6afd5ce6d3e518cae42a5_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7bc9ffa1c1d9895be132f424d80643bc804a4e99d886762ed16bc8c3d2121c74_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a55d6fe6d7d1d94134e35aa47f3578348b8f0185b7f2c51a69aecb6b8eb2e976_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:e496840d6cf9f281ba71596f477044f370530f37cc5a694d7d538eb37b4f903a_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:321be87a16bb3b4564223709a86bf2d00c831a249de86d48e03855855776d250_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d1dda2038649d6dcae41d9ef83d0391cdb7499bb6ebedf8453d197fb06ce055_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7055e7c41cc056bfb96e5b429a78e27e7a7584d97f26eec6601cad5eca403cc9_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7c918bae6c51890395296e41239ae3101226595d07b880aefd02e765119dbffb_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:149448cd15ef98964551a2527d3287851e3e7726a64e10f94b846a41ed756766_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:2fc0af6b178529161647bc102dd8c762dd850b2598296bf7b045e6b1e31b6606_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:8f18db5e45ba3934b5878c824cd38ffe989fedad1d28c7d1b39e472f4c0fb43a_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:bfd02648a63140c8f810011cbc3f345e0e883a6c3893bb785319fd74871b9ccd_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:2f1655b06910cc596ef10f55ad2d34882b82e30b4c6c1a2456bc25cf6e4928c5_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:1a1a9cf19de45b8920e70d8123da7f1e7b2568fe356d98203dc0053cee541339_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:46f11470d7627e5a74663770efb3e8118910f5e2f84a1191f6b14805efc10c73_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:883910879ec4940cd9221bd64fbfa392d1ca28503f4e63277169441cb0addeae_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:8e5be961ce5b17d43e49ad3a0bd5339af75f19d46d11881423c1e86b8bc45a0c_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:0f0dfc2423b897ec2b43dc9fff794690809d845f065c7ae4635191348f4af1d2_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:2040cfbc531f36c1a8387e41911e3e9d26f53a4ef4a24bc712cbe7f33264f356_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:3ba4910ac8b0bed39310344d4cfa21c645922f80cd287b7f66f4b2873871a26a_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:65368e8e6648247d5efe4edb74085384e833d7cac67c93518f3a6efc059fafbd_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:18dc040c6df63b00dbb419895f754d4d728122cf8e245d40cfd9d1f625609bfc_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:4d4ba0754e38ed8824e2a4c1c0e9f603b55650366883339acb67efdbcefae8e0_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5aee5dd20238fc15d863e2b700f4b510a758d6fcb696b384bcb7aa0854061428_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:629b6b3147b374e2ee5398b4778ef13d7377bc617391df92e0e7b19a4194a6aa_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:702f60c7aa0927bf2b8a4e2077d972222a0fe13b06a6afd5ce6d3e518cae42a5_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7bc9ffa1c1d9895be132f424d80643bc804a4e99d886762ed16bc8c3d2121c74_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a55d6fe6d7d1d94134e35aa47f3578348b8f0185b7f2c51a69aecb6b8eb2e976_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:e496840d6cf9f281ba71596f477044f370530f37cc5a694d7d538eb37b4f903a_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:321be87a16bb3b4564223709a86bf2d00c831a249de86d48e03855855776d250_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d1dda2038649d6dcae41d9ef83d0391cdb7499bb6ebedf8453d197fb06ce055_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7055e7c41cc056bfb96e5b429a78e27e7a7584d97f26eec6601cad5eca403cc9_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7c918bae6c51890395296e41239ae3101226595d07b880aefd02e765119dbffb_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:149448cd15ef98964551a2527d3287851e3e7726a64e10f94b846a41ed756766_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:2fc0af6b178529161647bc102dd8c762dd850b2598296bf7b045e6b1e31b6606_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:8f18db5e45ba3934b5878c824cd38ffe989fedad1d28c7d1b39e472f4c0fb43a_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:bfd02648a63140c8f810011cbc3f345e0e883a6c3893bb785319fd74871b9ccd_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:2f1655b06910cc596ef10f55ad2d34882b82e30b4c6c1a2456bc25cf6e4928c5_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/url: Incorrect parsing of IPv6 host literals in net/url"
},
{
"cve": "CVE-2026-33186",
"cwe": {
"id": "CWE-551",
"name": "Incorrect Behavior Order: Authorization Before Parsing and Canonicalization"
},
"discovery_date": "2026-03-20T23:02:27.802640+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:1a1a9cf19de45b8920e70d8123da7f1e7b2568fe356d98203dc0053cee541339_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:46f11470d7627e5a74663770efb3e8118910f5e2f84a1191f6b14805efc10c73_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:883910879ec4940cd9221bd64fbfa392d1ca28503f4e63277169441cb0addeae_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:8e5be961ce5b17d43e49ad3a0bd5339af75f19d46d11881423c1e86b8bc45a0c_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:0f0dfc2423b897ec2b43dc9fff794690809d845f065c7ae4635191348f4af1d2_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:2040cfbc531f36c1a8387e41911e3e9d26f53a4ef4a24bc712cbe7f33264f356_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:3ba4910ac8b0bed39310344d4cfa21c645922f80cd287b7f66f4b2873871a26a_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:65368e8e6648247d5efe4edb74085384e833d7cac67c93518f3a6efc059fafbd_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:18dc040c6df63b00dbb419895f754d4d728122cf8e245d40cfd9d1f625609bfc_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:4d4ba0754e38ed8824e2a4c1c0e9f603b55650366883339acb67efdbcefae8e0_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5aee5dd20238fc15d863e2b700f4b510a758d6fcb696b384bcb7aa0854061428_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:629b6b3147b374e2ee5398b4778ef13d7377bc617391df92e0e7b19a4194a6aa_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:702f60c7aa0927bf2b8a4e2077d972222a0fe13b06a6afd5ce6d3e518cae42a5_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7bc9ffa1c1d9895be132f424d80643bc804a4e99d886762ed16bc8c3d2121c74_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a55d6fe6d7d1d94134e35aa47f3578348b8f0185b7f2c51a69aecb6b8eb2e976_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:e496840d6cf9f281ba71596f477044f370530f37cc5a694d7d538eb37b4f903a_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:149448cd15ef98964551a2527d3287851e3e7726a64e10f94b846a41ed756766_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:2fc0af6b178529161647bc102dd8c762dd850b2598296bf7b045e6b1e31b6606_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:8f18db5e45ba3934b5878c824cd38ffe989fedad1d28c7d1b39e472f4c0fb43a_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:bfd02648a63140c8f810011cbc3f345e0e883a6c3893bb785319fd74871b9ccd_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:2f1655b06910cc596ef10f55ad2d34882b82e30b4c6c1a2456bc25cf6e4928c5_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2449833"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 `:path` pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed `:path` that omits the mandatory leading slash. This allows the attacker to bypass defined security policies, potentially leading to unauthorized access to services or information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:321be87a16bb3b4564223709a86bf2d00c831a249de86d48e03855855776d250_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d1dda2038649d6dcae41d9ef83d0391cdb7499bb6ebedf8453d197fb06ce055_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7055e7c41cc056bfb96e5b429a78e27e7a7584d97f26eec6601cad5eca403cc9_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7c918bae6c51890395296e41239ae3101226595d07b880aefd02e765119dbffb_arm64"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:1a1a9cf19de45b8920e70d8123da7f1e7b2568fe356d98203dc0053cee541339_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:46f11470d7627e5a74663770efb3e8118910f5e2f84a1191f6b14805efc10c73_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:883910879ec4940cd9221bd64fbfa392d1ca28503f4e63277169441cb0addeae_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:8e5be961ce5b17d43e49ad3a0bd5339af75f19d46d11881423c1e86b8bc45a0c_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:0f0dfc2423b897ec2b43dc9fff794690809d845f065c7ae4635191348f4af1d2_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:2040cfbc531f36c1a8387e41911e3e9d26f53a4ef4a24bc712cbe7f33264f356_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:3ba4910ac8b0bed39310344d4cfa21c645922f80cd287b7f66f4b2873871a26a_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:65368e8e6648247d5efe4edb74085384e833d7cac67c93518f3a6efc059fafbd_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:18dc040c6df63b00dbb419895f754d4d728122cf8e245d40cfd9d1f625609bfc_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:4d4ba0754e38ed8824e2a4c1c0e9f603b55650366883339acb67efdbcefae8e0_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5aee5dd20238fc15d863e2b700f4b510a758d6fcb696b384bcb7aa0854061428_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:629b6b3147b374e2ee5398b4778ef13d7377bc617391df92e0e7b19a4194a6aa_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:702f60c7aa0927bf2b8a4e2077d972222a0fe13b06a6afd5ce6d3e518cae42a5_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7bc9ffa1c1d9895be132f424d80643bc804a4e99d886762ed16bc8c3d2121c74_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a55d6fe6d7d1d94134e35aa47f3578348b8f0185b7f2c51a69aecb6b8eb2e976_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:e496840d6cf9f281ba71596f477044f370530f37cc5a694d7d538eb37b4f903a_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:149448cd15ef98964551a2527d3287851e3e7726a64e10f94b846a41ed756766_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:2fc0af6b178529161647bc102dd8c762dd850b2598296bf7b045e6b1e31b6606_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:8f18db5e45ba3934b5878c824cd38ffe989fedad1d28c7d1b39e472f4c0fb43a_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:bfd02648a63140c8f810011cbc3f345e0e883a6c3893bb785319fd74871b9ccd_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:2f1655b06910cc596ef10f55ad2d34882b82e30b4c6c1a2456bc25cf6e4928c5_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33186"
},
{
"category": "external",
"summary": "RHBZ#2449833",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449833"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33186",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33186"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
},
{
"category": "external",
"summary": "https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3",
"url": "https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3"
}
],
"release_date": "2026-03-20T22:23:32.147000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-21T17:23:46+00:00",
"details": "See Red Hat OpenShift Service Mesh 3.1.7 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.1",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:321be87a16bb3b4564223709a86bf2d00c831a249de86d48e03855855776d250_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d1dda2038649d6dcae41d9ef83d0391cdb7499bb6ebedf8453d197fb06ce055_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7055e7c41cc056bfb96e5b429a78e27e7a7584d97f26eec6601cad5eca403cc9_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7c918bae6c51890395296e41239ae3101226595d07b880aefd02e765119dbffb_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9448"
},
{
"category": "workaround",
"details": "To mitigate this issue, implement infrastructure-level normalization to ensure all incoming HTTP/2 `:path` headers are properly formatted with a leading slash before reaching the gRPC-Go server. This can be achieved by configuring a reverse proxy or API gateway to validate and normalize the `:path` header. Ensure that any such intermediary is properly configured and restarted to apply the changes, which may temporarily impact service availability.",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:1a1a9cf19de45b8920e70d8123da7f1e7b2568fe356d98203dc0053cee541339_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:46f11470d7627e5a74663770efb3e8118910f5e2f84a1191f6b14805efc10c73_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:883910879ec4940cd9221bd64fbfa392d1ca28503f4e63277169441cb0addeae_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:8e5be961ce5b17d43e49ad3a0bd5339af75f19d46d11881423c1e86b8bc45a0c_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:0f0dfc2423b897ec2b43dc9fff794690809d845f065c7ae4635191348f4af1d2_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:2040cfbc531f36c1a8387e41911e3e9d26f53a4ef4a24bc712cbe7f33264f356_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:3ba4910ac8b0bed39310344d4cfa21c645922f80cd287b7f66f4b2873871a26a_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:65368e8e6648247d5efe4edb74085384e833d7cac67c93518f3a6efc059fafbd_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:18dc040c6df63b00dbb419895f754d4d728122cf8e245d40cfd9d1f625609bfc_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:4d4ba0754e38ed8824e2a4c1c0e9f603b55650366883339acb67efdbcefae8e0_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5aee5dd20238fc15d863e2b700f4b510a758d6fcb696b384bcb7aa0854061428_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:629b6b3147b374e2ee5398b4778ef13d7377bc617391df92e0e7b19a4194a6aa_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:702f60c7aa0927bf2b8a4e2077d972222a0fe13b06a6afd5ce6d3e518cae42a5_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7bc9ffa1c1d9895be132f424d80643bc804a4e99d886762ed16bc8c3d2121c74_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a55d6fe6d7d1d94134e35aa47f3578348b8f0185b7f2c51a69aecb6b8eb2e976_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:e496840d6cf9f281ba71596f477044f370530f37cc5a694d7d538eb37b4f903a_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:321be87a16bb3b4564223709a86bf2d00c831a249de86d48e03855855776d250_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d1dda2038649d6dcae41d9ef83d0391cdb7499bb6ebedf8453d197fb06ce055_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7055e7c41cc056bfb96e5b429a78e27e7a7584d97f26eec6601cad5eca403cc9_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7c918bae6c51890395296e41239ae3101226595d07b880aefd02e765119dbffb_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:149448cd15ef98964551a2527d3287851e3e7726a64e10f94b846a41ed756766_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:2fc0af6b178529161647bc102dd8c762dd850b2598296bf7b045e6b1e31b6606_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:8f18db5e45ba3934b5878c824cd38ffe989fedad1d28c7d1b39e472f4c0fb43a_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:bfd02648a63140c8f810011cbc3f345e0e883a6c3893bb785319fd74871b9ccd_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:2f1655b06910cc596ef10f55ad2d34882b82e30b4c6c1a2456bc25cf6e4928c5_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:1a1a9cf19de45b8920e70d8123da7f1e7b2568fe356d98203dc0053cee541339_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:46f11470d7627e5a74663770efb3e8118910f5e2f84a1191f6b14805efc10c73_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:883910879ec4940cd9221bd64fbfa392d1ca28503f4e63277169441cb0addeae_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:8e5be961ce5b17d43e49ad3a0bd5339af75f19d46d11881423c1e86b8bc45a0c_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:0f0dfc2423b897ec2b43dc9fff794690809d845f065c7ae4635191348f4af1d2_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:2040cfbc531f36c1a8387e41911e3e9d26f53a4ef4a24bc712cbe7f33264f356_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:3ba4910ac8b0bed39310344d4cfa21c645922f80cd287b7f66f4b2873871a26a_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:65368e8e6648247d5efe4edb74085384e833d7cac67c93518f3a6efc059fafbd_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:18dc040c6df63b00dbb419895f754d4d728122cf8e245d40cfd9d1f625609bfc_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:4d4ba0754e38ed8824e2a4c1c0e9f603b55650366883339acb67efdbcefae8e0_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5aee5dd20238fc15d863e2b700f4b510a758d6fcb696b384bcb7aa0854061428_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:629b6b3147b374e2ee5398b4778ef13d7377bc617391df92e0e7b19a4194a6aa_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:702f60c7aa0927bf2b8a4e2077d972222a0fe13b06a6afd5ce6d3e518cae42a5_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7bc9ffa1c1d9895be132f424d80643bc804a4e99d886762ed16bc8c3d2121c74_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a55d6fe6d7d1d94134e35aa47f3578348b8f0185b7f2c51a69aecb6b8eb2e976_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:e496840d6cf9f281ba71596f477044f370530f37cc5a694d7d538eb37b4f903a_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:321be87a16bb3b4564223709a86bf2d00c831a249de86d48e03855855776d250_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d1dda2038649d6dcae41d9ef83d0391cdb7499bb6ebedf8453d197fb06ce055_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7055e7c41cc056bfb96e5b429a78e27e7a7584d97f26eec6601cad5eca403cc9_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7c918bae6c51890395296e41239ae3101226595d07b880aefd02e765119dbffb_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:149448cd15ef98964551a2527d3287851e3e7726a64e10f94b846a41ed756766_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:2fc0af6b178529161647bc102dd8c762dd850b2598296bf7b045e6b1e31b6606_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:8f18db5e45ba3934b5878c824cd38ffe989fedad1d28c7d1b39e472f4c0fb43a_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:bfd02648a63140c8f810011cbc3f345e0e883a6c3893bb785319fd74871b9ccd_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:2f1655b06910cc596ef10f55ad2d34882b82e30b4c6c1a2456bc25cf6e4928c5_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation"
},
{
"cve": "CVE-2026-33747",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2026-03-27T02:01:29.921765+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:1a1a9cf19de45b8920e70d8123da7f1e7b2568fe356d98203dc0053cee541339_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:46f11470d7627e5a74663770efb3e8118910f5e2f84a1191f6b14805efc10c73_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:883910879ec4940cd9221bd64fbfa392d1ca28503f4e63277169441cb0addeae_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:8e5be961ce5b17d43e49ad3a0bd5339af75f19d46d11881423c1e86b8bc45a0c_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:0f0dfc2423b897ec2b43dc9fff794690809d845f065c7ae4635191348f4af1d2_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:2040cfbc531f36c1a8387e41911e3e9d26f53a4ef4a24bc712cbe7f33264f356_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:3ba4910ac8b0bed39310344d4cfa21c645922f80cd287b7f66f4b2873871a26a_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:65368e8e6648247d5efe4edb74085384e833d7cac67c93518f3a6efc059fafbd_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:18dc040c6df63b00dbb419895f754d4d728122cf8e245d40cfd9d1f625609bfc_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:4d4ba0754e38ed8824e2a4c1c0e9f603b55650366883339acb67efdbcefae8e0_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5aee5dd20238fc15d863e2b700f4b510a758d6fcb696b384bcb7aa0854061428_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:629b6b3147b374e2ee5398b4778ef13d7377bc617391df92e0e7b19a4194a6aa_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:702f60c7aa0927bf2b8a4e2077d972222a0fe13b06a6afd5ce6d3e518cae42a5_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7bc9ffa1c1d9895be132f424d80643bc804a4e99d886762ed16bc8c3d2121c74_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a55d6fe6d7d1d94134e35aa47f3578348b8f0185b7f2c51a69aecb6b8eb2e976_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:e496840d6cf9f281ba71596f477044f370530f37cc5a694d7d538eb37b4f903a_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:149448cd15ef98964551a2527d3287851e3e7726a64e10f94b846a41ed756766_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:2fc0af6b178529161647bc102dd8c762dd850b2598296bf7b045e6b1e31b6606_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:8f18db5e45ba3934b5878c824cd38ffe989fedad1d28c7d1b39e472f4c0fb43a_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:bfd02648a63140c8f810011cbc3f345e0e883a6c3893bb785319fd74871b9ccd_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:2f1655b06910cc596ef10f55ad2d34882b82e30b4c6c1a2456bc25cf6e4928c5_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2452076"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in BuildKit, a toolkit for converting source code to build artifacts. An untrusted BuildKit frontend can be leveraged to craft a malicious API message, allowing files to be written outside of the designated BuildKit state directory. This vulnerability, which is a form of arbitrary file write, could enable an attacker to execute unauthorized code or escalate their privileges on the system. This issue arises when custom BuildKit frontends are used with specific configuration options.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "BuildKit: github.com/moby/buildkit: BuildKit: Arbitrary file write and code execution via untrusted frontend",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:321be87a16bb3b4564223709a86bf2d00c831a249de86d48e03855855776d250_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d1dda2038649d6dcae41d9ef83d0391cdb7499bb6ebedf8453d197fb06ce055_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7055e7c41cc056bfb96e5b429a78e27e7a7584d97f26eec6601cad5eca403cc9_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7c918bae6c51890395296e41239ae3101226595d07b880aefd02e765119dbffb_arm64"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:1a1a9cf19de45b8920e70d8123da7f1e7b2568fe356d98203dc0053cee541339_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:46f11470d7627e5a74663770efb3e8118910f5e2f84a1191f6b14805efc10c73_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:883910879ec4940cd9221bd64fbfa392d1ca28503f4e63277169441cb0addeae_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:8e5be961ce5b17d43e49ad3a0bd5339af75f19d46d11881423c1e86b8bc45a0c_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:0f0dfc2423b897ec2b43dc9fff794690809d845f065c7ae4635191348f4af1d2_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:2040cfbc531f36c1a8387e41911e3e9d26f53a4ef4a24bc712cbe7f33264f356_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:3ba4910ac8b0bed39310344d4cfa21c645922f80cd287b7f66f4b2873871a26a_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:65368e8e6648247d5efe4edb74085384e833d7cac67c93518f3a6efc059fafbd_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:18dc040c6df63b00dbb419895f754d4d728122cf8e245d40cfd9d1f625609bfc_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:4d4ba0754e38ed8824e2a4c1c0e9f603b55650366883339acb67efdbcefae8e0_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5aee5dd20238fc15d863e2b700f4b510a758d6fcb696b384bcb7aa0854061428_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:629b6b3147b374e2ee5398b4778ef13d7377bc617391df92e0e7b19a4194a6aa_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:702f60c7aa0927bf2b8a4e2077d972222a0fe13b06a6afd5ce6d3e518cae42a5_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7bc9ffa1c1d9895be132f424d80643bc804a4e99d886762ed16bc8c3d2121c74_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a55d6fe6d7d1d94134e35aa47f3578348b8f0185b7f2c51a69aecb6b8eb2e976_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:e496840d6cf9f281ba71596f477044f370530f37cc5a694d7d538eb37b4f903a_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:149448cd15ef98964551a2527d3287851e3e7726a64e10f94b846a41ed756766_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:2fc0af6b178529161647bc102dd8c762dd850b2598296bf7b045e6b1e31b6606_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:8f18db5e45ba3934b5878c824cd38ffe989fedad1d28c7d1b39e472f4c0fb43a_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:bfd02648a63140c8f810011cbc3f345e0e883a6c3893bb785319fd74871b9ccd_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:2f1655b06910cc596ef10f55ad2d34882b82e30b4c6c1a2456bc25cf6e4928c5_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33747"
},
{
"category": "external",
"summary": "RHBZ#2452076",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452076"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33747",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33747"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33747",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33747"
},
{
"category": "external",
"summary": "https://github.com/moby/buildkit/releases/tag/v0.28.1",
"url": "https://github.com/moby/buildkit/releases/tag/v0.28.1"
},
{
"category": "external",
"summary": "https://github.com/moby/buildkit/security/advisories/GHSA-4c29-8rgm-jvjj",
"url": "https://github.com/moby/buildkit/security/advisories/GHSA-4c29-8rgm-jvjj"
}
],
"release_date": "2026-03-27T00:49:06.165000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-21T17:23:46+00:00",
"details": "See Red Hat OpenShift Service Mesh 3.1.7 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.1",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:321be87a16bb3b4564223709a86bf2d00c831a249de86d48e03855855776d250_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d1dda2038649d6dcae41d9ef83d0391cdb7499bb6ebedf8453d197fb06ce055_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7055e7c41cc056bfb96e5b429a78e27e7a7584d97f26eec6601cad5eca403cc9_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7c918bae6c51890395296e41239ae3101226595d07b880aefd02e765119dbffb_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9448"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, avoid using untrusted BuildKit frontends. Restrict the use of custom BuildKit frontends to only those from verified and trusted sources. Do not specify untrusted frontends via `#syntax` or `--build-arg BUILDKIT_SYNTAX`.",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:1a1a9cf19de45b8920e70d8123da7f1e7b2568fe356d98203dc0053cee541339_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:46f11470d7627e5a74663770efb3e8118910f5e2f84a1191f6b14805efc10c73_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:883910879ec4940cd9221bd64fbfa392d1ca28503f4e63277169441cb0addeae_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:8e5be961ce5b17d43e49ad3a0bd5339af75f19d46d11881423c1e86b8bc45a0c_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:0f0dfc2423b897ec2b43dc9fff794690809d845f065c7ae4635191348f4af1d2_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:2040cfbc531f36c1a8387e41911e3e9d26f53a4ef4a24bc712cbe7f33264f356_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:3ba4910ac8b0bed39310344d4cfa21c645922f80cd287b7f66f4b2873871a26a_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:65368e8e6648247d5efe4edb74085384e833d7cac67c93518f3a6efc059fafbd_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:18dc040c6df63b00dbb419895f754d4d728122cf8e245d40cfd9d1f625609bfc_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:4d4ba0754e38ed8824e2a4c1c0e9f603b55650366883339acb67efdbcefae8e0_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5aee5dd20238fc15d863e2b700f4b510a758d6fcb696b384bcb7aa0854061428_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:629b6b3147b374e2ee5398b4778ef13d7377bc617391df92e0e7b19a4194a6aa_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:702f60c7aa0927bf2b8a4e2077d972222a0fe13b06a6afd5ce6d3e518cae42a5_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7bc9ffa1c1d9895be132f424d80643bc804a4e99d886762ed16bc8c3d2121c74_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a55d6fe6d7d1d94134e35aa47f3578348b8f0185b7f2c51a69aecb6b8eb2e976_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:e496840d6cf9f281ba71596f477044f370530f37cc5a694d7d538eb37b4f903a_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:321be87a16bb3b4564223709a86bf2d00c831a249de86d48e03855855776d250_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d1dda2038649d6dcae41d9ef83d0391cdb7499bb6ebedf8453d197fb06ce055_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7055e7c41cc056bfb96e5b429a78e27e7a7584d97f26eec6601cad5eca403cc9_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7c918bae6c51890395296e41239ae3101226595d07b880aefd02e765119dbffb_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:149448cd15ef98964551a2527d3287851e3e7726a64e10f94b846a41ed756766_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:2fc0af6b178529161647bc102dd8c762dd850b2598296bf7b045e6b1e31b6606_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:8f18db5e45ba3934b5878c824cd38ffe989fedad1d28c7d1b39e472f4c0fb43a_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:bfd02648a63140c8f810011cbc3f345e0e883a6c3893bb785319fd74871b9ccd_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:2f1655b06910cc596ef10f55ad2d34882b82e30b4c6c1a2456bc25cf6e4928c5_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:1a1a9cf19de45b8920e70d8123da7f1e7b2568fe356d98203dc0053cee541339_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:46f11470d7627e5a74663770efb3e8118910f5e2f84a1191f6b14805efc10c73_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:883910879ec4940cd9221bd64fbfa392d1ca28503f4e63277169441cb0addeae_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:8e5be961ce5b17d43e49ad3a0bd5339af75f19d46d11881423c1e86b8bc45a0c_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:0f0dfc2423b897ec2b43dc9fff794690809d845f065c7ae4635191348f4af1d2_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:2040cfbc531f36c1a8387e41911e3e9d26f53a4ef4a24bc712cbe7f33264f356_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:3ba4910ac8b0bed39310344d4cfa21c645922f80cd287b7f66f4b2873871a26a_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:65368e8e6648247d5efe4edb74085384e833d7cac67c93518f3a6efc059fafbd_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:18dc040c6df63b00dbb419895f754d4d728122cf8e245d40cfd9d1f625609bfc_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:4d4ba0754e38ed8824e2a4c1c0e9f603b55650366883339acb67efdbcefae8e0_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5aee5dd20238fc15d863e2b700f4b510a758d6fcb696b384bcb7aa0854061428_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:629b6b3147b374e2ee5398b4778ef13d7377bc617391df92e0e7b19a4194a6aa_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:702f60c7aa0927bf2b8a4e2077d972222a0fe13b06a6afd5ce6d3e518cae42a5_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7bc9ffa1c1d9895be132f424d80643bc804a4e99d886762ed16bc8c3d2121c74_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a55d6fe6d7d1d94134e35aa47f3578348b8f0185b7f2c51a69aecb6b8eb2e976_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:e496840d6cf9f281ba71596f477044f370530f37cc5a694d7d538eb37b4f903a_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:321be87a16bb3b4564223709a86bf2d00c831a249de86d48e03855855776d250_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d1dda2038649d6dcae41d9ef83d0391cdb7499bb6ebedf8453d197fb06ce055_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7055e7c41cc056bfb96e5b429a78e27e7a7584d97f26eec6601cad5eca403cc9_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7c918bae6c51890395296e41239ae3101226595d07b880aefd02e765119dbffb_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:149448cd15ef98964551a2527d3287851e3e7726a64e10f94b846a41ed756766_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:2fc0af6b178529161647bc102dd8c762dd850b2598296bf7b045e6b1e31b6606_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:8f18db5e45ba3934b5878c824cd38ffe989fedad1d28c7d1b39e472f4c0fb43a_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:bfd02648a63140c8f810011cbc3f345e0e883a6c3893bb785319fd74871b9ccd_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:2f1655b06910cc596ef10f55ad2d34882b82e30b4c6c1a2456bc25cf6e4928c5_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "BuildKit: github.com/moby/buildkit: BuildKit: Arbitrary file write and code execution via untrusted frontend"
},
{
"cve": "CVE-2026-33748",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2026-03-27T15:02:00.107493+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:1a1a9cf19de45b8920e70d8123da7f1e7b2568fe356d98203dc0053cee541339_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:46f11470d7627e5a74663770efb3e8118910f5e2f84a1191f6b14805efc10c73_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:883910879ec4940cd9221bd64fbfa392d1ca28503f4e63277169441cb0addeae_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:8e5be961ce5b17d43e49ad3a0bd5339af75f19d46d11881423c1e86b8bc45a0c_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:0f0dfc2423b897ec2b43dc9fff794690809d845f065c7ae4635191348f4af1d2_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:2040cfbc531f36c1a8387e41911e3e9d26f53a4ef4a24bc712cbe7f33264f356_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:3ba4910ac8b0bed39310344d4cfa21c645922f80cd287b7f66f4b2873871a26a_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:65368e8e6648247d5efe4edb74085384e833d7cac67c93518f3a6efc059fafbd_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:18dc040c6df63b00dbb419895f754d4d728122cf8e245d40cfd9d1f625609bfc_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:4d4ba0754e38ed8824e2a4c1c0e9f603b55650366883339acb67efdbcefae8e0_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5aee5dd20238fc15d863e2b700f4b510a758d6fcb696b384bcb7aa0854061428_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:629b6b3147b374e2ee5398b4778ef13d7377bc617391df92e0e7b19a4194a6aa_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:702f60c7aa0927bf2b8a4e2077d972222a0fe13b06a6afd5ce6d3e518cae42a5_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7bc9ffa1c1d9895be132f424d80643bc804a4e99d886762ed16bc8c3d2121c74_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a55d6fe6d7d1d94134e35aa47f3578348b8f0185b7f2c51a69aecb6b8eb2e976_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:e496840d6cf9f281ba71596f477044f370530f37cc5a694d7d538eb37b4f903a_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:149448cd15ef98964551a2527d3287851e3e7726a64e10f94b846a41ed756766_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:2fc0af6b178529161647bc102dd8c762dd850b2598296bf7b045e6b1e31b6606_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:8f18db5e45ba3934b5878c824cd38ffe989fedad1d28c7d1b39e472f4c0fb43a_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:bfd02648a63140c8f810011cbc3f345e0e883a6c3893bb785319fd74871b9ccd_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:2f1655b06910cc596ef10f55ad2d34882b82e30b4c6c1a2456bc25cf6e4928c5_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2452271"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in BuildKit. Insufficient validation of Git URL fragment subdirectory components may allow a remote attacker to access files outside the checked-out Git repository root. This access is limited to files on the same mounted filesystem. This vulnerability could lead to unauthorized information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/moby/buildkit: BuildKit: Unauthorized file access via Git URL fragment subdir components",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:321be87a16bb3b4564223709a86bf2d00c831a249de86d48e03855855776d250_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d1dda2038649d6dcae41d9ef83d0391cdb7499bb6ebedf8453d197fb06ce055_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7055e7c41cc056bfb96e5b429a78e27e7a7584d97f26eec6601cad5eca403cc9_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7c918bae6c51890395296e41239ae3101226595d07b880aefd02e765119dbffb_arm64"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:1a1a9cf19de45b8920e70d8123da7f1e7b2568fe356d98203dc0053cee541339_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:46f11470d7627e5a74663770efb3e8118910f5e2f84a1191f6b14805efc10c73_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:883910879ec4940cd9221bd64fbfa392d1ca28503f4e63277169441cb0addeae_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:8e5be961ce5b17d43e49ad3a0bd5339af75f19d46d11881423c1e86b8bc45a0c_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:0f0dfc2423b897ec2b43dc9fff794690809d845f065c7ae4635191348f4af1d2_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:2040cfbc531f36c1a8387e41911e3e9d26f53a4ef4a24bc712cbe7f33264f356_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:3ba4910ac8b0bed39310344d4cfa21c645922f80cd287b7f66f4b2873871a26a_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:65368e8e6648247d5efe4edb74085384e833d7cac67c93518f3a6efc059fafbd_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:18dc040c6df63b00dbb419895f754d4d728122cf8e245d40cfd9d1f625609bfc_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:4d4ba0754e38ed8824e2a4c1c0e9f603b55650366883339acb67efdbcefae8e0_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5aee5dd20238fc15d863e2b700f4b510a758d6fcb696b384bcb7aa0854061428_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:629b6b3147b374e2ee5398b4778ef13d7377bc617391df92e0e7b19a4194a6aa_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:702f60c7aa0927bf2b8a4e2077d972222a0fe13b06a6afd5ce6d3e518cae42a5_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7bc9ffa1c1d9895be132f424d80643bc804a4e99d886762ed16bc8c3d2121c74_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a55d6fe6d7d1d94134e35aa47f3578348b8f0185b7f2c51a69aecb6b8eb2e976_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:e496840d6cf9f281ba71596f477044f370530f37cc5a694d7d538eb37b4f903a_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:149448cd15ef98964551a2527d3287851e3e7726a64e10f94b846a41ed756766_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:2fc0af6b178529161647bc102dd8c762dd850b2598296bf7b045e6b1e31b6606_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:8f18db5e45ba3934b5878c824cd38ffe989fedad1d28c7d1b39e472f4c0fb43a_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:bfd02648a63140c8f810011cbc3f345e0e883a6c3893bb785319fd74871b9ccd_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:2f1655b06910cc596ef10f55ad2d34882b82e30b4c6c1a2456bc25cf6e4928c5_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33748"
},
{
"category": "external",
"summary": "RHBZ#2452271",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452271"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33748",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33748"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33748",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33748"
},
{
"category": "external",
"summary": "https://docs.docker.com/build/concepts/context/#url-fragments",
"url": "https://docs.docker.com/build/concepts/context/#url-fragments"
},
{
"category": "external",
"summary": "https://github.com/moby/buildkit/releases/tag/v0.28.1",
"url": "https://github.com/moby/buildkit/releases/tag/v0.28.1"
},
{
"category": "external",
"summary": "https://github.com/moby/buildkit/security/advisories/GHSA-4vrq-3vrq-g6gg",
"url": "https://github.com/moby/buildkit/security/advisories/GHSA-4vrq-3vrq-g6gg"
}
],
"release_date": "2026-03-27T14:00:21.200000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-21T17:23:46+00:00",
"details": "See Red Hat OpenShift Service Mesh 3.1.7 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.1",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:321be87a16bb3b4564223709a86bf2d00c831a249de86d48e03855855776d250_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d1dda2038649d6dcae41d9ef83d0391cdb7499bb6ebedf8453d197fb06ce055_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7055e7c41cc056bfb96e5b429a78e27e7a7584d97f26eec6601cad5eca403cc9_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7c918bae6c51890395296e41239ae3101226595d07b880aefd02e765119dbffb_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9448"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:1a1a9cf19de45b8920e70d8123da7f1e7b2568fe356d98203dc0053cee541339_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:46f11470d7627e5a74663770efb3e8118910f5e2f84a1191f6b14805efc10c73_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:883910879ec4940cd9221bd64fbfa392d1ca28503f4e63277169441cb0addeae_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:8e5be961ce5b17d43e49ad3a0bd5339af75f19d46d11881423c1e86b8bc45a0c_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:0f0dfc2423b897ec2b43dc9fff794690809d845f065c7ae4635191348f4af1d2_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:2040cfbc531f36c1a8387e41911e3e9d26f53a4ef4a24bc712cbe7f33264f356_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:3ba4910ac8b0bed39310344d4cfa21c645922f80cd287b7f66f4b2873871a26a_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:65368e8e6648247d5efe4edb74085384e833d7cac67c93518f3a6efc059fafbd_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:18dc040c6df63b00dbb419895f754d4d728122cf8e245d40cfd9d1f625609bfc_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:4d4ba0754e38ed8824e2a4c1c0e9f603b55650366883339acb67efdbcefae8e0_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5aee5dd20238fc15d863e2b700f4b510a758d6fcb696b384bcb7aa0854061428_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:629b6b3147b374e2ee5398b4778ef13d7377bc617391df92e0e7b19a4194a6aa_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:702f60c7aa0927bf2b8a4e2077d972222a0fe13b06a6afd5ce6d3e518cae42a5_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7bc9ffa1c1d9895be132f424d80643bc804a4e99d886762ed16bc8c3d2121c74_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a55d6fe6d7d1d94134e35aa47f3578348b8f0185b7f2c51a69aecb6b8eb2e976_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:e496840d6cf9f281ba71596f477044f370530f37cc5a694d7d538eb37b4f903a_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:321be87a16bb3b4564223709a86bf2d00c831a249de86d48e03855855776d250_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d1dda2038649d6dcae41d9ef83d0391cdb7499bb6ebedf8453d197fb06ce055_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7055e7c41cc056bfb96e5b429a78e27e7a7584d97f26eec6601cad5eca403cc9_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7c918bae6c51890395296e41239ae3101226595d07b880aefd02e765119dbffb_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:149448cd15ef98964551a2527d3287851e3e7726a64e10f94b846a41ed756766_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:2fc0af6b178529161647bc102dd8c762dd850b2598296bf7b045e6b1e31b6606_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:8f18db5e45ba3934b5878c824cd38ffe989fedad1d28c7d1b39e472f4c0fb43a_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:bfd02648a63140c8f810011cbc3f345e0e883a6c3893bb785319fd74871b9ccd_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:2f1655b06910cc596ef10f55ad2d34882b82e30b4c6c1a2456bc25cf6e4928c5_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:1a1a9cf19de45b8920e70d8123da7f1e7b2568fe356d98203dc0053cee541339_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:46f11470d7627e5a74663770efb3e8118910f5e2f84a1191f6b14805efc10c73_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:883910879ec4940cd9221bd64fbfa392d1ca28503f4e63277169441cb0addeae_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:8e5be961ce5b17d43e49ad3a0bd5339af75f19d46d11881423c1e86b8bc45a0c_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:0f0dfc2423b897ec2b43dc9fff794690809d845f065c7ae4635191348f4af1d2_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:2040cfbc531f36c1a8387e41911e3e9d26f53a4ef4a24bc712cbe7f33264f356_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:3ba4910ac8b0bed39310344d4cfa21c645922f80cd287b7f66f4b2873871a26a_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:65368e8e6648247d5efe4edb74085384e833d7cac67c93518f3a6efc059fafbd_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:18dc040c6df63b00dbb419895f754d4d728122cf8e245d40cfd9d1f625609bfc_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:4d4ba0754e38ed8824e2a4c1c0e9f603b55650366883339acb67efdbcefae8e0_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5aee5dd20238fc15d863e2b700f4b510a758d6fcb696b384bcb7aa0854061428_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:629b6b3147b374e2ee5398b4778ef13d7377bc617391df92e0e7b19a4194a6aa_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:702f60c7aa0927bf2b8a4e2077d972222a0fe13b06a6afd5ce6d3e518cae42a5_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7bc9ffa1c1d9895be132f424d80643bc804a4e99d886762ed16bc8c3d2121c74_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a55d6fe6d7d1d94134e35aa47f3578348b8f0185b7f2c51a69aecb6b8eb2e976_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:e496840d6cf9f281ba71596f477044f370530f37cc5a694d7d538eb37b4f903a_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:321be87a16bb3b4564223709a86bf2d00c831a249de86d48e03855855776d250_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d1dda2038649d6dcae41d9ef83d0391cdb7499bb6ebedf8453d197fb06ce055_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7055e7c41cc056bfb96e5b429a78e27e7a7584d97f26eec6601cad5eca403cc9_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7c918bae6c51890395296e41239ae3101226595d07b880aefd02e765119dbffb_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:149448cd15ef98964551a2527d3287851e3e7726a64e10f94b846a41ed756766_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:2fc0af6b178529161647bc102dd8c762dd850b2598296bf7b045e6b1e31b6606_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:8f18db5e45ba3934b5878c824cd38ffe989fedad1d28c7d1b39e472f4c0fb43a_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:bfd02648a63140c8f810011cbc3f345e0e883a6c3893bb785319fd74871b9ccd_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:2f1655b06910cc596ef10f55ad2d34882b82e30b4c6c1a2456bc25cf6e4928c5_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "github.com/moby/buildkit: BuildKit: Unauthorized file access via Git URL fragment subdir components"
},
{
"cve": "CVE-2026-34986",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"discovery_date": "2026-04-06T17:01:34.639203+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:1a1a9cf19de45b8920e70d8123da7f1e7b2568fe356d98203dc0053cee541339_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:46f11470d7627e5a74663770efb3e8118910f5e2f84a1191f6b14805efc10c73_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:883910879ec4940cd9221bd64fbfa392d1ca28503f4e63277169441cb0addeae_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:8e5be961ce5b17d43e49ad3a0bd5339af75f19d46d11881423c1e86b8bc45a0c_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:18dc040c6df63b00dbb419895f754d4d728122cf8e245d40cfd9d1f625609bfc_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:4d4ba0754e38ed8824e2a4c1c0e9f603b55650366883339acb67efdbcefae8e0_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5aee5dd20238fc15d863e2b700f4b510a758d6fcb696b384bcb7aa0854061428_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:629b6b3147b374e2ee5398b4778ef13d7377bc617391df92e0e7b19a4194a6aa_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:321be87a16bb3b4564223709a86bf2d00c831a249de86d48e03855855776d250_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d1dda2038649d6dcae41d9ef83d0391cdb7499bb6ebedf8453d197fb06ce055_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7055e7c41cc056bfb96e5b429a78e27e7a7584d97f26eec6601cad5eca403cc9_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7c918bae6c51890395296e41239ae3101226595d07b880aefd02e765119dbffb_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:149448cd15ef98964551a2527d3287851e3e7726a64e10f94b846a41ed756766_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:2fc0af6b178529161647bc102dd8c762dd850b2598296bf7b045e6b1e31b6606_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:8f18db5e45ba3934b5878c824cd38ffe989fedad1d28c7d1b39e472f4c0fb43a_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:bfd02648a63140c8f810011cbc3f345e0e883a6c3893bb785319fd74871b9ccd_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:2f1655b06910cc596ef10f55ad2d34882b82e30b4c6c1a2456bc25cf6e4928c5_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2455470"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go JOSE, a library for handling JSON Web Encryption (JWE) objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the application can crash. This leads to a denial of service (DoS), making the affected service unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:0f0dfc2423b897ec2b43dc9fff794690809d845f065c7ae4635191348f4af1d2_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:2040cfbc531f36c1a8387e41911e3e9d26f53a4ef4a24bc712cbe7f33264f356_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:3ba4910ac8b0bed39310344d4cfa21c645922f80cd287b7f66f4b2873871a26a_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:65368e8e6648247d5efe4edb74085384e833d7cac67c93518f3a6efc059fafbd_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:702f60c7aa0927bf2b8a4e2077d972222a0fe13b06a6afd5ce6d3e518cae42a5_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7bc9ffa1c1d9895be132f424d80643bc804a4e99d886762ed16bc8c3d2121c74_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a55d6fe6d7d1d94134e35aa47f3578348b8f0185b7f2c51a69aecb6b8eb2e976_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:e496840d6cf9f281ba71596f477044f370530f37cc5a694d7d538eb37b4f903a_amd64"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:1a1a9cf19de45b8920e70d8123da7f1e7b2568fe356d98203dc0053cee541339_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:46f11470d7627e5a74663770efb3e8118910f5e2f84a1191f6b14805efc10c73_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:883910879ec4940cd9221bd64fbfa392d1ca28503f4e63277169441cb0addeae_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:8e5be961ce5b17d43e49ad3a0bd5339af75f19d46d11881423c1e86b8bc45a0c_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:18dc040c6df63b00dbb419895f754d4d728122cf8e245d40cfd9d1f625609bfc_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:4d4ba0754e38ed8824e2a4c1c0e9f603b55650366883339acb67efdbcefae8e0_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5aee5dd20238fc15d863e2b700f4b510a758d6fcb696b384bcb7aa0854061428_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:629b6b3147b374e2ee5398b4778ef13d7377bc617391df92e0e7b19a4194a6aa_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:321be87a16bb3b4564223709a86bf2d00c831a249de86d48e03855855776d250_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d1dda2038649d6dcae41d9ef83d0391cdb7499bb6ebedf8453d197fb06ce055_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7055e7c41cc056bfb96e5b429a78e27e7a7584d97f26eec6601cad5eca403cc9_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7c918bae6c51890395296e41239ae3101226595d07b880aefd02e765119dbffb_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:149448cd15ef98964551a2527d3287851e3e7726a64e10f94b846a41ed756766_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:2fc0af6b178529161647bc102dd8c762dd850b2598296bf7b045e6b1e31b6606_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:8f18db5e45ba3934b5878c824cd38ffe989fedad1d28c7d1b39e472f4c0fb43a_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:bfd02648a63140c8f810011cbc3f345e0e883a6c3893bb785319fd74871b9ccd_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:2f1655b06910cc596ef10f55ad2d34882b82e30b4c6c1a2456bc25cf6e4928c5_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-34986"
},
{
"category": "external",
"summary": "RHBZ#2455470",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455470"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-34986",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34986"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986"
},
{
"category": "external",
"summary": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8",
"url": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8"
},
{
"category": "external",
"summary": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants",
"url": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants"
}
],
"release_date": "2026-04-06T16:22:45.353000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-21T17:23:46+00:00",
"details": "See Red Hat OpenShift Service Mesh 3.1.7 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.1",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:0f0dfc2423b897ec2b43dc9fff794690809d845f065c7ae4635191348f4af1d2_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:2040cfbc531f36c1a8387e41911e3e9d26f53a4ef4a24bc712cbe7f33264f356_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:3ba4910ac8b0bed39310344d4cfa21c645922f80cd287b7f66f4b2873871a26a_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:65368e8e6648247d5efe4edb74085384e833d7cac67c93518f3a6efc059fafbd_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:702f60c7aa0927bf2b8a4e2077d972222a0fe13b06a6afd5ce6d3e518cae42a5_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7bc9ffa1c1d9895be132f424d80643bc804a4e99d886762ed16bc8c3d2121c74_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a55d6fe6d7d1d94134e35aa47f3578348b8f0185b7f2c51a69aecb6b8eb2e976_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:e496840d6cf9f281ba71596f477044f370530f37cc5a694d7d538eb37b4f903a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9448"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:1a1a9cf19de45b8920e70d8123da7f1e7b2568fe356d98203dc0053cee541339_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:46f11470d7627e5a74663770efb3e8118910f5e2f84a1191f6b14805efc10c73_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:883910879ec4940cd9221bd64fbfa392d1ca28503f4e63277169441cb0addeae_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:8e5be961ce5b17d43e49ad3a0bd5339af75f19d46d11881423c1e86b8bc45a0c_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:0f0dfc2423b897ec2b43dc9fff794690809d845f065c7ae4635191348f4af1d2_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:2040cfbc531f36c1a8387e41911e3e9d26f53a4ef4a24bc712cbe7f33264f356_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:3ba4910ac8b0bed39310344d4cfa21c645922f80cd287b7f66f4b2873871a26a_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:65368e8e6648247d5efe4edb74085384e833d7cac67c93518f3a6efc059fafbd_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:18dc040c6df63b00dbb419895f754d4d728122cf8e245d40cfd9d1f625609bfc_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:4d4ba0754e38ed8824e2a4c1c0e9f603b55650366883339acb67efdbcefae8e0_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5aee5dd20238fc15d863e2b700f4b510a758d6fcb696b384bcb7aa0854061428_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:629b6b3147b374e2ee5398b4778ef13d7377bc617391df92e0e7b19a4194a6aa_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:702f60c7aa0927bf2b8a4e2077d972222a0fe13b06a6afd5ce6d3e518cae42a5_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7bc9ffa1c1d9895be132f424d80643bc804a4e99d886762ed16bc8c3d2121c74_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a55d6fe6d7d1d94134e35aa47f3578348b8f0185b7f2c51a69aecb6b8eb2e976_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:e496840d6cf9f281ba71596f477044f370530f37cc5a694d7d538eb37b4f903a_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:321be87a16bb3b4564223709a86bf2d00c831a249de86d48e03855855776d250_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d1dda2038649d6dcae41d9ef83d0391cdb7499bb6ebedf8453d197fb06ce055_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7055e7c41cc056bfb96e5b429a78e27e7a7584d97f26eec6601cad5eca403cc9_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7c918bae6c51890395296e41239ae3101226595d07b880aefd02e765119dbffb_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:149448cd15ef98964551a2527d3287851e3e7726a64e10f94b846a41ed756766_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:2fc0af6b178529161647bc102dd8c762dd850b2598296bf7b045e6b1e31b6606_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:8f18db5e45ba3934b5878c824cd38ffe989fedad1d28c7d1b39e472f4c0fb43a_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:bfd02648a63140c8f810011cbc3f345e0e883a6c3893bb785319fd74871b9ccd_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:2f1655b06910cc596ef10f55ad2d34882b82e30b4c6c1a2456bc25cf6e4928c5_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:1a1a9cf19de45b8920e70d8123da7f1e7b2568fe356d98203dc0053cee541339_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:46f11470d7627e5a74663770efb3e8118910f5e2f84a1191f6b14805efc10c73_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:883910879ec4940cd9221bd64fbfa392d1ca28503f4e63277169441cb0addeae_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh-tech-preview/istio-ztunnel-rhel9@sha256:8e5be961ce5b17d43e49ad3a0bd5339af75f19d46d11881423c1e86b8bc45a0c_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:0f0dfc2423b897ec2b43dc9fff794690809d845f065c7ae4635191348f4af1d2_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:2040cfbc531f36c1a8387e41911e3e9d26f53a4ef4a24bc712cbe7f33264f356_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:3ba4910ac8b0bed39310344d4cfa21c645922f80cd287b7f66f4b2873871a26a_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:65368e8e6648247d5efe4edb74085384e833d7cac67c93518f3a6efc059fafbd_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:18dc040c6df63b00dbb419895f754d4d728122cf8e245d40cfd9d1f625609bfc_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:4d4ba0754e38ed8824e2a4c1c0e9f603b55650366883339acb67efdbcefae8e0_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5aee5dd20238fc15d863e2b700f4b510a758d6fcb696b384bcb7aa0854061428_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:629b6b3147b374e2ee5398b4778ef13d7377bc617391df92e0e7b19a4194a6aa_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:702f60c7aa0927bf2b8a4e2077d972222a0fe13b06a6afd5ce6d3e518cae42a5_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7bc9ffa1c1d9895be132f424d80643bc804a4e99d886762ed16bc8c3d2121c74_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:a55d6fe6d7d1d94134e35aa47f3578348b8f0185b7f2c51a69aecb6b8eb2e976_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:e496840d6cf9f281ba71596f477044f370530f37cc5a694d7d538eb37b4f903a_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:321be87a16bb3b4564223709a86bf2d00c831a249de86d48e03855855776d250_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:5d1dda2038649d6dcae41d9ef83d0391cdb7499bb6ebedf8453d197fb06ce055_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7055e7c41cc056bfb96e5b429a78e27e7a7584d97f26eec6601cad5eca403cc9_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7c918bae6c51890395296e41239ae3101226595d07b880aefd02e765119dbffb_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:149448cd15ef98964551a2527d3287851e3e7726a64e10f94b846a41ed756766_amd64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:2fc0af6b178529161647bc102dd8c762dd850b2598296bf7b045e6b1e31b6606_s390x",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:8f18db5e45ba3934b5878c824cd38ffe989fedad1d28c7d1b39e472f4c0fb43a_ppc64le",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:bfd02648a63140c8f810011cbc3f345e0e883a6c3893bb785319fd74871b9ccd_arm64",
"Red Hat OpenShift Service Mesh 3.1:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:2f1655b06910cc596ef10f55ad2d34882b82e30b4c6c1a2456bc25cf6e4928c5_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object"
}
]
}
RHSA-2026:9453
Vulnerability from csaf_redhat - Published: 2026-04-21 17:29 - Updated: 2026-07-03 06:49The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1aa2834ce676ef21f5a67e3144fe62677d9bf7b57a9401d74fab7cf569da9911_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d39ae3b09ef2ee139705831bff3f9070d2590d59887a488bfdbb36b590dec13_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4f5e7e28f111429e2c9376ac5f42d717f13eea1c3a80357fe001a9caf5c25fba_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:727908a49c6edf57609ac8a75d5aab182a79530e88819ea8a1df8a9610826c02_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:193b36cc5bc389b68c6e8080e1d47c3860aab22f7a4ee262c90b864967e23a97_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:31e020f606b687b82712fe32823a392ed1abcc9563845ea81fbfce616b99e6b1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7e688abcea40cae3f552b2dc5abf0da092e8a0d7a3f04f3cb5d15c5b4fb1a1f2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:8111afc971379ee93fef9ebddfccf75102309c134d25f9d6d3de46f59e809001_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:3e210dcd0cab9c18bc0629a3a20b27e75bc09c09decbfcc9f6ab69f7c29670e1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:9d1e9ff2ab9a3f84328cdbe49d4263d34e9ef1ef14d689a32d87534d7631cb0d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a2904680a45ff398adce27c1cbc539bf08e7f53aa64fadf0d6db74f1296421ad_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:f62ae2005f3c153975695253d786a00a1a5827b92f96328a0be425fdd4125e69_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:3f1d2206dea7630015fac80f8b8c6f7a6a1e1c17e477d1d54db4690b4453e6a0_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6015e887371eed1bd162363ebd16ca4f20bd8077df166b455685579e808a9292_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:87953048140227569e7028187ed92cc0960bbc055d62a6755c5a1fdcf10510ec_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:dfb94112b66ce7fe56a642371749bf87e979b0136652328b124cc384818ef6c3_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:284458d236e45ffa8a865917bf6253764dbe0f6602173ba3f6733b0a40c5a741_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2b6f5aa276fe5848c6f377c51be574045b04ea784374bcb54e496f2a297f02b0_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5b95c5cfc63958a16f3b30a42f16b9ff26b2f2c9f8e3c539fcec75b721edfb88_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c592a7d2b6b5997972ed7a2deda29c5e9bb03c2b28e42d1f6f57ae1639629c11_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:615f4ab167e82d54f5cd9bea15e0673293ec42bf19cfa0ccc15eb1d20b7db18a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:56140955dffe7c205dc944835637f83f04c5a82ba6f192dcfb034aa9cf800f8f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:62b18afbdedf572866fd0dca6aa9e2426608d0b1cf011acef9f9044f4fbe4711_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:74b244e23b80d7996138a01814de1cb9d679ce7ed4156b5521fd76efc1bb5db5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:cf5b5c9c6ba78281d0080d426f71c5b7b3e2b46db3644d153862268c0b4bf538_amd64 | — |
Workaround
|
A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 `:path` pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed `:path` that omits the mandatory leading slash. This allows the attacker to bypass defined security policies, potentially leading to unauthorized access to services or information disclosure.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:3e210dcd0cab9c18bc0629a3a20b27e75bc09c09decbfcc9f6ab69f7c29670e1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:9d1e9ff2ab9a3f84328cdbe49d4263d34e9ef1ef14d689a32d87534d7631cb0d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a2904680a45ff398adce27c1cbc539bf08e7f53aa64fadf0d6db74f1296421ad_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:f62ae2005f3c153975695253d786a00a1a5827b92f96328a0be425fdd4125e69_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1aa2834ce676ef21f5a67e3144fe62677d9bf7b57a9401d74fab7cf569da9911_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d39ae3b09ef2ee139705831bff3f9070d2590d59887a488bfdbb36b590dec13_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4f5e7e28f111429e2c9376ac5f42d717f13eea1c3a80357fe001a9caf5c25fba_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:727908a49c6edf57609ac8a75d5aab182a79530e88819ea8a1df8a9610826c02_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:284458d236e45ffa8a865917bf6253764dbe0f6602173ba3f6733b0a40c5a741_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2b6f5aa276fe5848c6f377c51be574045b04ea784374bcb54e496f2a297f02b0_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5b95c5cfc63958a16f3b30a42f16b9ff26b2f2c9f8e3c539fcec75b721edfb88_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c592a7d2b6b5997972ed7a2deda29c5e9bb03c2b28e42d1f6f57ae1639629c11_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:193b36cc5bc389b68c6e8080e1d47c3860aab22f7a4ee262c90b864967e23a97_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:31e020f606b687b82712fe32823a392ed1abcc9563845ea81fbfce616b99e6b1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7e688abcea40cae3f552b2dc5abf0da092e8a0d7a3f04f3cb5d15c5b4fb1a1f2_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:8111afc971379ee93fef9ebddfccf75102309c134d25f9d6d3de46f59e809001_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:3f1d2206dea7630015fac80f8b8c6f7a6a1e1c17e477d1d54db4690b4453e6a0_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6015e887371eed1bd162363ebd16ca4f20bd8077df166b455685579e808a9292_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:87953048140227569e7028187ed92cc0960bbc055d62a6755c5a1fdcf10510ec_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:dfb94112b66ce7fe56a642371749bf87e979b0136652328b124cc384818ef6c3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:615f4ab167e82d54f5cd9bea15e0673293ec42bf19cfa0ccc15eb1d20b7db18a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:56140955dffe7c205dc944835637f83f04c5a82ba6f192dcfb034aa9cf800f8f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:62b18afbdedf572866fd0dca6aa9e2426608d0b1cf011acef9f9044f4fbe4711_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:74b244e23b80d7996138a01814de1cb9d679ce7ed4156b5521fd76efc1bb5db5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:cf5b5c9c6ba78281d0080d426f71c5b7b3e2b46db3644d153862268c0b4bf538_amd64 | — |
Workaround
|
A flaw was found in BuildKit, a toolkit for converting source code to build artifacts. An untrusted BuildKit frontend can be leveraged to craft a malicious API message, allowing files to be written outside of the designated BuildKit state directory. This vulnerability, which is a form of arbitrary file write, could enable an attacker to execute unauthorized code or escalate their privileges on the system. This issue arises when custom BuildKit frontends are used with specific configuration options.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:3e210dcd0cab9c18bc0629a3a20b27e75bc09c09decbfcc9f6ab69f7c29670e1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:9d1e9ff2ab9a3f84328cdbe49d4263d34e9ef1ef14d689a32d87534d7631cb0d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a2904680a45ff398adce27c1cbc539bf08e7f53aa64fadf0d6db74f1296421ad_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:f62ae2005f3c153975695253d786a00a1a5827b92f96328a0be425fdd4125e69_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1aa2834ce676ef21f5a67e3144fe62677d9bf7b57a9401d74fab7cf569da9911_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d39ae3b09ef2ee139705831bff3f9070d2590d59887a488bfdbb36b590dec13_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4f5e7e28f111429e2c9376ac5f42d717f13eea1c3a80357fe001a9caf5c25fba_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:727908a49c6edf57609ac8a75d5aab182a79530e88819ea8a1df8a9610826c02_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:284458d236e45ffa8a865917bf6253764dbe0f6602173ba3f6733b0a40c5a741_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2b6f5aa276fe5848c6f377c51be574045b04ea784374bcb54e496f2a297f02b0_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5b95c5cfc63958a16f3b30a42f16b9ff26b2f2c9f8e3c539fcec75b721edfb88_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c592a7d2b6b5997972ed7a2deda29c5e9bb03c2b28e42d1f6f57ae1639629c11_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:193b36cc5bc389b68c6e8080e1d47c3860aab22f7a4ee262c90b864967e23a97_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:31e020f606b687b82712fe32823a392ed1abcc9563845ea81fbfce616b99e6b1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7e688abcea40cae3f552b2dc5abf0da092e8a0d7a3f04f3cb5d15c5b4fb1a1f2_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:8111afc971379ee93fef9ebddfccf75102309c134d25f9d6d3de46f59e809001_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:3f1d2206dea7630015fac80f8b8c6f7a6a1e1c17e477d1d54db4690b4453e6a0_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6015e887371eed1bd162363ebd16ca4f20bd8077df166b455685579e808a9292_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:87953048140227569e7028187ed92cc0960bbc055d62a6755c5a1fdcf10510ec_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:dfb94112b66ce7fe56a642371749bf87e979b0136652328b124cc384818ef6c3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:615f4ab167e82d54f5cd9bea15e0673293ec42bf19cfa0ccc15eb1d20b7db18a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:56140955dffe7c205dc944835637f83f04c5a82ba6f192dcfb034aa9cf800f8f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:62b18afbdedf572866fd0dca6aa9e2426608d0b1cf011acef9f9044f4fbe4711_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:74b244e23b80d7996138a01814de1cb9d679ce7ed4156b5521fd76efc1bb5db5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:cf5b5c9c6ba78281d0080d426f71c5b7b3e2b46db3644d153862268c0b4bf538_amd64 | — |
Workaround
|
A flaw was found in BuildKit. Insufficient validation of Git URL fragment subdirectory components may allow a remote attacker to access files outside the checked-out Git repository root. This access is limited to files on the same mounted filesystem. This vulnerability could lead to unauthorized information disclosure.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:3e210dcd0cab9c18bc0629a3a20b27e75bc09c09decbfcc9f6ab69f7c29670e1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:9d1e9ff2ab9a3f84328cdbe49d4263d34e9ef1ef14d689a32d87534d7631cb0d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a2904680a45ff398adce27c1cbc539bf08e7f53aa64fadf0d6db74f1296421ad_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:f62ae2005f3c153975695253d786a00a1a5827b92f96328a0be425fdd4125e69_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1aa2834ce676ef21f5a67e3144fe62677d9bf7b57a9401d74fab7cf569da9911_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d39ae3b09ef2ee139705831bff3f9070d2590d59887a488bfdbb36b590dec13_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4f5e7e28f111429e2c9376ac5f42d717f13eea1c3a80357fe001a9caf5c25fba_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:727908a49c6edf57609ac8a75d5aab182a79530e88819ea8a1df8a9610826c02_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:284458d236e45ffa8a865917bf6253764dbe0f6602173ba3f6733b0a40c5a741_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2b6f5aa276fe5848c6f377c51be574045b04ea784374bcb54e496f2a297f02b0_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5b95c5cfc63958a16f3b30a42f16b9ff26b2f2c9f8e3c539fcec75b721edfb88_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c592a7d2b6b5997972ed7a2deda29c5e9bb03c2b28e42d1f6f57ae1639629c11_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:193b36cc5bc389b68c6e8080e1d47c3860aab22f7a4ee262c90b864967e23a97_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:31e020f606b687b82712fe32823a392ed1abcc9563845ea81fbfce616b99e6b1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7e688abcea40cae3f552b2dc5abf0da092e8a0d7a3f04f3cb5d15c5b4fb1a1f2_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:8111afc971379ee93fef9ebddfccf75102309c134d25f9d6d3de46f59e809001_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:3f1d2206dea7630015fac80f8b8c6f7a6a1e1c17e477d1d54db4690b4453e6a0_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6015e887371eed1bd162363ebd16ca4f20bd8077df166b455685579e808a9292_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:87953048140227569e7028187ed92cc0960bbc055d62a6755c5a1fdcf10510ec_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:dfb94112b66ce7fe56a642371749bf87e979b0136652328b124cc384818ef6c3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:615f4ab167e82d54f5cd9bea15e0673293ec42bf19cfa0ccc15eb1d20b7db18a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:56140955dffe7c205dc944835637f83f04c5a82ba6f192dcfb034aa9cf800f8f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:62b18afbdedf572866fd0dca6aa9e2426608d0b1cf011acef9f9044f4fbe4711_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:74b244e23b80d7996138a01814de1cb9d679ce7ed4156b5521fd76efc1bb5db5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:cf5b5c9c6ba78281d0080d426f71c5b7b3e2b46db3644d153862268c0b4bf538_amd64 | — |
Workaround
|
A flaw was found in Go JOSE, a library for handling JSON Web Encryption (JWE) objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the application can crash. This leads to a denial of service (DoS), making the affected service unavailable to legitimate users.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1aa2834ce676ef21f5a67e3144fe62677d9bf7b57a9401d74fab7cf569da9911_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d39ae3b09ef2ee139705831bff3f9070d2590d59887a488bfdbb36b590dec13_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4f5e7e28f111429e2c9376ac5f42d717f13eea1c3a80357fe001a9caf5c25fba_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:727908a49c6edf57609ac8a75d5aab182a79530e88819ea8a1df8a9610826c02_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:193b36cc5bc389b68c6e8080e1d47c3860aab22f7a4ee262c90b864967e23a97_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:31e020f606b687b82712fe32823a392ed1abcc9563845ea81fbfce616b99e6b1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7e688abcea40cae3f552b2dc5abf0da092e8a0d7a3f04f3cb5d15c5b4fb1a1f2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:8111afc971379ee93fef9ebddfccf75102309c134d25f9d6d3de46f59e809001_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:284458d236e45ffa8a865917bf6253764dbe0f6602173ba3f6733b0a40c5a741_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2b6f5aa276fe5848c6f377c51be574045b04ea784374bcb54e496f2a297f02b0_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5b95c5cfc63958a16f3b30a42f16b9ff26b2f2c9f8e3c539fcec75b721edfb88_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c592a7d2b6b5997972ed7a2deda29c5e9bb03c2b28e42d1f6f57ae1639629c11_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:3e210dcd0cab9c18bc0629a3a20b27e75bc09c09decbfcc9f6ab69f7c29670e1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:9d1e9ff2ab9a3f84328cdbe49d4263d34e9ef1ef14d689a32d87534d7631cb0d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a2904680a45ff398adce27c1cbc539bf08e7f53aa64fadf0d6db74f1296421ad_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:f62ae2005f3c153975695253d786a00a1a5827b92f96328a0be425fdd4125e69_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:3f1d2206dea7630015fac80f8b8c6f7a6a1e1c17e477d1d54db4690b4453e6a0_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6015e887371eed1bd162363ebd16ca4f20bd8077df166b455685579e808a9292_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:87953048140227569e7028187ed92cc0960bbc055d62a6755c5a1fdcf10510ec_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:dfb94112b66ce7fe56a642371749bf87e979b0136652328b124cc384818ef6c3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:615f4ab167e82d54f5cd9bea15e0673293ec42bf19cfa0ccc15eb1d20b7db18a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:56140955dffe7c205dc944835637f83f04c5a82ba6f192dcfb034aa9cf800f8f_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:62b18afbdedf572866fd0dca6aa9e2426608d0b1cf011acef9f9044f4fbe4711_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:74b244e23b80d7996138a01814de1cb9d679ce7ed4156b5521fd76efc1bb5db5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:cf5b5c9c6ba78281d0080d426f71c5b7b3e2b46db3644d153862268c0b4bf538_amd64 | — |
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Service Mesh 3.2.4\n\nThis update has a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Service Mesh 3.2.4, which is based on the open source Istio project, addresses a variety of problems in a microservice architecture by creating a centralized point of control in an application.\n\nFixes/Improvements:\n\nSecurity Fix(es):\n\n* istio-rhel9-operator: Incorrect parsing of IPv6 host literals in net/url (CVE-2026-25679)\n\n* istio-cni-rhel9: Incorrect parsing of IPv6 host literals in net/url (CVE-2026-25679)\n\n* istio-pilot-rhel9: Incorrect parsing of IPv6 host literals in net/url (CVE-2026-25679)\n\n* istio-proxyv2-rhel9: Incorrect parsing of IPv6 host literals in net/url (CVE-2026-25679)\n\n* istio-proxyv2-rhel9: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation (CVE-2026-33186)\n\n* istio-proxyv2-rhel9: BuildKit: Arbitrary file write and code execution via untrusted frontend (CVE-2026-33747)\n\n* istio-proxyv2-rhel9: BuildKit: Unauthorized file access via Git URL fragment subdir components (CVE-2026-33748)\n\n* istio-cni-rhel9: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object (CVE-2026-34986)\n\n* istio-pilot-rhel9: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object (CVE-2026-34986)\n\nBug Fix(es):\n\n* Ztunnel default value in operator contains older istio version (OSSM-13103)\n\n* OSSM operator metrics reader ClusterRole conflicts with other operators (OSSM-13106)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:9453",
"url": "https://access.redhat.com/errata/RHSA-2026:9453"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-25679",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33186",
"url": "https://access.redhat.com/security/cve/CVE-2026-33186"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33747",
"url": "https://access.redhat.com/security/cve/CVE-2026-33747"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33748",
"url": "https://access.redhat.com/security/cve/CVE-2026-33748"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-34986",
"url": "https://access.redhat.com/security/cve/CVE-2026-34986"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/cve-2026-25679",
"url": "https://access.redhat.com/security/cve/cve-2026-25679"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/cve-2026-33186",
"url": "https://access.redhat.com/security/cve/cve-2026-33186"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/cve-2026-33747",
"url": "https://access.redhat.com/security/cve/cve-2026-33747"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/cve-2026-33748",
"url": "https://access.redhat.com/security/cve/cve-2026-33748"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/cve-2026-34986",
"url": "https://access.redhat.com/security/cve/cve-2026-34986"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification",
"url": "https://access.redhat.com/security/updates/classification"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_9453.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Service Mesh 3.2.4",
"tracking": {
"current_release_date": "2026-07-03T06:49:32+00:00",
"generator": {
"date": "2026-07-03T06:49:32+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:9453",
"initial_release_date": "2026-04-21T17:29:36+00:00",
"revision_history": [
{
"date": "2026-04-21T17:29:36+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-04-21T17:29:40+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-03T06:49:32+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Service Mesh 3.2",
"product": {
"name": "Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:service_mesh:3.2::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Service Mesh"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:615f4ab167e82d54f5cd9bea15e0673293ec42bf19cfa0ccc15eb1d20b7db18a_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:615f4ab167e82d54f5cd9bea15e0673293ec42bf19cfa0ccc15eb1d20b7db18a_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:615f4ab167e82d54f5cd9bea15e0673293ec42bf19cfa0ccc15eb1d20b7db18a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-sail-operator-bundle@sha256%3A615f4ab167e82d54f5cd9bea15e0673293ec42bf19cfa0ccc15eb1d20b7db18a?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776677282"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4f5e7e28f111429e2c9376ac5f42d717f13eea1c3a80357fe001a9caf5c25fba_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4f5e7e28f111429e2c9376ac5f42d717f13eea1c3a80357fe001a9caf5c25fba_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4f5e7e28f111429e2c9376ac5f42d717f13eea1c3a80357fe001a9caf5c25fba_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel9@sha256%3A4f5e7e28f111429e2c9376ac5f42d717f13eea1c3a80357fe001a9caf5c25fba?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776178280"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:284458d236e45ffa8a865917bf6253764dbe0f6602173ba3f6733b0a40c5a741_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:284458d236e45ffa8a865917bf6253764dbe0f6602173ba3f6733b0a40c5a741_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:284458d236e45ffa8a865917bf6253764dbe0f6602173ba3f6733b0a40c5a741_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel9@sha256%3A284458d236e45ffa8a865917bf6253764dbe0f6602173ba3f6733b0a40c5a741?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776238602"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:87953048140227569e7028187ed92cc0960bbc055d62a6755c5a1fdcf10510ec_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:87953048140227569e7028187ed92cc0960bbc055d62a6755c5a1fdcf10510ec_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:87953048140227569e7028187ed92cc0960bbc055d62a6755c5a1fdcf10510ec_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel9-operator@sha256%3A87953048140227569e7028187ed92cc0960bbc055d62a6755c5a1fdcf10510ec?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776232405"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:31e020f606b687b82712fe32823a392ed1abcc9563845ea81fbfce616b99e6b1_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:31e020f606b687b82712fe32823a392ed1abcc9563845ea81fbfce616b99e6b1_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:31e020f606b687b82712fe32823a392ed1abcc9563845ea81fbfce616b99e6b1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-pilot-rhel9@sha256%3A31e020f606b687b82712fe32823a392ed1abcc9563845ea81fbfce616b99e6b1?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776178059"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:f62ae2005f3c153975695253d786a00a1a5827b92f96328a0be425fdd4125e69_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:f62ae2005f3c153975695253d786a00a1a5827b92f96328a0be425fdd4125e69_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:f62ae2005f3c153975695253d786a00a1a5827b92f96328a0be425fdd4125e69_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-proxyv2-rhel9@sha256%3Af62ae2005f3c153975695253d786a00a1a5827b92f96328a0be425fdd4125e69?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776291540"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:cf5b5c9c6ba78281d0080d426f71c5b7b3e2b46db3644d153862268c0b4bf538_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:cf5b5c9c6ba78281d0080d426f71c5b7b3e2b46db3644d153862268c0b4bf538_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:cf5b5c9c6ba78281d0080d426f71c5b7b3e2b46db3644d153862268c0b4bf538_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-ztunnel-rhel9@sha256%3Acf5b5c9c6ba78281d0080d426f71c5b7b3e2b46db3644d153862268c0b4bf538?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776232170"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:727908a49c6edf57609ac8a75d5aab182a79530e88819ea8a1df8a9610826c02_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:727908a49c6edf57609ac8a75d5aab182a79530e88819ea8a1df8a9610826c02_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:727908a49c6edf57609ac8a75d5aab182a79530e88819ea8a1df8a9610826c02_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel9@sha256%3A727908a49c6edf57609ac8a75d5aab182a79530e88819ea8a1df8a9610826c02?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776178280"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2b6f5aa276fe5848c6f377c51be574045b04ea784374bcb54e496f2a297f02b0_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2b6f5aa276fe5848c6f377c51be574045b04ea784374bcb54e496f2a297f02b0_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2b6f5aa276fe5848c6f377c51be574045b04ea784374bcb54e496f2a297f02b0_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel9@sha256%3A2b6f5aa276fe5848c6f377c51be574045b04ea784374bcb54e496f2a297f02b0?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776238602"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:dfb94112b66ce7fe56a642371749bf87e979b0136652328b124cc384818ef6c3_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:dfb94112b66ce7fe56a642371749bf87e979b0136652328b124cc384818ef6c3_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:dfb94112b66ce7fe56a642371749bf87e979b0136652328b124cc384818ef6c3_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel9-operator@sha256%3Adfb94112b66ce7fe56a642371749bf87e979b0136652328b124cc384818ef6c3?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776232405"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:193b36cc5bc389b68c6e8080e1d47c3860aab22f7a4ee262c90b864967e23a97_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:193b36cc5bc389b68c6e8080e1d47c3860aab22f7a4ee262c90b864967e23a97_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:193b36cc5bc389b68c6e8080e1d47c3860aab22f7a4ee262c90b864967e23a97_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-pilot-rhel9@sha256%3A193b36cc5bc389b68c6e8080e1d47c3860aab22f7a4ee262c90b864967e23a97?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776178059"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:3e210dcd0cab9c18bc0629a3a20b27e75bc09c09decbfcc9f6ab69f7c29670e1_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:3e210dcd0cab9c18bc0629a3a20b27e75bc09c09decbfcc9f6ab69f7c29670e1_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:3e210dcd0cab9c18bc0629a3a20b27e75bc09c09decbfcc9f6ab69f7c29670e1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-proxyv2-rhel9@sha256%3A3e210dcd0cab9c18bc0629a3a20b27e75bc09c09decbfcc9f6ab69f7c29670e1?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776291540"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:56140955dffe7c205dc944835637f83f04c5a82ba6f192dcfb034aa9cf800f8f_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:56140955dffe7c205dc944835637f83f04c5a82ba6f192dcfb034aa9cf800f8f_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:56140955dffe7c205dc944835637f83f04c5a82ba6f192dcfb034aa9cf800f8f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-ztunnel-rhel9@sha256%3A56140955dffe7c205dc944835637f83f04c5a82ba6f192dcfb034aa9cf800f8f?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776232170"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d39ae3b09ef2ee139705831bff3f9070d2590d59887a488bfdbb36b590dec13_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d39ae3b09ef2ee139705831bff3f9070d2590d59887a488bfdbb36b590dec13_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d39ae3b09ef2ee139705831bff3f9070d2590d59887a488bfdbb36b590dec13_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel9@sha256%3A4d39ae3b09ef2ee139705831bff3f9070d2590d59887a488bfdbb36b590dec13?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776178280"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5b95c5cfc63958a16f3b30a42f16b9ff26b2f2c9f8e3c539fcec75b721edfb88_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5b95c5cfc63958a16f3b30a42f16b9ff26b2f2c9f8e3c539fcec75b721edfb88_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5b95c5cfc63958a16f3b30a42f16b9ff26b2f2c9f8e3c539fcec75b721edfb88_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel9@sha256%3A5b95c5cfc63958a16f3b30a42f16b9ff26b2f2c9f8e3c539fcec75b721edfb88?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776238602"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6015e887371eed1bd162363ebd16ca4f20bd8077df166b455685579e808a9292_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6015e887371eed1bd162363ebd16ca4f20bd8077df166b455685579e808a9292_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6015e887371eed1bd162363ebd16ca4f20bd8077df166b455685579e808a9292_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel9-operator@sha256%3A6015e887371eed1bd162363ebd16ca4f20bd8077df166b455685579e808a9292?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776232405"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7e688abcea40cae3f552b2dc5abf0da092e8a0d7a3f04f3cb5d15c5b4fb1a1f2_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7e688abcea40cae3f552b2dc5abf0da092e8a0d7a3f04f3cb5d15c5b4fb1a1f2_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7e688abcea40cae3f552b2dc5abf0da092e8a0d7a3f04f3cb5d15c5b4fb1a1f2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-pilot-rhel9@sha256%3A7e688abcea40cae3f552b2dc5abf0da092e8a0d7a3f04f3cb5d15c5b4fb1a1f2?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776178059"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:9d1e9ff2ab9a3f84328cdbe49d4263d34e9ef1ef14d689a32d87534d7631cb0d_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:9d1e9ff2ab9a3f84328cdbe49d4263d34e9ef1ef14d689a32d87534d7631cb0d_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:9d1e9ff2ab9a3f84328cdbe49d4263d34e9ef1ef14d689a32d87534d7631cb0d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-proxyv2-rhel9@sha256%3A9d1e9ff2ab9a3f84328cdbe49d4263d34e9ef1ef14d689a32d87534d7631cb0d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776291540"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:62b18afbdedf572866fd0dca6aa9e2426608d0b1cf011acef9f9044f4fbe4711_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:62b18afbdedf572866fd0dca6aa9e2426608d0b1cf011acef9f9044f4fbe4711_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:62b18afbdedf572866fd0dca6aa9e2426608d0b1cf011acef9f9044f4fbe4711_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-ztunnel-rhel9@sha256%3A62b18afbdedf572866fd0dca6aa9e2426608d0b1cf011acef9f9044f4fbe4711?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776232170"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1aa2834ce676ef21f5a67e3144fe62677d9bf7b57a9401d74fab7cf569da9911_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1aa2834ce676ef21f5a67e3144fe62677d9bf7b57a9401d74fab7cf569da9911_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1aa2834ce676ef21f5a67e3144fe62677d9bf7b57a9401d74fab7cf569da9911_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel9@sha256%3A1aa2834ce676ef21f5a67e3144fe62677d9bf7b57a9401d74fab7cf569da9911?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776178280"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c592a7d2b6b5997972ed7a2deda29c5e9bb03c2b28e42d1f6f57ae1639629c11_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c592a7d2b6b5997972ed7a2deda29c5e9bb03c2b28e42d1f6f57ae1639629c11_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c592a7d2b6b5997972ed7a2deda29c5e9bb03c2b28e42d1f6f57ae1639629c11_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel9@sha256%3Ac592a7d2b6b5997972ed7a2deda29c5e9bb03c2b28e42d1f6f57ae1639629c11?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776238602"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:3f1d2206dea7630015fac80f8b8c6f7a6a1e1c17e477d1d54db4690b4453e6a0_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:3f1d2206dea7630015fac80f8b8c6f7a6a1e1c17e477d1d54db4690b4453e6a0_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:3f1d2206dea7630015fac80f8b8c6f7a6a1e1c17e477d1d54db4690b4453e6a0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel9-operator@sha256%3A3f1d2206dea7630015fac80f8b8c6f7a6a1e1c17e477d1d54db4690b4453e6a0?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776232405"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:8111afc971379ee93fef9ebddfccf75102309c134d25f9d6d3de46f59e809001_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:8111afc971379ee93fef9ebddfccf75102309c134d25f9d6d3de46f59e809001_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:8111afc971379ee93fef9ebddfccf75102309c134d25f9d6d3de46f59e809001_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-pilot-rhel9@sha256%3A8111afc971379ee93fef9ebddfccf75102309c134d25f9d6d3de46f59e809001?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776178059"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a2904680a45ff398adce27c1cbc539bf08e7f53aa64fadf0d6db74f1296421ad_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a2904680a45ff398adce27c1cbc539bf08e7f53aa64fadf0d6db74f1296421ad_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a2904680a45ff398adce27c1cbc539bf08e7f53aa64fadf0d6db74f1296421ad_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-proxyv2-rhel9@sha256%3Aa2904680a45ff398adce27c1cbc539bf08e7f53aa64fadf0d6db74f1296421ad?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776291540"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:74b244e23b80d7996138a01814de1cb9d679ce7ed4156b5521fd76efc1bb5db5_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:74b244e23b80d7996138a01814de1cb9d679ce7ed4156b5521fd76efc1bb5db5_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:74b244e23b80d7996138a01814de1cb9d679ce7ed4156b5521fd76efc1bb5db5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-ztunnel-rhel9@sha256%3A74b244e23b80d7996138a01814de1cb9d679ce7ed4156b5521fd76efc1bb5db5?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776232170"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1aa2834ce676ef21f5a67e3144fe62677d9bf7b57a9401d74fab7cf569da9911_s390x as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1aa2834ce676ef21f5a67e3144fe62677d9bf7b57a9401d74fab7cf569da9911_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1aa2834ce676ef21f5a67e3144fe62677d9bf7b57a9401d74fab7cf569da9911_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d39ae3b09ef2ee139705831bff3f9070d2590d59887a488bfdbb36b590dec13_ppc64le as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d39ae3b09ef2ee139705831bff3f9070d2590d59887a488bfdbb36b590dec13_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d39ae3b09ef2ee139705831bff3f9070d2590d59887a488bfdbb36b590dec13_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4f5e7e28f111429e2c9376ac5f42d717f13eea1c3a80357fe001a9caf5c25fba_amd64 as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4f5e7e28f111429e2c9376ac5f42d717f13eea1c3a80357fe001a9caf5c25fba_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4f5e7e28f111429e2c9376ac5f42d717f13eea1c3a80357fe001a9caf5c25fba_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:727908a49c6edf57609ac8a75d5aab182a79530e88819ea8a1df8a9610826c02_arm64 as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:727908a49c6edf57609ac8a75d5aab182a79530e88819ea8a1df8a9610826c02_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:727908a49c6edf57609ac8a75d5aab182a79530e88819ea8a1df8a9610826c02_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:284458d236e45ffa8a865917bf6253764dbe0f6602173ba3f6733b0a40c5a741_amd64 as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:284458d236e45ffa8a865917bf6253764dbe0f6602173ba3f6733b0a40c5a741_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:284458d236e45ffa8a865917bf6253764dbe0f6602173ba3f6733b0a40c5a741_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2b6f5aa276fe5848c6f377c51be574045b04ea784374bcb54e496f2a297f02b0_arm64 as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2b6f5aa276fe5848c6f377c51be574045b04ea784374bcb54e496f2a297f02b0_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2b6f5aa276fe5848c6f377c51be574045b04ea784374bcb54e496f2a297f02b0_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5b95c5cfc63958a16f3b30a42f16b9ff26b2f2c9f8e3c539fcec75b721edfb88_ppc64le as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5b95c5cfc63958a16f3b30a42f16b9ff26b2f2c9f8e3c539fcec75b721edfb88_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5b95c5cfc63958a16f3b30a42f16b9ff26b2f2c9f8e3c539fcec75b721edfb88_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c592a7d2b6b5997972ed7a2deda29c5e9bb03c2b28e42d1f6f57ae1639629c11_s390x as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c592a7d2b6b5997972ed7a2deda29c5e9bb03c2b28e42d1f6f57ae1639629c11_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c592a7d2b6b5997972ed7a2deda29c5e9bb03c2b28e42d1f6f57ae1639629c11_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:193b36cc5bc389b68c6e8080e1d47c3860aab22f7a4ee262c90b864967e23a97_arm64 as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:193b36cc5bc389b68c6e8080e1d47c3860aab22f7a4ee262c90b864967e23a97_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:193b36cc5bc389b68c6e8080e1d47c3860aab22f7a4ee262c90b864967e23a97_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:31e020f606b687b82712fe32823a392ed1abcc9563845ea81fbfce616b99e6b1_amd64 as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:31e020f606b687b82712fe32823a392ed1abcc9563845ea81fbfce616b99e6b1_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:31e020f606b687b82712fe32823a392ed1abcc9563845ea81fbfce616b99e6b1_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7e688abcea40cae3f552b2dc5abf0da092e8a0d7a3f04f3cb5d15c5b4fb1a1f2_ppc64le as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7e688abcea40cae3f552b2dc5abf0da092e8a0d7a3f04f3cb5d15c5b4fb1a1f2_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7e688abcea40cae3f552b2dc5abf0da092e8a0d7a3f04f3cb5d15c5b4fb1a1f2_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:8111afc971379ee93fef9ebddfccf75102309c134d25f9d6d3de46f59e809001_s390x as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:8111afc971379ee93fef9ebddfccf75102309c134d25f9d6d3de46f59e809001_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:8111afc971379ee93fef9ebddfccf75102309c134d25f9d6d3de46f59e809001_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:3e210dcd0cab9c18bc0629a3a20b27e75bc09c09decbfcc9f6ab69f7c29670e1_arm64 as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:3e210dcd0cab9c18bc0629a3a20b27e75bc09c09decbfcc9f6ab69f7c29670e1_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:3e210dcd0cab9c18bc0629a3a20b27e75bc09c09decbfcc9f6ab69f7c29670e1_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:9d1e9ff2ab9a3f84328cdbe49d4263d34e9ef1ef14d689a32d87534d7631cb0d_ppc64le as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:9d1e9ff2ab9a3f84328cdbe49d4263d34e9ef1ef14d689a32d87534d7631cb0d_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:9d1e9ff2ab9a3f84328cdbe49d4263d34e9ef1ef14d689a32d87534d7631cb0d_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a2904680a45ff398adce27c1cbc539bf08e7f53aa64fadf0d6db74f1296421ad_s390x as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a2904680a45ff398adce27c1cbc539bf08e7f53aa64fadf0d6db74f1296421ad_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a2904680a45ff398adce27c1cbc539bf08e7f53aa64fadf0d6db74f1296421ad_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:f62ae2005f3c153975695253d786a00a1a5827b92f96328a0be425fdd4125e69_amd64 as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:f62ae2005f3c153975695253d786a00a1a5827b92f96328a0be425fdd4125e69_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:f62ae2005f3c153975695253d786a00a1a5827b92f96328a0be425fdd4125e69_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:3f1d2206dea7630015fac80f8b8c6f7a6a1e1c17e477d1d54db4690b4453e6a0_s390x as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:3f1d2206dea7630015fac80f8b8c6f7a6a1e1c17e477d1d54db4690b4453e6a0_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:3f1d2206dea7630015fac80f8b8c6f7a6a1e1c17e477d1d54db4690b4453e6a0_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6015e887371eed1bd162363ebd16ca4f20bd8077df166b455685579e808a9292_ppc64le as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6015e887371eed1bd162363ebd16ca4f20bd8077df166b455685579e808a9292_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6015e887371eed1bd162363ebd16ca4f20bd8077df166b455685579e808a9292_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:87953048140227569e7028187ed92cc0960bbc055d62a6755c5a1fdcf10510ec_amd64 as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:87953048140227569e7028187ed92cc0960bbc055d62a6755c5a1fdcf10510ec_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:87953048140227569e7028187ed92cc0960bbc055d62a6755c5a1fdcf10510ec_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:dfb94112b66ce7fe56a642371749bf87e979b0136652328b124cc384818ef6c3_arm64 as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:dfb94112b66ce7fe56a642371749bf87e979b0136652328b124cc384818ef6c3_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:dfb94112b66ce7fe56a642371749bf87e979b0136652328b124cc384818ef6c3_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:615f4ab167e82d54f5cd9bea15e0673293ec42bf19cfa0ccc15eb1d20b7db18a_amd64 as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:615f4ab167e82d54f5cd9bea15e0673293ec42bf19cfa0ccc15eb1d20b7db18a_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:615f4ab167e82d54f5cd9bea15e0673293ec42bf19cfa0ccc15eb1d20b7db18a_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:56140955dffe7c205dc944835637f83f04c5a82ba6f192dcfb034aa9cf800f8f_arm64 as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:56140955dffe7c205dc944835637f83f04c5a82ba6f192dcfb034aa9cf800f8f_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:56140955dffe7c205dc944835637f83f04c5a82ba6f192dcfb034aa9cf800f8f_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:62b18afbdedf572866fd0dca6aa9e2426608d0b1cf011acef9f9044f4fbe4711_ppc64le as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:62b18afbdedf572866fd0dca6aa9e2426608d0b1cf011acef9f9044f4fbe4711_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:62b18afbdedf572866fd0dca6aa9e2426608d0b1cf011acef9f9044f4fbe4711_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:74b244e23b80d7996138a01814de1cb9d679ce7ed4156b5521fd76efc1bb5db5_s390x as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:74b244e23b80d7996138a01814de1cb9d679ce7ed4156b5521fd76efc1bb5db5_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:74b244e23b80d7996138a01814de1cb9d679ce7ed4156b5521fd76efc1bb5db5_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:cf5b5c9c6ba78281d0080d426f71c5b7b3e2b46db3644d153862268c0b4bf538_amd64 as a component of Red Hat OpenShift Service Mesh 3.2",
"product_id": "Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:cf5b5c9c6ba78281d0080d426f71c5b7b3e2b46db3644d153862268c0b4bf538_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:cf5b5c9c6ba78281d0080d426f71c5b7b3e2b46db3644d153862268c0b4bf538_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-25679",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2026-03-06T22:02:11.567841+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:284458d236e45ffa8a865917bf6253764dbe0f6602173ba3f6733b0a40c5a741_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2b6f5aa276fe5848c6f377c51be574045b04ea784374bcb54e496f2a297f02b0_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5b95c5cfc63958a16f3b30a42f16b9ff26b2f2c9f8e3c539fcec75b721edfb88_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c592a7d2b6b5997972ed7a2deda29c5e9bb03c2b28e42d1f6f57ae1639629c11_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:615f4ab167e82d54f5cd9bea15e0673293ec42bf19cfa0ccc15eb1d20b7db18a_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:56140955dffe7c205dc944835637f83f04c5a82ba6f192dcfb034aa9cf800f8f_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:62b18afbdedf572866fd0dca6aa9e2426608d0b1cf011acef9f9044f4fbe4711_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:74b244e23b80d7996138a01814de1cb9d679ce7ed4156b5521fd76efc1bb5db5_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:cf5b5c9c6ba78281d0080d426f71c5b7b3e2b46db3644d153862268c0b4bf538_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445356"
}
],
"notes": [
{
"category": "description",
"text": "The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/url: Incorrect parsing of IPv6 host literals in net/url",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1aa2834ce676ef21f5a67e3144fe62677d9bf7b57a9401d74fab7cf569da9911_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d39ae3b09ef2ee139705831bff3f9070d2590d59887a488bfdbb36b590dec13_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4f5e7e28f111429e2c9376ac5f42d717f13eea1c3a80357fe001a9caf5c25fba_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:727908a49c6edf57609ac8a75d5aab182a79530e88819ea8a1df8a9610826c02_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:193b36cc5bc389b68c6e8080e1d47c3860aab22f7a4ee262c90b864967e23a97_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:31e020f606b687b82712fe32823a392ed1abcc9563845ea81fbfce616b99e6b1_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7e688abcea40cae3f552b2dc5abf0da092e8a0d7a3f04f3cb5d15c5b4fb1a1f2_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:8111afc971379ee93fef9ebddfccf75102309c134d25f9d6d3de46f59e809001_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:3e210dcd0cab9c18bc0629a3a20b27e75bc09c09decbfcc9f6ab69f7c29670e1_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:9d1e9ff2ab9a3f84328cdbe49d4263d34e9ef1ef14d689a32d87534d7631cb0d_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a2904680a45ff398adce27c1cbc539bf08e7f53aa64fadf0d6db74f1296421ad_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:f62ae2005f3c153975695253d786a00a1a5827b92f96328a0be425fdd4125e69_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:3f1d2206dea7630015fac80f8b8c6f7a6a1e1c17e477d1d54db4690b4453e6a0_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6015e887371eed1bd162363ebd16ca4f20bd8077df166b455685579e808a9292_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:87953048140227569e7028187ed92cc0960bbc055d62a6755c5a1fdcf10510ec_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:dfb94112b66ce7fe56a642371749bf87e979b0136652328b124cc384818ef6c3_arm64"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:284458d236e45ffa8a865917bf6253764dbe0f6602173ba3f6733b0a40c5a741_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2b6f5aa276fe5848c6f377c51be574045b04ea784374bcb54e496f2a297f02b0_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5b95c5cfc63958a16f3b30a42f16b9ff26b2f2c9f8e3c539fcec75b721edfb88_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c592a7d2b6b5997972ed7a2deda29c5e9bb03c2b28e42d1f6f57ae1639629c11_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:615f4ab167e82d54f5cd9bea15e0673293ec42bf19cfa0ccc15eb1d20b7db18a_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:56140955dffe7c205dc944835637f83f04c5a82ba6f192dcfb034aa9cf800f8f_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:62b18afbdedf572866fd0dca6aa9e2426608d0b1cf011acef9f9044f4fbe4711_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:74b244e23b80d7996138a01814de1cb9d679ce7ed4156b5521fd76efc1bb5db5_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:cf5b5c9c6ba78281d0080d426f71c5b7b3e2b46db3644d153862268c0b4bf538_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "RHBZ#2445356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445356"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25679",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://go.dev/cl/752180",
"url": "https://go.dev/cl/752180"
},
{
"category": "external",
"summary": "https://go.dev/issue/77578",
"url": "https://go.dev/issue/77578"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk",
"url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4601",
"url": "https://pkg.go.dev/vuln/GO-2026-4601"
}
],
"release_date": "2026-03-06T21:28:14.211000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-21T17:29:36+00:00",
"details": "See Red Hat OpenShift Service Mesh 3.2.4 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.2",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1aa2834ce676ef21f5a67e3144fe62677d9bf7b57a9401d74fab7cf569da9911_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d39ae3b09ef2ee139705831bff3f9070d2590d59887a488bfdbb36b590dec13_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4f5e7e28f111429e2c9376ac5f42d717f13eea1c3a80357fe001a9caf5c25fba_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:727908a49c6edf57609ac8a75d5aab182a79530e88819ea8a1df8a9610826c02_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:193b36cc5bc389b68c6e8080e1d47c3860aab22f7a4ee262c90b864967e23a97_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:31e020f606b687b82712fe32823a392ed1abcc9563845ea81fbfce616b99e6b1_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7e688abcea40cae3f552b2dc5abf0da092e8a0d7a3f04f3cb5d15c5b4fb1a1f2_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:8111afc971379ee93fef9ebddfccf75102309c134d25f9d6d3de46f59e809001_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:3e210dcd0cab9c18bc0629a3a20b27e75bc09c09decbfcc9f6ab69f7c29670e1_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:9d1e9ff2ab9a3f84328cdbe49d4263d34e9ef1ef14d689a32d87534d7631cb0d_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a2904680a45ff398adce27c1cbc539bf08e7f53aa64fadf0d6db74f1296421ad_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:f62ae2005f3c153975695253d786a00a1a5827b92f96328a0be425fdd4125e69_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:3f1d2206dea7630015fac80f8b8c6f7a6a1e1c17e477d1d54db4690b4453e6a0_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6015e887371eed1bd162363ebd16ca4f20bd8077df166b455685579e808a9292_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:87953048140227569e7028187ed92cc0960bbc055d62a6755c5a1fdcf10510ec_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:dfb94112b66ce7fe56a642371749bf87e979b0136652328b124cc384818ef6c3_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9453"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1aa2834ce676ef21f5a67e3144fe62677d9bf7b57a9401d74fab7cf569da9911_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d39ae3b09ef2ee139705831bff3f9070d2590d59887a488bfdbb36b590dec13_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4f5e7e28f111429e2c9376ac5f42d717f13eea1c3a80357fe001a9caf5c25fba_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:727908a49c6edf57609ac8a75d5aab182a79530e88819ea8a1df8a9610826c02_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:284458d236e45ffa8a865917bf6253764dbe0f6602173ba3f6733b0a40c5a741_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2b6f5aa276fe5848c6f377c51be574045b04ea784374bcb54e496f2a297f02b0_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5b95c5cfc63958a16f3b30a42f16b9ff26b2f2c9f8e3c539fcec75b721edfb88_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c592a7d2b6b5997972ed7a2deda29c5e9bb03c2b28e42d1f6f57ae1639629c11_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:193b36cc5bc389b68c6e8080e1d47c3860aab22f7a4ee262c90b864967e23a97_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:31e020f606b687b82712fe32823a392ed1abcc9563845ea81fbfce616b99e6b1_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7e688abcea40cae3f552b2dc5abf0da092e8a0d7a3f04f3cb5d15c5b4fb1a1f2_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:8111afc971379ee93fef9ebddfccf75102309c134d25f9d6d3de46f59e809001_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:3e210dcd0cab9c18bc0629a3a20b27e75bc09c09decbfcc9f6ab69f7c29670e1_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:9d1e9ff2ab9a3f84328cdbe49d4263d34e9ef1ef14d689a32d87534d7631cb0d_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a2904680a45ff398adce27c1cbc539bf08e7f53aa64fadf0d6db74f1296421ad_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:f62ae2005f3c153975695253d786a00a1a5827b92f96328a0be425fdd4125e69_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:3f1d2206dea7630015fac80f8b8c6f7a6a1e1c17e477d1d54db4690b4453e6a0_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6015e887371eed1bd162363ebd16ca4f20bd8077df166b455685579e808a9292_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:87953048140227569e7028187ed92cc0960bbc055d62a6755c5a1fdcf10510ec_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:dfb94112b66ce7fe56a642371749bf87e979b0136652328b124cc384818ef6c3_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:615f4ab167e82d54f5cd9bea15e0673293ec42bf19cfa0ccc15eb1d20b7db18a_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:56140955dffe7c205dc944835637f83f04c5a82ba6f192dcfb034aa9cf800f8f_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:62b18afbdedf572866fd0dca6aa9e2426608d0b1cf011acef9f9044f4fbe4711_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:74b244e23b80d7996138a01814de1cb9d679ce7ed4156b5521fd76efc1bb5db5_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:cf5b5c9c6ba78281d0080d426f71c5b7b3e2b46db3644d153862268c0b4bf538_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1aa2834ce676ef21f5a67e3144fe62677d9bf7b57a9401d74fab7cf569da9911_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d39ae3b09ef2ee139705831bff3f9070d2590d59887a488bfdbb36b590dec13_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4f5e7e28f111429e2c9376ac5f42d717f13eea1c3a80357fe001a9caf5c25fba_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:727908a49c6edf57609ac8a75d5aab182a79530e88819ea8a1df8a9610826c02_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:284458d236e45ffa8a865917bf6253764dbe0f6602173ba3f6733b0a40c5a741_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2b6f5aa276fe5848c6f377c51be574045b04ea784374bcb54e496f2a297f02b0_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5b95c5cfc63958a16f3b30a42f16b9ff26b2f2c9f8e3c539fcec75b721edfb88_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c592a7d2b6b5997972ed7a2deda29c5e9bb03c2b28e42d1f6f57ae1639629c11_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:193b36cc5bc389b68c6e8080e1d47c3860aab22f7a4ee262c90b864967e23a97_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:31e020f606b687b82712fe32823a392ed1abcc9563845ea81fbfce616b99e6b1_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7e688abcea40cae3f552b2dc5abf0da092e8a0d7a3f04f3cb5d15c5b4fb1a1f2_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:8111afc971379ee93fef9ebddfccf75102309c134d25f9d6d3de46f59e809001_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:3e210dcd0cab9c18bc0629a3a20b27e75bc09c09decbfcc9f6ab69f7c29670e1_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:9d1e9ff2ab9a3f84328cdbe49d4263d34e9ef1ef14d689a32d87534d7631cb0d_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a2904680a45ff398adce27c1cbc539bf08e7f53aa64fadf0d6db74f1296421ad_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:f62ae2005f3c153975695253d786a00a1a5827b92f96328a0be425fdd4125e69_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:3f1d2206dea7630015fac80f8b8c6f7a6a1e1c17e477d1d54db4690b4453e6a0_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6015e887371eed1bd162363ebd16ca4f20bd8077df166b455685579e808a9292_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:87953048140227569e7028187ed92cc0960bbc055d62a6755c5a1fdcf10510ec_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:dfb94112b66ce7fe56a642371749bf87e979b0136652328b124cc384818ef6c3_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:615f4ab167e82d54f5cd9bea15e0673293ec42bf19cfa0ccc15eb1d20b7db18a_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:56140955dffe7c205dc944835637f83f04c5a82ba6f192dcfb034aa9cf800f8f_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:62b18afbdedf572866fd0dca6aa9e2426608d0b1cf011acef9f9044f4fbe4711_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:74b244e23b80d7996138a01814de1cb9d679ce7ed4156b5521fd76efc1bb5db5_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:cf5b5c9c6ba78281d0080d426f71c5b7b3e2b46db3644d153862268c0b4bf538_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/url: Incorrect parsing of IPv6 host literals in net/url"
},
{
"cve": "CVE-2026-33186",
"cwe": {
"id": "CWE-551",
"name": "Incorrect Behavior Order: Authorization Before Parsing and Canonicalization"
},
"discovery_date": "2026-03-20T23:02:27.802640+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1aa2834ce676ef21f5a67e3144fe62677d9bf7b57a9401d74fab7cf569da9911_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d39ae3b09ef2ee139705831bff3f9070d2590d59887a488bfdbb36b590dec13_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4f5e7e28f111429e2c9376ac5f42d717f13eea1c3a80357fe001a9caf5c25fba_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:727908a49c6edf57609ac8a75d5aab182a79530e88819ea8a1df8a9610826c02_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:284458d236e45ffa8a865917bf6253764dbe0f6602173ba3f6733b0a40c5a741_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2b6f5aa276fe5848c6f377c51be574045b04ea784374bcb54e496f2a297f02b0_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5b95c5cfc63958a16f3b30a42f16b9ff26b2f2c9f8e3c539fcec75b721edfb88_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c592a7d2b6b5997972ed7a2deda29c5e9bb03c2b28e42d1f6f57ae1639629c11_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:193b36cc5bc389b68c6e8080e1d47c3860aab22f7a4ee262c90b864967e23a97_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:31e020f606b687b82712fe32823a392ed1abcc9563845ea81fbfce616b99e6b1_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7e688abcea40cae3f552b2dc5abf0da092e8a0d7a3f04f3cb5d15c5b4fb1a1f2_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:8111afc971379ee93fef9ebddfccf75102309c134d25f9d6d3de46f59e809001_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:3f1d2206dea7630015fac80f8b8c6f7a6a1e1c17e477d1d54db4690b4453e6a0_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6015e887371eed1bd162363ebd16ca4f20bd8077df166b455685579e808a9292_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:87953048140227569e7028187ed92cc0960bbc055d62a6755c5a1fdcf10510ec_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:dfb94112b66ce7fe56a642371749bf87e979b0136652328b124cc384818ef6c3_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:615f4ab167e82d54f5cd9bea15e0673293ec42bf19cfa0ccc15eb1d20b7db18a_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:56140955dffe7c205dc944835637f83f04c5a82ba6f192dcfb034aa9cf800f8f_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:62b18afbdedf572866fd0dca6aa9e2426608d0b1cf011acef9f9044f4fbe4711_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:74b244e23b80d7996138a01814de1cb9d679ce7ed4156b5521fd76efc1bb5db5_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:cf5b5c9c6ba78281d0080d426f71c5b7b3e2b46db3644d153862268c0b4bf538_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2449833"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 `:path` pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed `:path` that omits the mandatory leading slash. This allows the attacker to bypass defined security policies, potentially leading to unauthorized access to services or information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:3e210dcd0cab9c18bc0629a3a20b27e75bc09c09decbfcc9f6ab69f7c29670e1_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:9d1e9ff2ab9a3f84328cdbe49d4263d34e9ef1ef14d689a32d87534d7631cb0d_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a2904680a45ff398adce27c1cbc539bf08e7f53aa64fadf0d6db74f1296421ad_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:f62ae2005f3c153975695253d786a00a1a5827b92f96328a0be425fdd4125e69_amd64"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1aa2834ce676ef21f5a67e3144fe62677d9bf7b57a9401d74fab7cf569da9911_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d39ae3b09ef2ee139705831bff3f9070d2590d59887a488bfdbb36b590dec13_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4f5e7e28f111429e2c9376ac5f42d717f13eea1c3a80357fe001a9caf5c25fba_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:727908a49c6edf57609ac8a75d5aab182a79530e88819ea8a1df8a9610826c02_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:284458d236e45ffa8a865917bf6253764dbe0f6602173ba3f6733b0a40c5a741_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2b6f5aa276fe5848c6f377c51be574045b04ea784374bcb54e496f2a297f02b0_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5b95c5cfc63958a16f3b30a42f16b9ff26b2f2c9f8e3c539fcec75b721edfb88_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c592a7d2b6b5997972ed7a2deda29c5e9bb03c2b28e42d1f6f57ae1639629c11_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:193b36cc5bc389b68c6e8080e1d47c3860aab22f7a4ee262c90b864967e23a97_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:31e020f606b687b82712fe32823a392ed1abcc9563845ea81fbfce616b99e6b1_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7e688abcea40cae3f552b2dc5abf0da092e8a0d7a3f04f3cb5d15c5b4fb1a1f2_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:8111afc971379ee93fef9ebddfccf75102309c134d25f9d6d3de46f59e809001_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:3f1d2206dea7630015fac80f8b8c6f7a6a1e1c17e477d1d54db4690b4453e6a0_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6015e887371eed1bd162363ebd16ca4f20bd8077df166b455685579e808a9292_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:87953048140227569e7028187ed92cc0960bbc055d62a6755c5a1fdcf10510ec_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:dfb94112b66ce7fe56a642371749bf87e979b0136652328b124cc384818ef6c3_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:615f4ab167e82d54f5cd9bea15e0673293ec42bf19cfa0ccc15eb1d20b7db18a_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:56140955dffe7c205dc944835637f83f04c5a82ba6f192dcfb034aa9cf800f8f_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:62b18afbdedf572866fd0dca6aa9e2426608d0b1cf011acef9f9044f4fbe4711_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:74b244e23b80d7996138a01814de1cb9d679ce7ed4156b5521fd76efc1bb5db5_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:cf5b5c9c6ba78281d0080d426f71c5b7b3e2b46db3644d153862268c0b4bf538_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33186"
},
{
"category": "external",
"summary": "RHBZ#2449833",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449833"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33186",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33186"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
},
{
"category": "external",
"summary": "https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3",
"url": "https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3"
}
],
"release_date": "2026-03-20T22:23:32.147000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-21T17:29:36+00:00",
"details": "See Red Hat OpenShift Service Mesh 3.2.4 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.2",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:3e210dcd0cab9c18bc0629a3a20b27e75bc09c09decbfcc9f6ab69f7c29670e1_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:9d1e9ff2ab9a3f84328cdbe49d4263d34e9ef1ef14d689a32d87534d7631cb0d_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a2904680a45ff398adce27c1cbc539bf08e7f53aa64fadf0d6db74f1296421ad_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:f62ae2005f3c153975695253d786a00a1a5827b92f96328a0be425fdd4125e69_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9453"
},
{
"category": "workaround",
"details": "To mitigate this issue, implement infrastructure-level normalization to ensure all incoming HTTP/2 `:path` headers are properly formatted with a leading slash before reaching the gRPC-Go server. This can be achieved by configuring a reverse proxy or API gateway to validate and normalize the `:path` header. Ensure that any such intermediary is properly configured and restarted to apply the changes, which may temporarily impact service availability.",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1aa2834ce676ef21f5a67e3144fe62677d9bf7b57a9401d74fab7cf569da9911_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d39ae3b09ef2ee139705831bff3f9070d2590d59887a488bfdbb36b590dec13_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4f5e7e28f111429e2c9376ac5f42d717f13eea1c3a80357fe001a9caf5c25fba_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:727908a49c6edf57609ac8a75d5aab182a79530e88819ea8a1df8a9610826c02_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:284458d236e45ffa8a865917bf6253764dbe0f6602173ba3f6733b0a40c5a741_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2b6f5aa276fe5848c6f377c51be574045b04ea784374bcb54e496f2a297f02b0_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5b95c5cfc63958a16f3b30a42f16b9ff26b2f2c9f8e3c539fcec75b721edfb88_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c592a7d2b6b5997972ed7a2deda29c5e9bb03c2b28e42d1f6f57ae1639629c11_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:193b36cc5bc389b68c6e8080e1d47c3860aab22f7a4ee262c90b864967e23a97_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:31e020f606b687b82712fe32823a392ed1abcc9563845ea81fbfce616b99e6b1_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7e688abcea40cae3f552b2dc5abf0da092e8a0d7a3f04f3cb5d15c5b4fb1a1f2_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:8111afc971379ee93fef9ebddfccf75102309c134d25f9d6d3de46f59e809001_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:3e210dcd0cab9c18bc0629a3a20b27e75bc09c09decbfcc9f6ab69f7c29670e1_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:9d1e9ff2ab9a3f84328cdbe49d4263d34e9ef1ef14d689a32d87534d7631cb0d_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a2904680a45ff398adce27c1cbc539bf08e7f53aa64fadf0d6db74f1296421ad_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:f62ae2005f3c153975695253d786a00a1a5827b92f96328a0be425fdd4125e69_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:3f1d2206dea7630015fac80f8b8c6f7a6a1e1c17e477d1d54db4690b4453e6a0_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6015e887371eed1bd162363ebd16ca4f20bd8077df166b455685579e808a9292_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:87953048140227569e7028187ed92cc0960bbc055d62a6755c5a1fdcf10510ec_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:dfb94112b66ce7fe56a642371749bf87e979b0136652328b124cc384818ef6c3_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:615f4ab167e82d54f5cd9bea15e0673293ec42bf19cfa0ccc15eb1d20b7db18a_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:56140955dffe7c205dc944835637f83f04c5a82ba6f192dcfb034aa9cf800f8f_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:62b18afbdedf572866fd0dca6aa9e2426608d0b1cf011acef9f9044f4fbe4711_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:74b244e23b80d7996138a01814de1cb9d679ce7ed4156b5521fd76efc1bb5db5_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:cf5b5c9c6ba78281d0080d426f71c5b7b3e2b46db3644d153862268c0b4bf538_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1aa2834ce676ef21f5a67e3144fe62677d9bf7b57a9401d74fab7cf569da9911_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d39ae3b09ef2ee139705831bff3f9070d2590d59887a488bfdbb36b590dec13_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4f5e7e28f111429e2c9376ac5f42d717f13eea1c3a80357fe001a9caf5c25fba_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:727908a49c6edf57609ac8a75d5aab182a79530e88819ea8a1df8a9610826c02_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:284458d236e45ffa8a865917bf6253764dbe0f6602173ba3f6733b0a40c5a741_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2b6f5aa276fe5848c6f377c51be574045b04ea784374bcb54e496f2a297f02b0_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5b95c5cfc63958a16f3b30a42f16b9ff26b2f2c9f8e3c539fcec75b721edfb88_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c592a7d2b6b5997972ed7a2deda29c5e9bb03c2b28e42d1f6f57ae1639629c11_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:193b36cc5bc389b68c6e8080e1d47c3860aab22f7a4ee262c90b864967e23a97_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:31e020f606b687b82712fe32823a392ed1abcc9563845ea81fbfce616b99e6b1_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7e688abcea40cae3f552b2dc5abf0da092e8a0d7a3f04f3cb5d15c5b4fb1a1f2_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:8111afc971379ee93fef9ebddfccf75102309c134d25f9d6d3de46f59e809001_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:3e210dcd0cab9c18bc0629a3a20b27e75bc09c09decbfcc9f6ab69f7c29670e1_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:9d1e9ff2ab9a3f84328cdbe49d4263d34e9ef1ef14d689a32d87534d7631cb0d_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a2904680a45ff398adce27c1cbc539bf08e7f53aa64fadf0d6db74f1296421ad_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:f62ae2005f3c153975695253d786a00a1a5827b92f96328a0be425fdd4125e69_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:3f1d2206dea7630015fac80f8b8c6f7a6a1e1c17e477d1d54db4690b4453e6a0_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6015e887371eed1bd162363ebd16ca4f20bd8077df166b455685579e808a9292_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:87953048140227569e7028187ed92cc0960bbc055d62a6755c5a1fdcf10510ec_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:dfb94112b66ce7fe56a642371749bf87e979b0136652328b124cc384818ef6c3_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:615f4ab167e82d54f5cd9bea15e0673293ec42bf19cfa0ccc15eb1d20b7db18a_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:56140955dffe7c205dc944835637f83f04c5a82ba6f192dcfb034aa9cf800f8f_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:62b18afbdedf572866fd0dca6aa9e2426608d0b1cf011acef9f9044f4fbe4711_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:74b244e23b80d7996138a01814de1cb9d679ce7ed4156b5521fd76efc1bb5db5_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:cf5b5c9c6ba78281d0080d426f71c5b7b3e2b46db3644d153862268c0b4bf538_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation"
},
{
"cve": "CVE-2026-33747",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2026-03-27T02:01:29.921765+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1aa2834ce676ef21f5a67e3144fe62677d9bf7b57a9401d74fab7cf569da9911_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d39ae3b09ef2ee139705831bff3f9070d2590d59887a488bfdbb36b590dec13_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4f5e7e28f111429e2c9376ac5f42d717f13eea1c3a80357fe001a9caf5c25fba_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:727908a49c6edf57609ac8a75d5aab182a79530e88819ea8a1df8a9610826c02_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:284458d236e45ffa8a865917bf6253764dbe0f6602173ba3f6733b0a40c5a741_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2b6f5aa276fe5848c6f377c51be574045b04ea784374bcb54e496f2a297f02b0_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5b95c5cfc63958a16f3b30a42f16b9ff26b2f2c9f8e3c539fcec75b721edfb88_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c592a7d2b6b5997972ed7a2deda29c5e9bb03c2b28e42d1f6f57ae1639629c11_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:193b36cc5bc389b68c6e8080e1d47c3860aab22f7a4ee262c90b864967e23a97_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:31e020f606b687b82712fe32823a392ed1abcc9563845ea81fbfce616b99e6b1_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7e688abcea40cae3f552b2dc5abf0da092e8a0d7a3f04f3cb5d15c5b4fb1a1f2_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:8111afc971379ee93fef9ebddfccf75102309c134d25f9d6d3de46f59e809001_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:3f1d2206dea7630015fac80f8b8c6f7a6a1e1c17e477d1d54db4690b4453e6a0_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6015e887371eed1bd162363ebd16ca4f20bd8077df166b455685579e808a9292_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:87953048140227569e7028187ed92cc0960bbc055d62a6755c5a1fdcf10510ec_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:dfb94112b66ce7fe56a642371749bf87e979b0136652328b124cc384818ef6c3_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:615f4ab167e82d54f5cd9bea15e0673293ec42bf19cfa0ccc15eb1d20b7db18a_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:56140955dffe7c205dc944835637f83f04c5a82ba6f192dcfb034aa9cf800f8f_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:62b18afbdedf572866fd0dca6aa9e2426608d0b1cf011acef9f9044f4fbe4711_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:74b244e23b80d7996138a01814de1cb9d679ce7ed4156b5521fd76efc1bb5db5_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:cf5b5c9c6ba78281d0080d426f71c5b7b3e2b46db3644d153862268c0b4bf538_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2452076"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in BuildKit, a toolkit for converting source code to build artifacts. An untrusted BuildKit frontend can be leveraged to craft a malicious API message, allowing files to be written outside of the designated BuildKit state directory. This vulnerability, which is a form of arbitrary file write, could enable an attacker to execute unauthorized code or escalate their privileges on the system. This issue arises when custom BuildKit frontends are used with specific configuration options.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "BuildKit: github.com/moby/buildkit: BuildKit: Arbitrary file write and code execution via untrusted frontend",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:3e210dcd0cab9c18bc0629a3a20b27e75bc09c09decbfcc9f6ab69f7c29670e1_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:9d1e9ff2ab9a3f84328cdbe49d4263d34e9ef1ef14d689a32d87534d7631cb0d_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a2904680a45ff398adce27c1cbc539bf08e7f53aa64fadf0d6db74f1296421ad_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:f62ae2005f3c153975695253d786a00a1a5827b92f96328a0be425fdd4125e69_amd64"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1aa2834ce676ef21f5a67e3144fe62677d9bf7b57a9401d74fab7cf569da9911_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d39ae3b09ef2ee139705831bff3f9070d2590d59887a488bfdbb36b590dec13_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4f5e7e28f111429e2c9376ac5f42d717f13eea1c3a80357fe001a9caf5c25fba_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:727908a49c6edf57609ac8a75d5aab182a79530e88819ea8a1df8a9610826c02_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:284458d236e45ffa8a865917bf6253764dbe0f6602173ba3f6733b0a40c5a741_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2b6f5aa276fe5848c6f377c51be574045b04ea784374bcb54e496f2a297f02b0_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5b95c5cfc63958a16f3b30a42f16b9ff26b2f2c9f8e3c539fcec75b721edfb88_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c592a7d2b6b5997972ed7a2deda29c5e9bb03c2b28e42d1f6f57ae1639629c11_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:193b36cc5bc389b68c6e8080e1d47c3860aab22f7a4ee262c90b864967e23a97_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:31e020f606b687b82712fe32823a392ed1abcc9563845ea81fbfce616b99e6b1_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7e688abcea40cae3f552b2dc5abf0da092e8a0d7a3f04f3cb5d15c5b4fb1a1f2_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:8111afc971379ee93fef9ebddfccf75102309c134d25f9d6d3de46f59e809001_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:3f1d2206dea7630015fac80f8b8c6f7a6a1e1c17e477d1d54db4690b4453e6a0_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6015e887371eed1bd162363ebd16ca4f20bd8077df166b455685579e808a9292_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:87953048140227569e7028187ed92cc0960bbc055d62a6755c5a1fdcf10510ec_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:dfb94112b66ce7fe56a642371749bf87e979b0136652328b124cc384818ef6c3_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:615f4ab167e82d54f5cd9bea15e0673293ec42bf19cfa0ccc15eb1d20b7db18a_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:56140955dffe7c205dc944835637f83f04c5a82ba6f192dcfb034aa9cf800f8f_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:62b18afbdedf572866fd0dca6aa9e2426608d0b1cf011acef9f9044f4fbe4711_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:74b244e23b80d7996138a01814de1cb9d679ce7ed4156b5521fd76efc1bb5db5_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:cf5b5c9c6ba78281d0080d426f71c5b7b3e2b46db3644d153862268c0b4bf538_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33747"
},
{
"category": "external",
"summary": "RHBZ#2452076",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452076"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33747",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33747"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33747",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33747"
},
{
"category": "external",
"summary": "https://github.com/moby/buildkit/releases/tag/v0.28.1",
"url": "https://github.com/moby/buildkit/releases/tag/v0.28.1"
},
{
"category": "external",
"summary": "https://github.com/moby/buildkit/security/advisories/GHSA-4c29-8rgm-jvjj",
"url": "https://github.com/moby/buildkit/security/advisories/GHSA-4c29-8rgm-jvjj"
}
],
"release_date": "2026-03-27T00:49:06.165000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-21T17:29:36+00:00",
"details": "See Red Hat OpenShift Service Mesh 3.2.4 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.2",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:3e210dcd0cab9c18bc0629a3a20b27e75bc09c09decbfcc9f6ab69f7c29670e1_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:9d1e9ff2ab9a3f84328cdbe49d4263d34e9ef1ef14d689a32d87534d7631cb0d_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a2904680a45ff398adce27c1cbc539bf08e7f53aa64fadf0d6db74f1296421ad_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:f62ae2005f3c153975695253d786a00a1a5827b92f96328a0be425fdd4125e69_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9453"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, avoid using untrusted BuildKit frontends. Restrict the use of custom BuildKit frontends to only those from verified and trusted sources. Do not specify untrusted frontends via `#syntax` or `--build-arg BUILDKIT_SYNTAX`.",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1aa2834ce676ef21f5a67e3144fe62677d9bf7b57a9401d74fab7cf569da9911_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d39ae3b09ef2ee139705831bff3f9070d2590d59887a488bfdbb36b590dec13_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4f5e7e28f111429e2c9376ac5f42d717f13eea1c3a80357fe001a9caf5c25fba_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:727908a49c6edf57609ac8a75d5aab182a79530e88819ea8a1df8a9610826c02_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:284458d236e45ffa8a865917bf6253764dbe0f6602173ba3f6733b0a40c5a741_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2b6f5aa276fe5848c6f377c51be574045b04ea784374bcb54e496f2a297f02b0_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5b95c5cfc63958a16f3b30a42f16b9ff26b2f2c9f8e3c539fcec75b721edfb88_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c592a7d2b6b5997972ed7a2deda29c5e9bb03c2b28e42d1f6f57ae1639629c11_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:193b36cc5bc389b68c6e8080e1d47c3860aab22f7a4ee262c90b864967e23a97_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:31e020f606b687b82712fe32823a392ed1abcc9563845ea81fbfce616b99e6b1_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7e688abcea40cae3f552b2dc5abf0da092e8a0d7a3f04f3cb5d15c5b4fb1a1f2_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:8111afc971379ee93fef9ebddfccf75102309c134d25f9d6d3de46f59e809001_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:3e210dcd0cab9c18bc0629a3a20b27e75bc09c09decbfcc9f6ab69f7c29670e1_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:9d1e9ff2ab9a3f84328cdbe49d4263d34e9ef1ef14d689a32d87534d7631cb0d_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a2904680a45ff398adce27c1cbc539bf08e7f53aa64fadf0d6db74f1296421ad_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:f62ae2005f3c153975695253d786a00a1a5827b92f96328a0be425fdd4125e69_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:3f1d2206dea7630015fac80f8b8c6f7a6a1e1c17e477d1d54db4690b4453e6a0_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6015e887371eed1bd162363ebd16ca4f20bd8077df166b455685579e808a9292_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:87953048140227569e7028187ed92cc0960bbc055d62a6755c5a1fdcf10510ec_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:dfb94112b66ce7fe56a642371749bf87e979b0136652328b124cc384818ef6c3_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:615f4ab167e82d54f5cd9bea15e0673293ec42bf19cfa0ccc15eb1d20b7db18a_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:56140955dffe7c205dc944835637f83f04c5a82ba6f192dcfb034aa9cf800f8f_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:62b18afbdedf572866fd0dca6aa9e2426608d0b1cf011acef9f9044f4fbe4711_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:74b244e23b80d7996138a01814de1cb9d679ce7ed4156b5521fd76efc1bb5db5_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:cf5b5c9c6ba78281d0080d426f71c5b7b3e2b46db3644d153862268c0b4bf538_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1aa2834ce676ef21f5a67e3144fe62677d9bf7b57a9401d74fab7cf569da9911_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d39ae3b09ef2ee139705831bff3f9070d2590d59887a488bfdbb36b590dec13_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4f5e7e28f111429e2c9376ac5f42d717f13eea1c3a80357fe001a9caf5c25fba_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:727908a49c6edf57609ac8a75d5aab182a79530e88819ea8a1df8a9610826c02_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:284458d236e45ffa8a865917bf6253764dbe0f6602173ba3f6733b0a40c5a741_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2b6f5aa276fe5848c6f377c51be574045b04ea784374bcb54e496f2a297f02b0_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5b95c5cfc63958a16f3b30a42f16b9ff26b2f2c9f8e3c539fcec75b721edfb88_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c592a7d2b6b5997972ed7a2deda29c5e9bb03c2b28e42d1f6f57ae1639629c11_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:193b36cc5bc389b68c6e8080e1d47c3860aab22f7a4ee262c90b864967e23a97_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:31e020f606b687b82712fe32823a392ed1abcc9563845ea81fbfce616b99e6b1_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7e688abcea40cae3f552b2dc5abf0da092e8a0d7a3f04f3cb5d15c5b4fb1a1f2_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:8111afc971379ee93fef9ebddfccf75102309c134d25f9d6d3de46f59e809001_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:3e210dcd0cab9c18bc0629a3a20b27e75bc09c09decbfcc9f6ab69f7c29670e1_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:9d1e9ff2ab9a3f84328cdbe49d4263d34e9ef1ef14d689a32d87534d7631cb0d_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a2904680a45ff398adce27c1cbc539bf08e7f53aa64fadf0d6db74f1296421ad_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:f62ae2005f3c153975695253d786a00a1a5827b92f96328a0be425fdd4125e69_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:3f1d2206dea7630015fac80f8b8c6f7a6a1e1c17e477d1d54db4690b4453e6a0_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6015e887371eed1bd162363ebd16ca4f20bd8077df166b455685579e808a9292_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:87953048140227569e7028187ed92cc0960bbc055d62a6755c5a1fdcf10510ec_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:dfb94112b66ce7fe56a642371749bf87e979b0136652328b124cc384818ef6c3_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:615f4ab167e82d54f5cd9bea15e0673293ec42bf19cfa0ccc15eb1d20b7db18a_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:56140955dffe7c205dc944835637f83f04c5a82ba6f192dcfb034aa9cf800f8f_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:62b18afbdedf572866fd0dca6aa9e2426608d0b1cf011acef9f9044f4fbe4711_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:74b244e23b80d7996138a01814de1cb9d679ce7ed4156b5521fd76efc1bb5db5_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:cf5b5c9c6ba78281d0080d426f71c5b7b3e2b46db3644d153862268c0b4bf538_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "BuildKit: github.com/moby/buildkit: BuildKit: Arbitrary file write and code execution via untrusted frontend"
},
{
"cve": "CVE-2026-33748",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2026-03-27T15:02:00.107493+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1aa2834ce676ef21f5a67e3144fe62677d9bf7b57a9401d74fab7cf569da9911_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d39ae3b09ef2ee139705831bff3f9070d2590d59887a488bfdbb36b590dec13_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4f5e7e28f111429e2c9376ac5f42d717f13eea1c3a80357fe001a9caf5c25fba_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:727908a49c6edf57609ac8a75d5aab182a79530e88819ea8a1df8a9610826c02_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:284458d236e45ffa8a865917bf6253764dbe0f6602173ba3f6733b0a40c5a741_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2b6f5aa276fe5848c6f377c51be574045b04ea784374bcb54e496f2a297f02b0_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5b95c5cfc63958a16f3b30a42f16b9ff26b2f2c9f8e3c539fcec75b721edfb88_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c592a7d2b6b5997972ed7a2deda29c5e9bb03c2b28e42d1f6f57ae1639629c11_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:193b36cc5bc389b68c6e8080e1d47c3860aab22f7a4ee262c90b864967e23a97_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:31e020f606b687b82712fe32823a392ed1abcc9563845ea81fbfce616b99e6b1_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7e688abcea40cae3f552b2dc5abf0da092e8a0d7a3f04f3cb5d15c5b4fb1a1f2_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:8111afc971379ee93fef9ebddfccf75102309c134d25f9d6d3de46f59e809001_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:3f1d2206dea7630015fac80f8b8c6f7a6a1e1c17e477d1d54db4690b4453e6a0_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6015e887371eed1bd162363ebd16ca4f20bd8077df166b455685579e808a9292_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:87953048140227569e7028187ed92cc0960bbc055d62a6755c5a1fdcf10510ec_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:dfb94112b66ce7fe56a642371749bf87e979b0136652328b124cc384818ef6c3_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:615f4ab167e82d54f5cd9bea15e0673293ec42bf19cfa0ccc15eb1d20b7db18a_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:56140955dffe7c205dc944835637f83f04c5a82ba6f192dcfb034aa9cf800f8f_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:62b18afbdedf572866fd0dca6aa9e2426608d0b1cf011acef9f9044f4fbe4711_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:74b244e23b80d7996138a01814de1cb9d679ce7ed4156b5521fd76efc1bb5db5_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:cf5b5c9c6ba78281d0080d426f71c5b7b3e2b46db3644d153862268c0b4bf538_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2452271"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in BuildKit. Insufficient validation of Git URL fragment subdirectory components may allow a remote attacker to access files outside the checked-out Git repository root. This access is limited to files on the same mounted filesystem. This vulnerability could lead to unauthorized information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/moby/buildkit: BuildKit: Unauthorized file access via Git URL fragment subdir components",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:3e210dcd0cab9c18bc0629a3a20b27e75bc09c09decbfcc9f6ab69f7c29670e1_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:9d1e9ff2ab9a3f84328cdbe49d4263d34e9ef1ef14d689a32d87534d7631cb0d_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a2904680a45ff398adce27c1cbc539bf08e7f53aa64fadf0d6db74f1296421ad_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:f62ae2005f3c153975695253d786a00a1a5827b92f96328a0be425fdd4125e69_amd64"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1aa2834ce676ef21f5a67e3144fe62677d9bf7b57a9401d74fab7cf569da9911_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d39ae3b09ef2ee139705831bff3f9070d2590d59887a488bfdbb36b590dec13_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4f5e7e28f111429e2c9376ac5f42d717f13eea1c3a80357fe001a9caf5c25fba_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:727908a49c6edf57609ac8a75d5aab182a79530e88819ea8a1df8a9610826c02_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:284458d236e45ffa8a865917bf6253764dbe0f6602173ba3f6733b0a40c5a741_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2b6f5aa276fe5848c6f377c51be574045b04ea784374bcb54e496f2a297f02b0_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5b95c5cfc63958a16f3b30a42f16b9ff26b2f2c9f8e3c539fcec75b721edfb88_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c592a7d2b6b5997972ed7a2deda29c5e9bb03c2b28e42d1f6f57ae1639629c11_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:193b36cc5bc389b68c6e8080e1d47c3860aab22f7a4ee262c90b864967e23a97_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:31e020f606b687b82712fe32823a392ed1abcc9563845ea81fbfce616b99e6b1_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7e688abcea40cae3f552b2dc5abf0da092e8a0d7a3f04f3cb5d15c5b4fb1a1f2_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:8111afc971379ee93fef9ebddfccf75102309c134d25f9d6d3de46f59e809001_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:3f1d2206dea7630015fac80f8b8c6f7a6a1e1c17e477d1d54db4690b4453e6a0_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6015e887371eed1bd162363ebd16ca4f20bd8077df166b455685579e808a9292_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:87953048140227569e7028187ed92cc0960bbc055d62a6755c5a1fdcf10510ec_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:dfb94112b66ce7fe56a642371749bf87e979b0136652328b124cc384818ef6c3_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:615f4ab167e82d54f5cd9bea15e0673293ec42bf19cfa0ccc15eb1d20b7db18a_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:56140955dffe7c205dc944835637f83f04c5a82ba6f192dcfb034aa9cf800f8f_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:62b18afbdedf572866fd0dca6aa9e2426608d0b1cf011acef9f9044f4fbe4711_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:74b244e23b80d7996138a01814de1cb9d679ce7ed4156b5521fd76efc1bb5db5_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:cf5b5c9c6ba78281d0080d426f71c5b7b3e2b46db3644d153862268c0b4bf538_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33748"
},
{
"category": "external",
"summary": "RHBZ#2452271",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452271"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33748",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33748"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33748",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33748"
},
{
"category": "external",
"summary": "https://docs.docker.com/build/concepts/context/#url-fragments",
"url": "https://docs.docker.com/build/concepts/context/#url-fragments"
},
{
"category": "external",
"summary": "https://github.com/moby/buildkit/releases/tag/v0.28.1",
"url": "https://github.com/moby/buildkit/releases/tag/v0.28.1"
},
{
"category": "external",
"summary": "https://github.com/moby/buildkit/security/advisories/GHSA-4vrq-3vrq-g6gg",
"url": "https://github.com/moby/buildkit/security/advisories/GHSA-4vrq-3vrq-g6gg"
}
],
"release_date": "2026-03-27T14:00:21.200000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-21T17:29:36+00:00",
"details": "See Red Hat OpenShift Service Mesh 3.2.4 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.2",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:3e210dcd0cab9c18bc0629a3a20b27e75bc09c09decbfcc9f6ab69f7c29670e1_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:9d1e9ff2ab9a3f84328cdbe49d4263d34e9ef1ef14d689a32d87534d7631cb0d_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a2904680a45ff398adce27c1cbc539bf08e7f53aa64fadf0d6db74f1296421ad_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:f62ae2005f3c153975695253d786a00a1a5827b92f96328a0be425fdd4125e69_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9453"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1aa2834ce676ef21f5a67e3144fe62677d9bf7b57a9401d74fab7cf569da9911_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d39ae3b09ef2ee139705831bff3f9070d2590d59887a488bfdbb36b590dec13_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4f5e7e28f111429e2c9376ac5f42d717f13eea1c3a80357fe001a9caf5c25fba_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:727908a49c6edf57609ac8a75d5aab182a79530e88819ea8a1df8a9610826c02_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:284458d236e45ffa8a865917bf6253764dbe0f6602173ba3f6733b0a40c5a741_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2b6f5aa276fe5848c6f377c51be574045b04ea784374bcb54e496f2a297f02b0_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5b95c5cfc63958a16f3b30a42f16b9ff26b2f2c9f8e3c539fcec75b721edfb88_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c592a7d2b6b5997972ed7a2deda29c5e9bb03c2b28e42d1f6f57ae1639629c11_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:193b36cc5bc389b68c6e8080e1d47c3860aab22f7a4ee262c90b864967e23a97_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:31e020f606b687b82712fe32823a392ed1abcc9563845ea81fbfce616b99e6b1_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7e688abcea40cae3f552b2dc5abf0da092e8a0d7a3f04f3cb5d15c5b4fb1a1f2_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:8111afc971379ee93fef9ebddfccf75102309c134d25f9d6d3de46f59e809001_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:3e210dcd0cab9c18bc0629a3a20b27e75bc09c09decbfcc9f6ab69f7c29670e1_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:9d1e9ff2ab9a3f84328cdbe49d4263d34e9ef1ef14d689a32d87534d7631cb0d_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a2904680a45ff398adce27c1cbc539bf08e7f53aa64fadf0d6db74f1296421ad_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:f62ae2005f3c153975695253d786a00a1a5827b92f96328a0be425fdd4125e69_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:3f1d2206dea7630015fac80f8b8c6f7a6a1e1c17e477d1d54db4690b4453e6a0_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6015e887371eed1bd162363ebd16ca4f20bd8077df166b455685579e808a9292_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:87953048140227569e7028187ed92cc0960bbc055d62a6755c5a1fdcf10510ec_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:dfb94112b66ce7fe56a642371749bf87e979b0136652328b124cc384818ef6c3_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:615f4ab167e82d54f5cd9bea15e0673293ec42bf19cfa0ccc15eb1d20b7db18a_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:56140955dffe7c205dc944835637f83f04c5a82ba6f192dcfb034aa9cf800f8f_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:62b18afbdedf572866fd0dca6aa9e2426608d0b1cf011acef9f9044f4fbe4711_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:74b244e23b80d7996138a01814de1cb9d679ce7ed4156b5521fd76efc1bb5db5_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:cf5b5c9c6ba78281d0080d426f71c5b7b3e2b46db3644d153862268c0b4bf538_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1aa2834ce676ef21f5a67e3144fe62677d9bf7b57a9401d74fab7cf569da9911_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d39ae3b09ef2ee139705831bff3f9070d2590d59887a488bfdbb36b590dec13_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4f5e7e28f111429e2c9376ac5f42d717f13eea1c3a80357fe001a9caf5c25fba_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:727908a49c6edf57609ac8a75d5aab182a79530e88819ea8a1df8a9610826c02_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:284458d236e45ffa8a865917bf6253764dbe0f6602173ba3f6733b0a40c5a741_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2b6f5aa276fe5848c6f377c51be574045b04ea784374bcb54e496f2a297f02b0_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5b95c5cfc63958a16f3b30a42f16b9ff26b2f2c9f8e3c539fcec75b721edfb88_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c592a7d2b6b5997972ed7a2deda29c5e9bb03c2b28e42d1f6f57ae1639629c11_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:193b36cc5bc389b68c6e8080e1d47c3860aab22f7a4ee262c90b864967e23a97_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:31e020f606b687b82712fe32823a392ed1abcc9563845ea81fbfce616b99e6b1_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7e688abcea40cae3f552b2dc5abf0da092e8a0d7a3f04f3cb5d15c5b4fb1a1f2_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:8111afc971379ee93fef9ebddfccf75102309c134d25f9d6d3de46f59e809001_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:3e210dcd0cab9c18bc0629a3a20b27e75bc09c09decbfcc9f6ab69f7c29670e1_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:9d1e9ff2ab9a3f84328cdbe49d4263d34e9ef1ef14d689a32d87534d7631cb0d_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a2904680a45ff398adce27c1cbc539bf08e7f53aa64fadf0d6db74f1296421ad_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:f62ae2005f3c153975695253d786a00a1a5827b92f96328a0be425fdd4125e69_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:3f1d2206dea7630015fac80f8b8c6f7a6a1e1c17e477d1d54db4690b4453e6a0_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6015e887371eed1bd162363ebd16ca4f20bd8077df166b455685579e808a9292_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:87953048140227569e7028187ed92cc0960bbc055d62a6755c5a1fdcf10510ec_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:dfb94112b66ce7fe56a642371749bf87e979b0136652328b124cc384818ef6c3_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:615f4ab167e82d54f5cd9bea15e0673293ec42bf19cfa0ccc15eb1d20b7db18a_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:56140955dffe7c205dc944835637f83f04c5a82ba6f192dcfb034aa9cf800f8f_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:62b18afbdedf572866fd0dca6aa9e2426608d0b1cf011acef9f9044f4fbe4711_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:74b244e23b80d7996138a01814de1cb9d679ce7ed4156b5521fd76efc1bb5db5_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:cf5b5c9c6ba78281d0080d426f71c5b7b3e2b46db3644d153862268c0b4bf538_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "github.com/moby/buildkit: BuildKit: Unauthorized file access via Git URL fragment subdir components"
},
{
"cve": "CVE-2026-34986",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"discovery_date": "2026-04-06T17:01:34.639203+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:284458d236e45ffa8a865917bf6253764dbe0f6602173ba3f6733b0a40c5a741_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2b6f5aa276fe5848c6f377c51be574045b04ea784374bcb54e496f2a297f02b0_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5b95c5cfc63958a16f3b30a42f16b9ff26b2f2c9f8e3c539fcec75b721edfb88_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c592a7d2b6b5997972ed7a2deda29c5e9bb03c2b28e42d1f6f57ae1639629c11_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:3e210dcd0cab9c18bc0629a3a20b27e75bc09c09decbfcc9f6ab69f7c29670e1_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:9d1e9ff2ab9a3f84328cdbe49d4263d34e9ef1ef14d689a32d87534d7631cb0d_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a2904680a45ff398adce27c1cbc539bf08e7f53aa64fadf0d6db74f1296421ad_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:f62ae2005f3c153975695253d786a00a1a5827b92f96328a0be425fdd4125e69_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:3f1d2206dea7630015fac80f8b8c6f7a6a1e1c17e477d1d54db4690b4453e6a0_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6015e887371eed1bd162363ebd16ca4f20bd8077df166b455685579e808a9292_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:87953048140227569e7028187ed92cc0960bbc055d62a6755c5a1fdcf10510ec_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:dfb94112b66ce7fe56a642371749bf87e979b0136652328b124cc384818ef6c3_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:615f4ab167e82d54f5cd9bea15e0673293ec42bf19cfa0ccc15eb1d20b7db18a_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:56140955dffe7c205dc944835637f83f04c5a82ba6f192dcfb034aa9cf800f8f_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:62b18afbdedf572866fd0dca6aa9e2426608d0b1cf011acef9f9044f4fbe4711_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:74b244e23b80d7996138a01814de1cb9d679ce7ed4156b5521fd76efc1bb5db5_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:cf5b5c9c6ba78281d0080d426f71c5b7b3e2b46db3644d153862268c0b4bf538_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2455470"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go JOSE, a library for handling JSON Web Encryption (JWE) objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the application can crash. This leads to a denial of service (DoS), making the affected service unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1aa2834ce676ef21f5a67e3144fe62677d9bf7b57a9401d74fab7cf569da9911_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d39ae3b09ef2ee139705831bff3f9070d2590d59887a488bfdbb36b590dec13_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4f5e7e28f111429e2c9376ac5f42d717f13eea1c3a80357fe001a9caf5c25fba_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:727908a49c6edf57609ac8a75d5aab182a79530e88819ea8a1df8a9610826c02_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:193b36cc5bc389b68c6e8080e1d47c3860aab22f7a4ee262c90b864967e23a97_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:31e020f606b687b82712fe32823a392ed1abcc9563845ea81fbfce616b99e6b1_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7e688abcea40cae3f552b2dc5abf0da092e8a0d7a3f04f3cb5d15c5b4fb1a1f2_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:8111afc971379ee93fef9ebddfccf75102309c134d25f9d6d3de46f59e809001_s390x"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:284458d236e45ffa8a865917bf6253764dbe0f6602173ba3f6733b0a40c5a741_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2b6f5aa276fe5848c6f377c51be574045b04ea784374bcb54e496f2a297f02b0_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5b95c5cfc63958a16f3b30a42f16b9ff26b2f2c9f8e3c539fcec75b721edfb88_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c592a7d2b6b5997972ed7a2deda29c5e9bb03c2b28e42d1f6f57ae1639629c11_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:3e210dcd0cab9c18bc0629a3a20b27e75bc09c09decbfcc9f6ab69f7c29670e1_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:9d1e9ff2ab9a3f84328cdbe49d4263d34e9ef1ef14d689a32d87534d7631cb0d_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a2904680a45ff398adce27c1cbc539bf08e7f53aa64fadf0d6db74f1296421ad_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:f62ae2005f3c153975695253d786a00a1a5827b92f96328a0be425fdd4125e69_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:3f1d2206dea7630015fac80f8b8c6f7a6a1e1c17e477d1d54db4690b4453e6a0_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6015e887371eed1bd162363ebd16ca4f20bd8077df166b455685579e808a9292_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:87953048140227569e7028187ed92cc0960bbc055d62a6755c5a1fdcf10510ec_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:dfb94112b66ce7fe56a642371749bf87e979b0136652328b124cc384818ef6c3_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:615f4ab167e82d54f5cd9bea15e0673293ec42bf19cfa0ccc15eb1d20b7db18a_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:56140955dffe7c205dc944835637f83f04c5a82ba6f192dcfb034aa9cf800f8f_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:62b18afbdedf572866fd0dca6aa9e2426608d0b1cf011acef9f9044f4fbe4711_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:74b244e23b80d7996138a01814de1cb9d679ce7ed4156b5521fd76efc1bb5db5_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:cf5b5c9c6ba78281d0080d426f71c5b7b3e2b46db3644d153862268c0b4bf538_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-34986"
},
{
"category": "external",
"summary": "RHBZ#2455470",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455470"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-34986",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34986"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986"
},
{
"category": "external",
"summary": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8",
"url": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8"
},
{
"category": "external",
"summary": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants",
"url": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants"
}
],
"release_date": "2026-04-06T16:22:45.353000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-21T17:29:36+00:00",
"details": "See Red Hat OpenShift Service Mesh 3.2.4 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.2",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1aa2834ce676ef21f5a67e3144fe62677d9bf7b57a9401d74fab7cf569da9911_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d39ae3b09ef2ee139705831bff3f9070d2590d59887a488bfdbb36b590dec13_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4f5e7e28f111429e2c9376ac5f42d717f13eea1c3a80357fe001a9caf5c25fba_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:727908a49c6edf57609ac8a75d5aab182a79530e88819ea8a1df8a9610826c02_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:193b36cc5bc389b68c6e8080e1d47c3860aab22f7a4ee262c90b864967e23a97_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:31e020f606b687b82712fe32823a392ed1abcc9563845ea81fbfce616b99e6b1_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7e688abcea40cae3f552b2dc5abf0da092e8a0d7a3f04f3cb5d15c5b4fb1a1f2_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:8111afc971379ee93fef9ebddfccf75102309c134d25f9d6d3de46f59e809001_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9453"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1aa2834ce676ef21f5a67e3144fe62677d9bf7b57a9401d74fab7cf569da9911_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d39ae3b09ef2ee139705831bff3f9070d2590d59887a488bfdbb36b590dec13_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4f5e7e28f111429e2c9376ac5f42d717f13eea1c3a80357fe001a9caf5c25fba_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:727908a49c6edf57609ac8a75d5aab182a79530e88819ea8a1df8a9610826c02_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:284458d236e45ffa8a865917bf6253764dbe0f6602173ba3f6733b0a40c5a741_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2b6f5aa276fe5848c6f377c51be574045b04ea784374bcb54e496f2a297f02b0_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5b95c5cfc63958a16f3b30a42f16b9ff26b2f2c9f8e3c539fcec75b721edfb88_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c592a7d2b6b5997972ed7a2deda29c5e9bb03c2b28e42d1f6f57ae1639629c11_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:193b36cc5bc389b68c6e8080e1d47c3860aab22f7a4ee262c90b864967e23a97_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:31e020f606b687b82712fe32823a392ed1abcc9563845ea81fbfce616b99e6b1_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7e688abcea40cae3f552b2dc5abf0da092e8a0d7a3f04f3cb5d15c5b4fb1a1f2_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:8111afc971379ee93fef9ebddfccf75102309c134d25f9d6d3de46f59e809001_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:3e210dcd0cab9c18bc0629a3a20b27e75bc09c09decbfcc9f6ab69f7c29670e1_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:9d1e9ff2ab9a3f84328cdbe49d4263d34e9ef1ef14d689a32d87534d7631cb0d_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a2904680a45ff398adce27c1cbc539bf08e7f53aa64fadf0d6db74f1296421ad_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:f62ae2005f3c153975695253d786a00a1a5827b92f96328a0be425fdd4125e69_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:3f1d2206dea7630015fac80f8b8c6f7a6a1e1c17e477d1d54db4690b4453e6a0_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6015e887371eed1bd162363ebd16ca4f20bd8077df166b455685579e808a9292_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:87953048140227569e7028187ed92cc0960bbc055d62a6755c5a1fdcf10510ec_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:dfb94112b66ce7fe56a642371749bf87e979b0136652328b124cc384818ef6c3_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:615f4ab167e82d54f5cd9bea15e0673293ec42bf19cfa0ccc15eb1d20b7db18a_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:56140955dffe7c205dc944835637f83f04c5a82ba6f192dcfb034aa9cf800f8f_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:62b18afbdedf572866fd0dca6aa9e2426608d0b1cf011acef9f9044f4fbe4711_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:74b244e23b80d7996138a01814de1cb9d679ce7ed4156b5521fd76efc1bb5db5_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:cf5b5c9c6ba78281d0080d426f71c5b7b3e2b46db3644d153862268c0b4bf538_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:1aa2834ce676ef21f5a67e3144fe62677d9bf7b57a9401d74fab7cf569da9911_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4d39ae3b09ef2ee139705831bff3f9070d2590d59887a488bfdbb36b590dec13_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4f5e7e28f111429e2c9376ac5f42d717f13eea1c3a80357fe001a9caf5c25fba_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:727908a49c6edf57609ac8a75d5aab182a79530e88819ea8a1df8a9610826c02_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:284458d236e45ffa8a865917bf6253764dbe0f6602173ba3f6733b0a40c5a741_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2b6f5aa276fe5848c6f377c51be574045b04ea784374bcb54e496f2a297f02b0_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5b95c5cfc63958a16f3b30a42f16b9ff26b2f2c9f8e3c539fcec75b721edfb88_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:c592a7d2b6b5997972ed7a2deda29c5e9bb03c2b28e42d1f6f57ae1639629c11_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:193b36cc5bc389b68c6e8080e1d47c3860aab22f7a4ee262c90b864967e23a97_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:31e020f606b687b82712fe32823a392ed1abcc9563845ea81fbfce616b99e6b1_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:7e688abcea40cae3f552b2dc5abf0da092e8a0d7a3f04f3cb5d15c5b4fb1a1f2_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:8111afc971379ee93fef9ebddfccf75102309c134d25f9d6d3de46f59e809001_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:3e210dcd0cab9c18bc0629a3a20b27e75bc09c09decbfcc9f6ab69f7c29670e1_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:9d1e9ff2ab9a3f84328cdbe49d4263d34e9ef1ef14d689a32d87534d7631cb0d_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a2904680a45ff398adce27c1cbc539bf08e7f53aa64fadf0d6db74f1296421ad_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:f62ae2005f3c153975695253d786a00a1a5827b92f96328a0be425fdd4125e69_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:3f1d2206dea7630015fac80f8b8c6f7a6a1e1c17e477d1d54db4690b4453e6a0_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:6015e887371eed1bd162363ebd16ca4f20bd8077df166b455685579e808a9292_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:87953048140227569e7028187ed92cc0960bbc055d62a6755c5a1fdcf10510ec_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:dfb94112b66ce7fe56a642371749bf87e979b0136652328b124cc384818ef6c3_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:615f4ab167e82d54f5cd9bea15e0673293ec42bf19cfa0ccc15eb1d20b7db18a_amd64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:56140955dffe7c205dc944835637f83f04c5a82ba6f192dcfb034aa9cf800f8f_arm64",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:62b18afbdedf572866fd0dca6aa9e2426608d0b1cf011acef9f9044f4fbe4711_ppc64le",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:74b244e23b80d7996138a01814de1cb9d679ce7ed4156b5521fd76efc1bb5db5_s390x",
"Red Hat OpenShift Service Mesh 3.2:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:cf5b5c9c6ba78281d0080d426f71c5b7b3e2b46db3644d153862268c0b4bf538_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object"
}
]
}
RHSA-2026:9461
Vulnerability from csaf_redhat - Published: 2026-04-21 17:38 - Updated: 2026-07-03 00:52The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4aa8fcf79e1ce68c7d34926263ff9ae52c29877554a4c3de93d8ac02b0988af6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:502d8f43bf950f39495738a03048c46efbe5790c6eddec7fc0e1f7d3cf016922_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:96df77ab3e0cd987687782fbcd175d491f589189e01d68fef8cfed37ae240e48_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:f420d1d2f9b79a62b228035108608f0d4f7366d2d1406bd0411be658af2ea909_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:0c7b68a6a861cdc41e7bb775082158c9f6ee7bddee9b74eefb20893757d987ef_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b563447995234c60a4047a1b4df572048456b5220b516f3dab1cac1acfb3625f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:cbe68a0b4b31a36221365d817f8a58372136c1f8821605435b33948e71241502_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:e7ae23e4c782b7634acbbb9593cf383840094d06b651cbfc9e93faf8f9ced1e2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:654fe336492b1ffc23570610b598c93fcd37dca9892ea9156e3c57576041f87a_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7111cdde23558876b6846e9a60cff6609b716d0f69b42625c6e4e94faad6554c_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a56b0d2625c0c74330619e1ad9c3eb9ffb950e7e159f1f30d1d13662174442bb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:f45f7a1ddd1359010cc6dae2c03ce5ca9674c17c313470acb13094bf41bc19e9_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:31ca725cb3bae79e207987ced13f766439568ddddf856c88801405d61ba51b36_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:3ba40d26d74d69dd664c0375ae3c170e738bf1943e9e3c550b3c969cbe1ff523_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:8ee83e270eb2a215aef80e6b72dac3d4417726e5f60f2f47d3fa1a0bffb12e4b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:de3bf8bcab126df742192a3ed319aa595b3022c036391134ca4149ef711fa4f8_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:03df0ef1d06c34565f90c87fb0cb05fc5fd0938df5cb696f43d8f86e065b0ac4_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2e460362e4f7ffa961cb5da2b80a94c88e99d36da97e6e14c944d306b4d707f8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5dd40f7513ab3dfa96f1fee418cfdc9fc4b49dfa845963494cf61b9d8997d35b_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:d3211fd66831bc105da8a0d004c2fc48e09d867f705e6de1ff061e935298ea7a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:7c721b3e96083fffbede7c3e313b9a2609dd620086d8c3a6c92faa06eb78306b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:14069f839fc0ee972d8711f859af831f8ad268208dad8741f0397749982ccb4c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:35692553d65a7d62c96969e109a2a987fb1ccbe863d1f74097a00816dce86e2f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:58a3cb5bc211964eae0e1139ec77d8242d01d81565dc2fba3f164abc2a64a108_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:8705c16d6828a53bd799590ddceb685f3678c6779f121a5c916aa9ecf622baf7_arm64 | — |
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Service Mesh 3.3.2\n\nThis update has a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Service Mesh 3.3.2, which is based on the open source Istio project, addresses a variety of problems in a microservice architecture by creating a centralized point of control in an application.\n\nFixes/Improvements:\n\nSecurity Fix(es):\n\n* istio-rhel9-operator: Incorrect parsing of IPv6 host literals in net/url (CVE-2026-25679)\n\n* istio-cni-rhel9: Incorrect parsing of IPv6 host literals in net/url (CVE-2026-25679)\n\n* istio-pilot-rhel9: Incorrect parsing of IPv6 host literals in net/url (CVE-2026-25679)\n\n* istio-proxyv2-rhel9: Incorrect parsing of IPv6 host literals in net/url (CVE-2026-25679)\n\nBug Fix(es):\n\n* Ztunnel default value in operator contains older istio version (OSSM-13103)\n\n* OSSM operator metrics reader ClusterRole conflicts with other operators (OSSM-13106)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:9461",
"url": "https://access.redhat.com/errata/RHSA-2026:9461"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-25679",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/cve-2026-25679",
"url": "https://access.redhat.com/security/cve/cve-2026-25679"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification",
"url": "https://access.redhat.com/security/updates/classification"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_9461.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Service Mesh 3.3.2",
"tracking": {
"current_release_date": "2026-07-03T00:52:35+00:00",
"generator": {
"date": "2026-07-03T00:52:35+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:9461",
"initial_release_date": "2026-04-21T17:38:07+00:00",
"revision_history": [
{
"date": "2026-04-21T17:38:07+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-04-21T17:38:20+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-03T00:52:35+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Service Mesh 3.3",
"product": {
"name": "Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:service_mesh:3.3::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Service Mesh"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:7c721b3e96083fffbede7c3e313b9a2609dd620086d8c3a6c92faa06eb78306b_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:7c721b3e96083fffbede7c3e313b9a2609dd620086d8c3a6c92faa06eb78306b_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:7c721b3e96083fffbede7c3e313b9a2609dd620086d8c3a6c92faa06eb78306b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-sail-operator-bundle@sha256%3A7c721b3e96083fffbede7c3e313b9a2609dd620086d8c3a6c92faa06eb78306b?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776442424"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:96df77ab3e0cd987687782fbcd175d491f589189e01d68fef8cfed37ae240e48_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:96df77ab3e0cd987687782fbcd175d491f589189e01d68fef8cfed37ae240e48_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:96df77ab3e0cd987687782fbcd175d491f589189e01d68fef8cfed37ae240e48_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel9@sha256%3A96df77ab3e0cd987687782fbcd175d491f589189e01d68fef8cfed37ae240e48?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776233000"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2e460362e4f7ffa961cb5da2b80a94c88e99d36da97e6e14c944d306b4d707f8_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2e460362e4f7ffa961cb5da2b80a94c88e99d36da97e6e14c944d306b4d707f8_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2e460362e4f7ffa961cb5da2b80a94c88e99d36da97e6e14c944d306b4d707f8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel9@sha256%3A2e460362e4f7ffa961cb5da2b80a94c88e99d36da97e6e14c944d306b4d707f8?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776141540"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:31ca725cb3bae79e207987ced13f766439568ddddf856c88801405d61ba51b36_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:31ca725cb3bae79e207987ced13f766439568ddddf856c88801405d61ba51b36_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:31ca725cb3bae79e207987ced13f766439568ddddf856c88801405d61ba51b36_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel9-operator@sha256%3A31ca725cb3bae79e207987ced13f766439568ddddf856c88801405d61ba51b36?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776419718"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b563447995234c60a4047a1b4df572048456b5220b516f3dab1cac1acfb3625f_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b563447995234c60a4047a1b4df572048456b5220b516f3dab1cac1acfb3625f_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b563447995234c60a4047a1b4df572048456b5220b516f3dab1cac1acfb3625f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-pilot-rhel9@sha256%3Ab563447995234c60a4047a1b4df572048456b5220b516f3dab1cac1acfb3625f?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776233016"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a56b0d2625c0c74330619e1ad9c3eb9ffb950e7e159f1f30d1d13662174442bb_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a56b0d2625c0c74330619e1ad9c3eb9ffb950e7e159f1f30d1d13662174442bb_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a56b0d2625c0c74330619e1ad9c3eb9ffb950e7e159f1f30d1d13662174442bb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-proxyv2-rhel9@sha256%3Aa56b0d2625c0c74330619e1ad9c3eb9ffb950e7e159f1f30d1d13662174442bb?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776293296"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:58a3cb5bc211964eae0e1139ec77d8242d01d81565dc2fba3f164abc2a64a108_amd64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:58a3cb5bc211964eae0e1139ec77d8242d01d81565dc2fba3f164abc2a64a108_amd64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:58a3cb5bc211964eae0e1139ec77d8242d01d81565dc2fba3f164abc2a64a108_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-ztunnel-rhel9@sha256%3A58a3cb5bc211964eae0e1139ec77d8242d01d81565dc2fba3f164abc2a64a108?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776232457"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:f420d1d2f9b79a62b228035108608f0d4f7366d2d1406bd0411be658af2ea909_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:f420d1d2f9b79a62b228035108608f0d4f7366d2d1406bd0411be658af2ea909_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:f420d1d2f9b79a62b228035108608f0d4f7366d2d1406bd0411be658af2ea909_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel9@sha256%3Af420d1d2f9b79a62b228035108608f0d4f7366d2d1406bd0411be658af2ea909?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776233000"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5dd40f7513ab3dfa96f1fee418cfdc9fc4b49dfa845963494cf61b9d8997d35b_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5dd40f7513ab3dfa96f1fee418cfdc9fc4b49dfa845963494cf61b9d8997d35b_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5dd40f7513ab3dfa96f1fee418cfdc9fc4b49dfa845963494cf61b9d8997d35b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel9@sha256%3A5dd40f7513ab3dfa96f1fee418cfdc9fc4b49dfa845963494cf61b9d8997d35b?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776141540"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:de3bf8bcab126df742192a3ed319aa595b3022c036391134ca4149ef711fa4f8_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:de3bf8bcab126df742192a3ed319aa595b3022c036391134ca4149ef711fa4f8_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:de3bf8bcab126df742192a3ed319aa595b3022c036391134ca4149ef711fa4f8_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel9-operator@sha256%3Ade3bf8bcab126df742192a3ed319aa595b3022c036391134ca4149ef711fa4f8?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776419718"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:0c7b68a6a861cdc41e7bb775082158c9f6ee7bddee9b74eefb20893757d987ef_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:0c7b68a6a861cdc41e7bb775082158c9f6ee7bddee9b74eefb20893757d987ef_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:0c7b68a6a861cdc41e7bb775082158c9f6ee7bddee9b74eefb20893757d987ef_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-pilot-rhel9@sha256%3A0c7b68a6a861cdc41e7bb775082158c9f6ee7bddee9b74eefb20893757d987ef?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776233016"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7111cdde23558876b6846e9a60cff6609b716d0f69b42625c6e4e94faad6554c_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7111cdde23558876b6846e9a60cff6609b716d0f69b42625c6e4e94faad6554c_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7111cdde23558876b6846e9a60cff6609b716d0f69b42625c6e4e94faad6554c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-proxyv2-rhel9@sha256%3A7111cdde23558876b6846e9a60cff6609b716d0f69b42625c6e4e94faad6554c?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776293296"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:8705c16d6828a53bd799590ddceb685f3678c6779f121a5c916aa9ecf622baf7_arm64",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:8705c16d6828a53bd799590ddceb685f3678c6779f121a5c916aa9ecf622baf7_arm64",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:8705c16d6828a53bd799590ddceb685f3678c6779f121a5c916aa9ecf622baf7_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-ztunnel-rhel9@sha256%3A8705c16d6828a53bd799590ddceb685f3678c6779f121a5c916aa9ecf622baf7?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776232457"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4aa8fcf79e1ce68c7d34926263ff9ae52c29877554a4c3de93d8ac02b0988af6_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4aa8fcf79e1ce68c7d34926263ff9ae52c29877554a4c3de93d8ac02b0988af6_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4aa8fcf79e1ce68c7d34926263ff9ae52c29877554a4c3de93d8ac02b0988af6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel9@sha256%3A4aa8fcf79e1ce68c7d34926263ff9ae52c29877554a4c3de93d8ac02b0988af6?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776233000"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:d3211fd66831bc105da8a0d004c2fc48e09d867f705e6de1ff061e935298ea7a_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:d3211fd66831bc105da8a0d004c2fc48e09d867f705e6de1ff061e935298ea7a_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:d3211fd66831bc105da8a0d004c2fc48e09d867f705e6de1ff061e935298ea7a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel9@sha256%3Ad3211fd66831bc105da8a0d004c2fc48e09d867f705e6de1ff061e935298ea7a?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776141540"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:3ba40d26d74d69dd664c0375ae3c170e738bf1943e9e3c550b3c969cbe1ff523_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:3ba40d26d74d69dd664c0375ae3c170e738bf1943e9e3c550b3c969cbe1ff523_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:3ba40d26d74d69dd664c0375ae3c170e738bf1943e9e3c550b3c969cbe1ff523_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel9-operator@sha256%3A3ba40d26d74d69dd664c0375ae3c170e738bf1943e9e3c550b3c969cbe1ff523?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776419718"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:cbe68a0b4b31a36221365d817f8a58372136c1f8821605435b33948e71241502_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:cbe68a0b4b31a36221365d817f8a58372136c1f8821605435b33948e71241502_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:cbe68a0b4b31a36221365d817f8a58372136c1f8821605435b33948e71241502_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-pilot-rhel9@sha256%3Acbe68a0b4b31a36221365d817f8a58372136c1f8821605435b33948e71241502?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776233016"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:654fe336492b1ffc23570610b598c93fcd37dca9892ea9156e3c57576041f87a_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:654fe336492b1ffc23570610b598c93fcd37dca9892ea9156e3c57576041f87a_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:654fe336492b1ffc23570610b598c93fcd37dca9892ea9156e3c57576041f87a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-proxyv2-rhel9@sha256%3A654fe336492b1ffc23570610b598c93fcd37dca9892ea9156e3c57576041f87a?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776293296"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:14069f839fc0ee972d8711f859af831f8ad268208dad8741f0397749982ccb4c_ppc64le",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:14069f839fc0ee972d8711f859af831f8ad268208dad8741f0397749982ccb4c_ppc64le",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:14069f839fc0ee972d8711f859af831f8ad268208dad8741f0397749982ccb4c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-ztunnel-rhel9@sha256%3A14069f839fc0ee972d8711f859af831f8ad268208dad8741f0397749982ccb4c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776232457"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:502d8f43bf950f39495738a03048c46efbe5790c6eddec7fc0e1f7d3cf016922_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:502d8f43bf950f39495738a03048c46efbe5790c6eddec7fc0e1f7d3cf016922_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:502d8f43bf950f39495738a03048c46efbe5790c6eddec7fc0e1f7d3cf016922_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel9@sha256%3A502d8f43bf950f39495738a03048c46efbe5790c6eddec7fc0e1f7d3cf016922?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776233000"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:03df0ef1d06c34565f90c87fb0cb05fc5fd0938df5cb696f43d8f86e065b0ac4_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:03df0ef1d06c34565f90c87fb0cb05fc5fd0938df5cb696f43d8f86e065b0ac4_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:03df0ef1d06c34565f90c87fb0cb05fc5fd0938df5cb696f43d8f86e065b0ac4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel9@sha256%3A03df0ef1d06c34565f90c87fb0cb05fc5fd0938df5cb696f43d8f86e065b0ac4?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776141540"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:8ee83e270eb2a215aef80e6b72dac3d4417726e5f60f2f47d3fa1a0bffb12e4b_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:8ee83e270eb2a215aef80e6b72dac3d4417726e5f60f2f47d3fa1a0bffb12e4b_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:8ee83e270eb2a215aef80e6b72dac3d4417726e5f60f2f47d3fa1a0bffb12e4b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel9-operator@sha256%3A8ee83e270eb2a215aef80e6b72dac3d4417726e5f60f2f47d3fa1a0bffb12e4b?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776419718"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:e7ae23e4c782b7634acbbb9593cf383840094d06b651cbfc9e93faf8f9ced1e2_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:e7ae23e4c782b7634acbbb9593cf383840094d06b651cbfc9e93faf8f9ced1e2_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:e7ae23e4c782b7634acbbb9593cf383840094d06b651cbfc9e93faf8f9ced1e2_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-pilot-rhel9@sha256%3Ae7ae23e4c782b7634acbbb9593cf383840094d06b651cbfc9e93faf8f9ced1e2?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776233016"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:f45f7a1ddd1359010cc6dae2c03ce5ca9674c17c313470acb13094bf41bc19e9_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:f45f7a1ddd1359010cc6dae2c03ce5ca9674c17c313470acb13094bf41bc19e9_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:f45f7a1ddd1359010cc6dae2c03ce5ca9674c17c313470acb13094bf41bc19e9_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-proxyv2-rhel9@sha256%3Af45f7a1ddd1359010cc6dae2c03ce5ca9674c17c313470acb13094bf41bc19e9?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776293296"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:35692553d65a7d62c96969e109a2a987fb1ccbe863d1f74097a00816dce86e2f_s390x",
"product": {
"name": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:35692553d65a7d62c96969e109a2a987fb1ccbe863d1f74097a00816dce86e2f_s390x",
"product_id": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:35692553d65a7d62c96969e109a2a987fb1ccbe863d1f74097a00816dce86e2f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-ztunnel-rhel9@sha256%3A35692553d65a7d62c96969e109a2a987fb1ccbe863d1f74097a00816dce86e2f?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh\u0026tag=1776232457"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4aa8fcf79e1ce68c7d34926263ff9ae52c29877554a4c3de93d8ac02b0988af6_ppc64le as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4aa8fcf79e1ce68c7d34926263ff9ae52c29877554a4c3de93d8ac02b0988af6_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4aa8fcf79e1ce68c7d34926263ff9ae52c29877554a4c3de93d8ac02b0988af6_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:502d8f43bf950f39495738a03048c46efbe5790c6eddec7fc0e1f7d3cf016922_s390x as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:502d8f43bf950f39495738a03048c46efbe5790c6eddec7fc0e1f7d3cf016922_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:502d8f43bf950f39495738a03048c46efbe5790c6eddec7fc0e1f7d3cf016922_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:96df77ab3e0cd987687782fbcd175d491f589189e01d68fef8cfed37ae240e48_amd64 as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:96df77ab3e0cd987687782fbcd175d491f589189e01d68fef8cfed37ae240e48_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:96df77ab3e0cd987687782fbcd175d491f589189e01d68fef8cfed37ae240e48_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:f420d1d2f9b79a62b228035108608f0d4f7366d2d1406bd0411be658af2ea909_arm64 as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:f420d1d2f9b79a62b228035108608f0d4f7366d2d1406bd0411be658af2ea909_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:f420d1d2f9b79a62b228035108608f0d4f7366d2d1406bd0411be658af2ea909_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:03df0ef1d06c34565f90c87fb0cb05fc5fd0938df5cb696f43d8f86e065b0ac4_s390x as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:03df0ef1d06c34565f90c87fb0cb05fc5fd0938df5cb696f43d8f86e065b0ac4_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:03df0ef1d06c34565f90c87fb0cb05fc5fd0938df5cb696f43d8f86e065b0ac4_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2e460362e4f7ffa961cb5da2b80a94c88e99d36da97e6e14c944d306b4d707f8_amd64 as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2e460362e4f7ffa961cb5da2b80a94c88e99d36da97e6e14c944d306b4d707f8_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2e460362e4f7ffa961cb5da2b80a94c88e99d36da97e6e14c944d306b4d707f8_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5dd40f7513ab3dfa96f1fee418cfdc9fc4b49dfa845963494cf61b9d8997d35b_arm64 as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5dd40f7513ab3dfa96f1fee418cfdc9fc4b49dfa845963494cf61b9d8997d35b_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5dd40f7513ab3dfa96f1fee418cfdc9fc4b49dfa845963494cf61b9d8997d35b_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:d3211fd66831bc105da8a0d004c2fc48e09d867f705e6de1ff061e935298ea7a_ppc64le as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:d3211fd66831bc105da8a0d004c2fc48e09d867f705e6de1ff061e935298ea7a_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:d3211fd66831bc105da8a0d004c2fc48e09d867f705e6de1ff061e935298ea7a_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:0c7b68a6a861cdc41e7bb775082158c9f6ee7bddee9b74eefb20893757d987ef_arm64 as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:0c7b68a6a861cdc41e7bb775082158c9f6ee7bddee9b74eefb20893757d987ef_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:0c7b68a6a861cdc41e7bb775082158c9f6ee7bddee9b74eefb20893757d987ef_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b563447995234c60a4047a1b4df572048456b5220b516f3dab1cac1acfb3625f_amd64 as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b563447995234c60a4047a1b4df572048456b5220b516f3dab1cac1acfb3625f_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b563447995234c60a4047a1b4df572048456b5220b516f3dab1cac1acfb3625f_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:cbe68a0b4b31a36221365d817f8a58372136c1f8821605435b33948e71241502_ppc64le as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:cbe68a0b4b31a36221365d817f8a58372136c1f8821605435b33948e71241502_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:cbe68a0b4b31a36221365d817f8a58372136c1f8821605435b33948e71241502_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:e7ae23e4c782b7634acbbb9593cf383840094d06b651cbfc9e93faf8f9ced1e2_s390x as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:e7ae23e4c782b7634acbbb9593cf383840094d06b651cbfc9e93faf8f9ced1e2_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:e7ae23e4c782b7634acbbb9593cf383840094d06b651cbfc9e93faf8f9ced1e2_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:654fe336492b1ffc23570610b598c93fcd37dca9892ea9156e3c57576041f87a_ppc64le as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:654fe336492b1ffc23570610b598c93fcd37dca9892ea9156e3c57576041f87a_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:654fe336492b1ffc23570610b598c93fcd37dca9892ea9156e3c57576041f87a_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7111cdde23558876b6846e9a60cff6609b716d0f69b42625c6e4e94faad6554c_arm64 as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7111cdde23558876b6846e9a60cff6609b716d0f69b42625c6e4e94faad6554c_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7111cdde23558876b6846e9a60cff6609b716d0f69b42625c6e4e94faad6554c_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a56b0d2625c0c74330619e1ad9c3eb9ffb950e7e159f1f30d1d13662174442bb_amd64 as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a56b0d2625c0c74330619e1ad9c3eb9ffb950e7e159f1f30d1d13662174442bb_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a56b0d2625c0c74330619e1ad9c3eb9ffb950e7e159f1f30d1d13662174442bb_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:f45f7a1ddd1359010cc6dae2c03ce5ca9674c17c313470acb13094bf41bc19e9_s390x as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:f45f7a1ddd1359010cc6dae2c03ce5ca9674c17c313470acb13094bf41bc19e9_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:f45f7a1ddd1359010cc6dae2c03ce5ca9674c17c313470acb13094bf41bc19e9_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:31ca725cb3bae79e207987ced13f766439568ddddf856c88801405d61ba51b36_amd64 as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:31ca725cb3bae79e207987ced13f766439568ddddf856c88801405d61ba51b36_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:31ca725cb3bae79e207987ced13f766439568ddddf856c88801405d61ba51b36_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:3ba40d26d74d69dd664c0375ae3c170e738bf1943e9e3c550b3c969cbe1ff523_ppc64le as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:3ba40d26d74d69dd664c0375ae3c170e738bf1943e9e3c550b3c969cbe1ff523_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:3ba40d26d74d69dd664c0375ae3c170e738bf1943e9e3c550b3c969cbe1ff523_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:8ee83e270eb2a215aef80e6b72dac3d4417726e5f60f2f47d3fa1a0bffb12e4b_s390x as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:8ee83e270eb2a215aef80e6b72dac3d4417726e5f60f2f47d3fa1a0bffb12e4b_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:8ee83e270eb2a215aef80e6b72dac3d4417726e5f60f2f47d3fa1a0bffb12e4b_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:de3bf8bcab126df742192a3ed319aa595b3022c036391134ca4149ef711fa4f8_arm64 as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:de3bf8bcab126df742192a3ed319aa595b3022c036391134ca4149ef711fa4f8_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:de3bf8bcab126df742192a3ed319aa595b3022c036391134ca4149ef711fa4f8_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:7c721b3e96083fffbede7c3e313b9a2609dd620086d8c3a6c92faa06eb78306b_amd64 as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:7c721b3e96083fffbede7c3e313b9a2609dd620086d8c3a6c92faa06eb78306b_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:7c721b3e96083fffbede7c3e313b9a2609dd620086d8c3a6c92faa06eb78306b_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:14069f839fc0ee972d8711f859af831f8ad268208dad8741f0397749982ccb4c_ppc64le as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:14069f839fc0ee972d8711f859af831f8ad268208dad8741f0397749982ccb4c_ppc64le"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:14069f839fc0ee972d8711f859af831f8ad268208dad8741f0397749982ccb4c_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:35692553d65a7d62c96969e109a2a987fb1ccbe863d1f74097a00816dce86e2f_s390x as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:35692553d65a7d62c96969e109a2a987fb1ccbe863d1f74097a00816dce86e2f_s390x"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:35692553d65a7d62c96969e109a2a987fb1ccbe863d1f74097a00816dce86e2f_s390x",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:58a3cb5bc211964eae0e1139ec77d8242d01d81565dc2fba3f164abc2a64a108_amd64 as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:58a3cb5bc211964eae0e1139ec77d8242d01d81565dc2fba3f164abc2a64a108_amd64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:58a3cb5bc211964eae0e1139ec77d8242d01d81565dc2fba3f164abc2a64a108_amd64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:8705c16d6828a53bd799590ddceb685f3678c6779f121a5c916aa9ecf622baf7_arm64 as a component of Red Hat OpenShift Service Mesh 3.3",
"product_id": "Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:8705c16d6828a53bd799590ddceb685f3678c6779f121a5c916aa9ecf622baf7_arm64"
},
"product_reference": "registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:8705c16d6828a53bd799590ddceb685f3678c6779f121a5c916aa9ecf622baf7_arm64",
"relates_to_product_reference": "Red Hat OpenShift Service Mesh 3.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-25679",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2026-03-06T22:02:11.567841+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:03df0ef1d06c34565f90c87fb0cb05fc5fd0938df5cb696f43d8f86e065b0ac4_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2e460362e4f7ffa961cb5da2b80a94c88e99d36da97e6e14c944d306b4d707f8_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5dd40f7513ab3dfa96f1fee418cfdc9fc4b49dfa845963494cf61b9d8997d35b_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:d3211fd66831bc105da8a0d004c2fc48e09d867f705e6de1ff061e935298ea7a_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:7c721b3e96083fffbede7c3e313b9a2609dd620086d8c3a6c92faa06eb78306b_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:14069f839fc0ee972d8711f859af831f8ad268208dad8741f0397749982ccb4c_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:35692553d65a7d62c96969e109a2a987fb1ccbe863d1f74097a00816dce86e2f_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:58a3cb5bc211964eae0e1139ec77d8242d01d81565dc2fba3f164abc2a64a108_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:8705c16d6828a53bd799590ddceb685f3678c6779f121a5c916aa9ecf622baf7_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445356"
}
],
"notes": [
{
"category": "description",
"text": "The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/url: Incorrect parsing of IPv6 host literals in net/url",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4aa8fcf79e1ce68c7d34926263ff9ae52c29877554a4c3de93d8ac02b0988af6_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:502d8f43bf950f39495738a03048c46efbe5790c6eddec7fc0e1f7d3cf016922_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:96df77ab3e0cd987687782fbcd175d491f589189e01d68fef8cfed37ae240e48_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:f420d1d2f9b79a62b228035108608f0d4f7366d2d1406bd0411be658af2ea909_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:0c7b68a6a861cdc41e7bb775082158c9f6ee7bddee9b74eefb20893757d987ef_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b563447995234c60a4047a1b4df572048456b5220b516f3dab1cac1acfb3625f_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:cbe68a0b4b31a36221365d817f8a58372136c1f8821605435b33948e71241502_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:e7ae23e4c782b7634acbbb9593cf383840094d06b651cbfc9e93faf8f9ced1e2_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:654fe336492b1ffc23570610b598c93fcd37dca9892ea9156e3c57576041f87a_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7111cdde23558876b6846e9a60cff6609b716d0f69b42625c6e4e94faad6554c_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a56b0d2625c0c74330619e1ad9c3eb9ffb950e7e159f1f30d1d13662174442bb_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:f45f7a1ddd1359010cc6dae2c03ce5ca9674c17c313470acb13094bf41bc19e9_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:31ca725cb3bae79e207987ced13f766439568ddddf856c88801405d61ba51b36_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:3ba40d26d74d69dd664c0375ae3c170e738bf1943e9e3c550b3c969cbe1ff523_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:8ee83e270eb2a215aef80e6b72dac3d4417726e5f60f2f47d3fa1a0bffb12e4b_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:de3bf8bcab126df742192a3ed319aa595b3022c036391134ca4149ef711fa4f8_arm64"
],
"known_not_affected": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:03df0ef1d06c34565f90c87fb0cb05fc5fd0938df5cb696f43d8f86e065b0ac4_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2e460362e4f7ffa961cb5da2b80a94c88e99d36da97e6e14c944d306b4d707f8_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5dd40f7513ab3dfa96f1fee418cfdc9fc4b49dfa845963494cf61b9d8997d35b_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:d3211fd66831bc105da8a0d004c2fc48e09d867f705e6de1ff061e935298ea7a_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:7c721b3e96083fffbede7c3e313b9a2609dd620086d8c3a6c92faa06eb78306b_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:14069f839fc0ee972d8711f859af831f8ad268208dad8741f0397749982ccb4c_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:35692553d65a7d62c96969e109a2a987fb1ccbe863d1f74097a00816dce86e2f_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:58a3cb5bc211964eae0e1139ec77d8242d01d81565dc2fba3f164abc2a64a108_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:8705c16d6828a53bd799590ddceb685f3678c6779f121a5c916aa9ecf622baf7_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "RHBZ#2445356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445356"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25679",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://go.dev/cl/752180",
"url": "https://go.dev/cl/752180"
},
{
"category": "external",
"summary": "https://go.dev/issue/77578",
"url": "https://go.dev/issue/77578"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk",
"url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4601",
"url": "https://pkg.go.dev/vuln/GO-2026-4601"
}
],
"release_date": "2026-03-06T21:28:14.211000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-21T17:38:07+00:00",
"details": "See Red Hat OpenShift Service Mesh 3.3.2 documentation at https://docs.redhat.com/en/documentation/red_hat_openshift_service_mesh/3.3",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4aa8fcf79e1ce68c7d34926263ff9ae52c29877554a4c3de93d8ac02b0988af6_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:502d8f43bf950f39495738a03048c46efbe5790c6eddec7fc0e1f7d3cf016922_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:96df77ab3e0cd987687782fbcd175d491f589189e01d68fef8cfed37ae240e48_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:f420d1d2f9b79a62b228035108608f0d4f7366d2d1406bd0411be658af2ea909_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:0c7b68a6a861cdc41e7bb775082158c9f6ee7bddee9b74eefb20893757d987ef_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b563447995234c60a4047a1b4df572048456b5220b516f3dab1cac1acfb3625f_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:cbe68a0b4b31a36221365d817f8a58372136c1f8821605435b33948e71241502_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:e7ae23e4c782b7634acbbb9593cf383840094d06b651cbfc9e93faf8f9ced1e2_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:654fe336492b1ffc23570610b598c93fcd37dca9892ea9156e3c57576041f87a_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7111cdde23558876b6846e9a60cff6609b716d0f69b42625c6e4e94faad6554c_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a56b0d2625c0c74330619e1ad9c3eb9ffb950e7e159f1f30d1d13662174442bb_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:f45f7a1ddd1359010cc6dae2c03ce5ca9674c17c313470acb13094bf41bc19e9_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:31ca725cb3bae79e207987ced13f766439568ddddf856c88801405d61ba51b36_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:3ba40d26d74d69dd664c0375ae3c170e738bf1943e9e3c550b3c969cbe1ff523_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:8ee83e270eb2a215aef80e6b72dac3d4417726e5f60f2f47d3fa1a0bffb12e4b_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:de3bf8bcab126df742192a3ed319aa595b3022c036391134ca4149ef711fa4f8_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9461"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4aa8fcf79e1ce68c7d34926263ff9ae52c29877554a4c3de93d8ac02b0988af6_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:502d8f43bf950f39495738a03048c46efbe5790c6eddec7fc0e1f7d3cf016922_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:96df77ab3e0cd987687782fbcd175d491f589189e01d68fef8cfed37ae240e48_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:f420d1d2f9b79a62b228035108608f0d4f7366d2d1406bd0411be658af2ea909_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:03df0ef1d06c34565f90c87fb0cb05fc5fd0938df5cb696f43d8f86e065b0ac4_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2e460362e4f7ffa961cb5da2b80a94c88e99d36da97e6e14c944d306b4d707f8_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5dd40f7513ab3dfa96f1fee418cfdc9fc4b49dfa845963494cf61b9d8997d35b_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:d3211fd66831bc105da8a0d004c2fc48e09d867f705e6de1ff061e935298ea7a_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:0c7b68a6a861cdc41e7bb775082158c9f6ee7bddee9b74eefb20893757d987ef_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b563447995234c60a4047a1b4df572048456b5220b516f3dab1cac1acfb3625f_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:cbe68a0b4b31a36221365d817f8a58372136c1f8821605435b33948e71241502_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:e7ae23e4c782b7634acbbb9593cf383840094d06b651cbfc9e93faf8f9ced1e2_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:654fe336492b1ffc23570610b598c93fcd37dca9892ea9156e3c57576041f87a_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7111cdde23558876b6846e9a60cff6609b716d0f69b42625c6e4e94faad6554c_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a56b0d2625c0c74330619e1ad9c3eb9ffb950e7e159f1f30d1d13662174442bb_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:f45f7a1ddd1359010cc6dae2c03ce5ca9674c17c313470acb13094bf41bc19e9_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:31ca725cb3bae79e207987ced13f766439568ddddf856c88801405d61ba51b36_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:3ba40d26d74d69dd664c0375ae3c170e738bf1943e9e3c550b3c969cbe1ff523_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:8ee83e270eb2a215aef80e6b72dac3d4417726e5f60f2f47d3fa1a0bffb12e4b_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:de3bf8bcab126df742192a3ed319aa595b3022c036391134ca4149ef711fa4f8_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:7c721b3e96083fffbede7c3e313b9a2609dd620086d8c3a6c92faa06eb78306b_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:14069f839fc0ee972d8711f859af831f8ad268208dad8741f0397749982ccb4c_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:35692553d65a7d62c96969e109a2a987fb1ccbe863d1f74097a00816dce86e2f_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:58a3cb5bc211964eae0e1139ec77d8242d01d81565dc2fba3f164abc2a64a108_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:8705c16d6828a53bd799590ddceb685f3678c6779f121a5c916aa9ecf622baf7_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:4aa8fcf79e1ce68c7d34926263ff9ae52c29877554a4c3de93d8ac02b0988af6_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:502d8f43bf950f39495738a03048c46efbe5790c6eddec7fc0e1f7d3cf016922_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:96df77ab3e0cd987687782fbcd175d491f589189e01d68fef8cfed37ae240e48_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-cni-rhel9@sha256:f420d1d2f9b79a62b228035108608f0d4f7366d2d1406bd0411be658af2ea909_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:03df0ef1d06c34565f90c87fb0cb05fc5fd0938df5cb696f43d8f86e065b0ac4_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:2e460362e4f7ffa961cb5da2b80a94c88e99d36da97e6e14c944d306b4d707f8_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:5dd40f7513ab3dfa96f1fee418cfdc9fc4b49dfa845963494cf61b9d8997d35b_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel9@sha256:d3211fd66831bc105da8a0d004c2fc48e09d867f705e6de1ff061e935298ea7a_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:0c7b68a6a861cdc41e7bb775082158c9f6ee7bddee9b74eefb20893757d987ef_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:b563447995234c60a4047a1b4df572048456b5220b516f3dab1cac1acfb3625f_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:cbe68a0b4b31a36221365d817f8a58372136c1f8821605435b33948e71241502_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-pilot-rhel9@sha256:e7ae23e4c782b7634acbbb9593cf383840094d06b651cbfc9e93faf8f9ced1e2_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:654fe336492b1ffc23570610b598c93fcd37dca9892ea9156e3c57576041f87a_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:7111cdde23558876b6846e9a60cff6609b716d0f69b42625c6e4e94faad6554c_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:a56b0d2625c0c74330619e1ad9c3eb9ffb950e7e159f1f30d1d13662174442bb_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-proxyv2-rhel9@sha256:f45f7a1ddd1359010cc6dae2c03ce5ca9674c17c313470acb13094bf41bc19e9_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:31ca725cb3bae79e207987ced13f766439568ddddf856c88801405d61ba51b36_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:3ba40d26d74d69dd664c0375ae3c170e738bf1943e9e3c550b3c969cbe1ff523_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:8ee83e270eb2a215aef80e6b72dac3d4417726e5f60f2f47d3fa1a0bffb12e4b_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-rhel9-operator@sha256:de3bf8bcab126df742192a3ed319aa595b3022c036391134ca4149ef711fa4f8_arm64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-sail-operator-bundle@sha256:7c721b3e96083fffbede7c3e313b9a2609dd620086d8c3a6c92faa06eb78306b_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:14069f839fc0ee972d8711f859af831f8ad268208dad8741f0397749982ccb4c_ppc64le",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:35692553d65a7d62c96969e109a2a987fb1ccbe863d1f74097a00816dce86e2f_s390x",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:58a3cb5bc211964eae0e1139ec77d8242d01d81565dc2fba3f164abc2a64a108_amd64",
"Red Hat OpenShift Service Mesh 3.3:registry.redhat.io/openshift-service-mesh/istio-ztunnel-rhel9@sha256:8705c16d6828a53bd799590ddceb685f3678c6779f121a5c916aa9ecf622baf7_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/url: Incorrect parsing of IPv6 host literals in net/url"
}
]
}
RHSA-2026:9695
Vulnerability from csaf_redhat - Published: 2026-04-22 11:44 - Updated: 2026-07-03 00:52The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.8.0.Z.E4S:rhc-1:0.2.2-1.el8_8.2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.E4S:rhc-1:0.2.2-1.el8_8.2.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.E4S:rhc-1:0.2.2-1.el8_8.2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.E4S:rhc-debuginfo-1:0.2.2-1.el8_8.2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.E4S:rhc-debuginfo-1:0.2.2-1.el8_8.2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.E4S:rhc-debugsource-1:0.2.2-1.el8_8.2.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.E4S:rhc-debugsource-1:0.2.2-1.el8_8.2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.TUS:rhc-1:0.2.2-1.el8_8.2.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.TUS:rhc-1:0.2.2-1.el8_8.2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.TUS:rhc-debuginfo-1:0.2.2-1.el8_8.2.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.8.0.Z.TUS:rhc-debugsource-1:0.2.2-1.el8_8.2.x86_64 | — |
Vendor Fix
fix
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for rhc is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "rhc is a client tool and daemon that connects the system to Red Hat hosted services enabling system and subscription management.\n\nSecurity Fix(es):\n\n* net/url: Incorrect parsing of IPv6 host literals in net/url (CVE-2026-25679)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:9695",
"url": "https://access.redhat.com/errata/RHSA-2026:9695"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2445356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445356"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_9695.json"
}
],
"title": "Red Hat Security Advisory: rhc security update",
"tracking": {
"current_release_date": "2026-07-03T00:52:35+00:00",
"generator": {
"date": "2026-07-03T00:52:35+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:9695",
"initial_release_date": "2026-04-22T11:44:28+00:00",
"revision_history": [
{
"date": "2026-04-22T11:44:28+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-04-22T11:44:28+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-03T00:52:35+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream E4S (v.8.8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream E4S (v.8.8)",
"product_id": "AppStream-8.8.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_e4s:8.8::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream TUS (v.8.8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream TUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.TUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_tus:8.8::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "rhc-1:0.2.2-1.el8_8.2.src",
"product": {
"name": "rhc-1:0.2.2-1.el8_8.2.src",
"product_id": "rhc-1:0.2.2-1.el8_8.2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhc@0.2.2-1.el8_8.2?arch=src\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "rhc-1:0.2.2-1.el8_8.2.ppc64le",
"product": {
"name": "rhc-1:0.2.2-1.el8_8.2.ppc64le",
"product_id": "rhc-1:0.2.2-1.el8_8.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhc@0.2.2-1.el8_8.2?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "rhc-debugsource-1:0.2.2-1.el8_8.2.ppc64le",
"product": {
"name": "rhc-debugsource-1:0.2.2-1.el8_8.2.ppc64le",
"product_id": "rhc-debugsource-1:0.2.2-1.el8_8.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhc-debugsource@0.2.2-1.el8_8.2?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "rhc-debuginfo-1:0.2.2-1.el8_8.2.ppc64le",
"product": {
"name": "rhc-debuginfo-1:0.2.2-1.el8_8.2.ppc64le",
"product_id": "rhc-debuginfo-1:0.2.2-1.el8_8.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhc-debuginfo@0.2.2-1.el8_8.2?arch=ppc64le\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "rhc-1:0.2.2-1.el8_8.2.x86_64",
"product": {
"name": "rhc-1:0.2.2-1.el8_8.2.x86_64",
"product_id": "rhc-1:0.2.2-1.el8_8.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhc@0.2.2-1.el8_8.2?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "rhc-debugsource-1:0.2.2-1.el8_8.2.x86_64",
"product": {
"name": "rhc-debugsource-1:0.2.2-1.el8_8.2.x86_64",
"product_id": "rhc-debugsource-1:0.2.2-1.el8_8.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhc-debugsource@0.2.2-1.el8_8.2?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "rhc-debuginfo-1:0.2.2-1.el8_8.2.x86_64",
"product": {
"name": "rhc-debuginfo-1:0.2.2-1.el8_8.2.x86_64",
"product_id": "rhc-debuginfo-1:0.2.2-1.el8_8.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rhc-debuginfo@0.2.2-1.el8_8.2?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rhc-1:0.2.2-1.el8_8.2.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.8.8)",
"product_id": "AppStream-8.8.0.Z.E4S:rhc-1:0.2.2-1.el8_8.2.ppc64le"
},
"product_reference": "rhc-1:0.2.2-1.el8_8.2.ppc64le",
"relates_to_product_reference": "AppStream-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhc-1:0.2.2-1.el8_8.2.src as a component of Red Hat Enterprise Linux AppStream E4S (v.8.8)",
"product_id": "AppStream-8.8.0.Z.E4S:rhc-1:0.2.2-1.el8_8.2.src"
},
"product_reference": "rhc-1:0.2.2-1.el8_8.2.src",
"relates_to_product_reference": "AppStream-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhc-1:0.2.2-1.el8_8.2.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.8)",
"product_id": "AppStream-8.8.0.Z.E4S:rhc-1:0.2.2-1.el8_8.2.x86_64"
},
"product_reference": "rhc-1:0.2.2-1.el8_8.2.x86_64",
"relates_to_product_reference": "AppStream-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhc-debuginfo-1:0.2.2-1.el8_8.2.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.8.8)",
"product_id": "AppStream-8.8.0.Z.E4S:rhc-debuginfo-1:0.2.2-1.el8_8.2.ppc64le"
},
"product_reference": "rhc-debuginfo-1:0.2.2-1.el8_8.2.ppc64le",
"relates_to_product_reference": "AppStream-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhc-debuginfo-1:0.2.2-1.el8_8.2.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.8)",
"product_id": "AppStream-8.8.0.Z.E4S:rhc-debuginfo-1:0.2.2-1.el8_8.2.x86_64"
},
"product_reference": "rhc-debuginfo-1:0.2.2-1.el8_8.2.x86_64",
"relates_to_product_reference": "AppStream-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhc-debugsource-1:0.2.2-1.el8_8.2.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.8.8)",
"product_id": "AppStream-8.8.0.Z.E4S:rhc-debugsource-1:0.2.2-1.el8_8.2.ppc64le"
},
"product_reference": "rhc-debugsource-1:0.2.2-1.el8_8.2.ppc64le",
"relates_to_product_reference": "AppStream-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhc-debugsource-1:0.2.2-1.el8_8.2.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.8.8)",
"product_id": "AppStream-8.8.0.Z.E4S:rhc-debugsource-1:0.2.2-1.el8_8.2.x86_64"
},
"product_reference": "rhc-debugsource-1:0.2.2-1.el8_8.2.x86_64",
"relates_to_product_reference": "AppStream-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhc-1:0.2.2-1.el8_8.2.src as a component of Red Hat Enterprise Linux AppStream TUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.TUS:rhc-1:0.2.2-1.el8_8.2.src"
},
"product_reference": "rhc-1:0.2.2-1.el8_8.2.src",
"relates_to_product_reference": "AppStream-8.8.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhc-1:0.2.2-1.el8_8.2.x86_64 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.TUS:rhc-1:0.2.2-1.el8_8.2.x86_64"
},
"product_reference": "rhc-1:0.2.2-1.el8_8.2.x86_64",
"relates_to_product_reference": "AppStream-8.8.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhc-debuginfo-1:0.2.2-1.el8_8.2.x86_64 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.TUS:rhc-debuginfo-1:0.2.2-1.el8_8.2.x86_64"
},
"product_reference": "rhc-debuginfo-1:0.2.2-1.el8_8.2.x86_64",
"relates_to_product_reference": "AppStream-8.8.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhc-debugsource-1:0.2.2-1.el8_8.2.x86_64 as a component of Red Hat Enterprise Linux AppStream TUS (v.8.8)",
"product_id": "AppStream-8.8.0.Z.TUS:rhc-debugsource-1:0.2.2-1.el8_8.2.x86_64"
},
"product_reference": "rhc-debugsource-1:0.2.2-1.el8_8.2.x86_64",
"relates_to_product_reference": "AppStream-8.8.0.Z.TUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-25679",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2026-03-06T22:02:11.567841+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445356"
}
],
"notes": [
{
"category": "description",
"text": "The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/url: Incorrect parsing of IPv6 host literals in net/url",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.8.0.Z.E4S:rhc-1:0.2.2-1.el8_8.2.ppc64le",
"AppStream-8.8.0.Z.E4S:rhc-1:0.2.2-1.el8_8.2.src",
"AppStream-8.8.0.Z.E4S:rhc-1:0.2.2-1.el8_8.2.x86_64",
"AppStream-8.8.0.Z.E4S:rhc-debuginfo-1:0.2.2-1.el8_8.2.ppc64le",
"AppStream-8.8.0.Z.E4S:rhc-debuginfo-1:0.2.2-1.el8_8.2.x86_64",
"AppStream-8.8.0.Z.E4S:rhc-debugsource-1:0.2.2-1.el8_8.2.ppc64le",
"AppStream-8.8.0.Z.E4S:rhc-debugsource-1:0.2.2-1.el8_8.2.x86_64",
"AppStream-8.8.0.Z.TUS:rhc-1:0.2.2-1.el8_8.2.src",
"AppStream-8.8.0.Z.TUS:rhc-1:0.2.2-1.el8_8.2.x86_64",
"AppStream-8.8.0.Z.TUS:rhc-debuginfo-1:0.2.2-1.el8_8.2.x86_64",
"AppStream-8.8.0.Z.TUS:rhc-debugsource-1:0.2.2-1.el8_8.2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "RHBZ#2445356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445356"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25679",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://go.dev/cl/752180",
"url": "https://go.dev/cl/752180"
},
{
"category": "external",
"summary": "https://go.dev/issue/77578",
"url": "https://go.dev/issue/77578"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk",
"url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4601",
"url": "https://pkg.go.dev/vuln/GO-2026-4601"
}
],
"release_date": "2026-03-06T21:28:14.211000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T11:44:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.8.0.Z.E4S:rhc-1:0.2.2-1.el8_8.2.ppc64le",
"AppStream-8.8.0.Z.E4S:rhc-1:0.2.2-1.el8_8.2.src",
"AppStream-8.8.0.Z.E4S:rhc-1:0.2.2-1.el8_8.2.x86_64",
"AppStream-8.8.0.Z.E4S:rhc-debuginfo-1:0.2.2-1.el8_8.2.ppc64le",
"AppStream-8.8.0.Z.E4S:rhc-debuginfo-1:0.2.2-1.el8_8.2.x86_64",
"AppStream-8.8.0.Z.E4S:rhc-debugsource-1:0.2.2-1.el8_8.2.ppc64le",
"AppStream-8.8.0.Z.E4S:rhc-debugsource-1:0.2.2-1.el8_8.2.x86_64",
"AppStream-8.8.0.Z.TUS:rhc-1:0.2.2-1.el8_8.2.src",
"AppStream-8.8.0.Z.TUS:rhc-1:0.2.2-1.el8_8.2.x86_64",
"AppStream-8.8.0.Z.TUS:rhc-debuginfo-1:0.2.2-1.el8_8.2.x86_64",
"AppStream-8.8.0.Z.TUS:rhc-debugsource-1:0.2.2-1.el8_8.2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9695"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-8.8.0.Z.E4S:rhc-1:0.2.2-1.el8_8.2.ppc64le",
"AppStream-8.8.0.Z.E4S:rhc-1:0.2.2-1.el8_8.2.src",
"AppStream-8.8.0.Z.E4S:rhc-1:0.2.2-1.el8_8.2.x86_64",
"AppStream-8.8.0.Z.E4S:rhc-debuginfo-1:0.2.2-1.el8_8.2.ppc64le",
"AppStream-8.8.0.Z.E4S:rhc-debuginfo-1:0.2.2-1.el8_8.2.x86_64",
"AppStream-8.8.0.Z.E4S:rhc-debugsource-1:0.2.2-1.el8_8.2.ppc64le",
"AppStream-8.8.0.Z.E4S:rhc-debugsource-1:0.2.2-1.el8_8.2.x86_64",
"AppStream-8.8.0.Z.TUS:rhc-1:0.2.2-1.el8_8.2.src",
"AppStream-8.8.0.Z.TUS:rhc-1:0.2.2-1.el8_8.2.x86_64",
"AppStream-8.8.0.Z.TUS:rhc-debuginfo-1:0.2.2-1.el8_8.2.x86_64",
"AppStream-8.8.0.Z.TUS:rhc-debugsource-1:0.2.2-1.el8_8.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.8.0.Z.E4S:rhc-1:0.2.2-1.el8_8.2.ppc64le",
"AppStream-8.8.0.Z.E4S:rhc-1:0.2.2-1.el8_8.2.src",
"AppStream-8.8.0.Z.E4S:rhc-1:0.2.2-1.el8_8.2.x86_64",
"AppStream-8.8.0.Z.E4S:rhc-debuginfo-1:0.2.2-1.el8_8.2.ppc64le",
"AppStream-8.8.0.Z.E4S:rhc-debuginfo-1:0.2.2-1.el8_8.2.x86_64",
"AppStream-8.8.0.Z.E4S:rhc-debugsource-1:0.2.2-1.el8_8.2.ppc64le",
"AppStream-8.8.0.Z.E4S:rhc-debugsource-1:0.2.2-1.el8_8.2.x86_64",
"AppStream-8.8.0.Z.TUS:rhc-1:0.2.2-1.el8_8.2.src",
"AppStream-8.8.0.Z.TUS:rhc-1:0.2.2-1.el8_8.2.x86_64",
"AppStream-8.8.0.Z.TUS:rhc-debuginfo-1:0.2.2-1.el8_8.2.x86_64",
"AppStream-8.8.0.Z.TUS:rhc-debugsource-1:0.2.2-1.el8_8.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/url: Incorrect parsing of IPv6 host literals in net/url"
}
]
}
RHSA-2026:9742
Vulnerability from csaf_redhat - Published: 2026-04-22 14:56 - Updated: 2026-07-03 00:52A flaw was found in Axios, a promise-based HTTP client. This vulnerability occurs because Axios does not correctly handle hostname normalization when evaluating NO_PROXY rules. An attacker can exploit this by crafting requests to loopback addresses (e.g., localhost. or [::1]) which bypass the NO_PROXY configuration and are routed through the configured proxy. This can lead to Server-Side Request Forgery (SSRF) vulnerabilities, enabling attackers to access sensitive internal or loopback services that should otherwise be protected.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64 | — |
Workaround
|
A flaw was found in Python-Markdown. Parsing crafted markdown content containing malformed HTML-like sequences causes html.parser.HTMLParser to raise an unhandled AssertionError. This unhandled exception allows an attacker to cause an application crash and potentially disclose sensitive information via its stack trace.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64 | — |
Workaround
|
A flaw was found in ajv. When the $data option is enabled, the value of the pattern keyword is passed directly to the JavaScript RegExp() constructor without sufficient validation. An attacker able to supply a malicious regular expression pattern can trigger a ReDoS (Regular Expression Denial of Service), causing the application to become unresponsive and resulting in a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64 | — |
Workaround
|
A flaw was found in undici, a Node.js HTTP/1.1 client. A remote attacker could exploit this vulnerability by sending HTTP/1.1 requests that include duplicate Content-Length headers with different casing (e.g., "Content-Length" and "content-length"). This can lead to HTTP Request Smuggling, a technique where an attacker sends an ambiguous request that is interpreted differently by a proxy and a backend server. Successful exploitation could result in unauthorized access, cache poisoning, or credential hijacking. It may also cause a Denial of Service (DoS) if strict HTTP parsers reject the malformed requests.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64 | — |
Workaround
|
A flaw was found in undici. A remote attacker can exploit this vulnerability by sending a specially crafted compressed frame, known as a "decompression bomb," during permessage-deflate decompression. The undici WebSocket client does not properly limit the size of decompressed data, leading to unbounded memory consumption. This can cause the Node.js process to exhaust available memory, resulting in a denial of service (DoS) where the process crashes or becomes unresponsive.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64 | — |
Workaround
|
A flaw was found in undici. A remote attacker could exploit this vulnerability by sending a specially crafted WebSocket frame with an extremely large 64-bit length. This causes undici's ByteParser to overflow its internal calculations, leading to an invalid state and a fatal TypeError. The primary consequence is a Denial of Service (DoS), which terminates the process.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64 | — |
Workaround
|
A flaw was found in the undici WebSocket client. A remote malicious server can exploit this vulnerability by sending a WebSocket frame with an invalid `server_max_window_bits` parameter within the permessage-deflate extension. This improper validation causes the client's Node.js process to terminate, leading to a denial-of-service (DoS) condition for the client.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64 | — |
Workaround
|
A security flaw was identified in the Orchestrator Plugin of Red Hat Developer Hub (Backstage). The issue occurs due to insufficient input validation in GraphQL query handling. An authenticated user can inject specially crafted input into API requests, which disrupts backend query processing. This results in the entire Backstage application crashing and restarting, leading to a platform-wide Denial of Service (DoS). As a result, legitimate users temporarily lose access to the platform.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64 | — |
Workaround
|
A flaw was found in lodash. The fix for CVE-2021-23337 added validation for the variable option in _.template but did not apply the same validation to options.imports key names. Both paths flow into the same Function() constructor sink. Additionally, _.template uses assignInWith to merge imports, which enumerates inherited properties via for..in. If Object.prototype has been polluted by any other vector, the polluted keys are copied into the imports object and passed to Function().
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64 | — |
Workaround
|
A flaw was found in path-to-regexp. A remote attacker could exploit this vulnerability by providing specially crafted input that generates a regular expression with multiple sequential optional groups. This leads to an exponential growth in the generated regular expression, causing a Denial of Service (DoS) due to excessive resource consumption.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64 | — |
Workaround
|
The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64 | — |
Workaround
|
A flaw was found in minimatch. A remote attacker could exploit this Regular Expression Denial of Service (ReDoS) vulnerability by providing a specially crafted glob pattern. This pattern, containing numerous consecutive wildcard characters, causes excessive processing and exponential backtracking in the regular expression engine. Successful exploitation leads to a Denial of Service (DoS), making the application unresponsive.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64 | — | ||
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64 | — |
A flaw was found in Underscore.js, a JavaScript utility library. This vulnerability allows a remote attacker to trigger a Denial of Service (DoS) attack by providing specially crafted recursive data structures. When these structures are processed by the _.flatten or _.isEqual functions, which lack a depth limit for recursion, a stack overflow occurs. This can make the application unavailable to legitimate users.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64 | — |
Workaround
|
A flaw was found in minimatch. A remote attacker could exploit this vulnerability by providing a specially crafted glob expression with nested unbounded quantifiers. This could lead to catastrophic backtracking in the V8 JavaScript engine, causing the application to become unresponsive and resulting in a Denial of Service (DoS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64 | — | ||
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64 | — |
A flaw was found in Immutable.js, a library for persistent immutable data structures. This vulnerability, known as Prototype Pollution, allows an attacker with low privileges to inject unwanted properties into core JavaScript object prototypes without user interaction. By manipulating specific APIs such as mergeDeep(), mergeDeepWith(), merge(), Map.toJS(), and Map.toObject(), a remote attacker could potentially execute arbitrary code or cause a denial of service (DoS).
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64 | — | ||
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64 | — |
A flaw was found in SVGO, an SVG (Scalable Vector Graphics) Optimizer. This vulnerability allows a remote attacker to cause a Denial of Service (DoS) by submitting a specially crafted XML file. The application's failure to properly guard against XML entity expansion or recursion can lead to the Node.js process consuming excessive memory and crashing.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64 | — |
Workaround
|
A flaw was found in Backstage. The backstage/plugin-techdocs-node package uses an allowlist to filter dangerous MkDocs configuration keys during the documentation build process. A gap in this allowlist allows attackers to craft an mkdocs.yml file that causes arbitrary Python code execution.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64 | — |
Workaround
|
A denial of service flaw has been discovered in the flatted npm library. flatted's parse() function uses a recursive revive() phase to resolve circular references in deserialized JSON. When given a crafted payload with deeply nested or self-referential $ indices, the recursion depth is unbounded, causing a stack overflow that crashes the Node.js process.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64 | — |
Workaround
|
A flaw was found in fast-xml-parser. A remote attacker can exploit this vulnerability by supplying specially crafted XML input containing numeric character references or standard XML entities. This input can bypass configured entity expansion limits, leading to excessive memory allocation and high CPU usage. The primary consequence is a Denial of Service (DoS), which can crash the affected process.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64 | — |
Workaround
|
A flaw was found in flatted, a JavaScript Object Notation (JSON) parser designed for handling circular data structures. A remote attacker can exploit this vulnerability by providing specially crafted JSON input. The parse() function in flatted fails to properly validate string values used as array index keys, allowing an attacker to manipulate internal JavaScript object prototypes. This prototype pollution can enable an attacker to execute arbitrary code or cause a denial of service, impacting the availability and integrity of affected systems.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64 | — | ||
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64 | — |
A flaw was found in the node-forge library, a JavaScript implementation of Transport Layer Security. This vulnerability, inherited from the bundled jsbn library, allows a remote attacker to cause a Denial of Service (DoS). When the BigInteger.modInverse() function is called with a zero value, it enters an infinite loop, causing the process to hang indefinitely and consume 100% of the CPU resources.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64 | — |
Workaround
|
A flaw was found in Forge (also called `node-forge`), a JavaScript implementation of Transport Layer Security. A remote attacker could exploit weaknesses in the RSASSA PKCS#1 v1.5 signature verification process. By crafting malicious signatures that include extra data within the ASN structure and do not meet padding requirements, an attacker can bypass signature validation. This allows for the creation of forged signatures that appear legitimate, potentially compromising the integrity and authenticity of communications.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64 | — |
Workaround
|
A flaw was found in Forge (also called `node-forge`), a JavaScript library used for Transport Layer Security (TLS). The library's Ed25519 signature verification process does not correctly validate cryptographic signatures, allowing forged non-canonical signatures to be accepted. A remote attacker could exploit this signature malleability to bypass authentication and authorization logic. This vulnerability can also circumvent security checks in applications that rely on the uniqueness of cryptographic signatures for functions such as deduplication or preventing replay attacks.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64 | — |
Workaround
|
A flaw was found in Forge (also known as node-forge), a JavaScript implementation of Transport Layer Security (TLS). The `pki.verifyCertificateChain()` function does not properly enforce certificate validation rules. This oversight allows an intermediate certificate that lacks specific security extensions to enable any leaf certificate to function as a Certificate Authority (CA) and sign other certificates. Consequently, node-forge could accept these unauthorized certificates as valid, potentially leading to spoofing or the issuance of illegitimate certificates.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64 | — |
Workaround
|
A flaw was found in basic-ftp, an FTP client for Node.js. A remote attacker can exploit this vulnerability by injecting Carriage Return Line Feed (CRLF) sequences into file path parameters used by high-level APIs. This allows the attacker to split a single intended FTP command into multiple commands. Such command injection can lead to the execution of arbitrary commands, potentially compromising the integrity and availability of data or the system.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64 | — |
Workaround
|
A flaw was found in Axios, a promise-based HTTP client. This vulnerability, known as Prototype Pollution, can be exploited through a specific "Gadget" attack chain. This allows an attacker to escalate a Prototype Pollution vulnerability in a third-party dependency, potentially leading to remote code execution or a full cloud compromise, such as bypassing AWS IMDSv2.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64 | — | ||
| Unresolved product id: Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64 | — |
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat Developer Hub 1.8.6 has been released.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Developer Hub (RHDH) is Red Hat\u0027s enterprise-grade, self-managed, customizable developer portal based on Backstage.io. RHDH is supported on OpenShift and other major Kubernetes clusters (AKS, EKS, GKE). The core features of RHDH include a single pane of glass, a centralized software catalog, self-service via golden path templates, and Tech Docs. RHDH is extensible by plugins.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:9742",
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-62718",
"url": "https://access.redhat.com/security/cve/CVE-2025-62718"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-69534",
"url": "https://access.redhat.com/security/cve/CVE-2025-69534"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-69873",
"url": "https://access.redhat.com/security/cve/CVE-2025-69873"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-1525",
"url": "https://access.redhat.com/security/cve/CVE-2026-1525"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-1526",
"url": "https://access.redhat.com/security/cve/CVE-2026-1526"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-1528",
"url": "https://access.redhat.com/security/cve/CVE-2026-1528"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-2229",
"url": "https://access.redhat.com/security/cve/CVE-2026-2229"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-25679",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-26996",
"url": "https://access.redhat.com/security/cve/CVE-2026-26996"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-27601",
"url": "https://access.redhat.com/security/cve/CVE-2026-27601"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-27904",
"url": "https://access.redhat.com/security/cve/CVE-2026-27904"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-29063",
"url": "https://access.redhat.com/security/cve/CVE-2026-29063"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-29074",
"url": "https://access.redhat.com/security/cve/CVE-2026-29074"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-29186",
"url": "https://access.redhat.com/security/cve/CVE-2026-29186"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-3118",
"url": "https://access.redhat.com/security/cve/CVE-2026-3118"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32141",
"url": "https://access.redhat.com/security/cve/CVE-2026-32141"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33036",
"url": "https://access.redhat.com/security/cve/CVE-2026-33036"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33228",
"url": "https://access.redhat.com/security/cve/CVE-2026-33228"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33891",
"url": "https://access.redhat.com/security/cve/CVE-2026-33891"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33894",
"url": "https://access.redhat.com/security/cve/CVE-2026-33894"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33895",
"url": "https://access.redhat.com/security/cve/CVE-2026-33895"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33896",
"url": "https://access.redhat.com/security/cve/CVE-2026-33896"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-39983",
"url": "https://access.redhat.com/security/cve/CVE-2026-39983"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-40175",
"url": "https://access.redhat.com/security/cve/CVE-2026-40175"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-4800",
"url": "https://access.redhat.com/security/cve/CVE-2026-4800"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-4926",
"url": "https://access.redhat.com/security/cve/CVE-2026-4926"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://catalog.redhat.com/search?gs\u0026searchType=containers\u0026q=rhdh",
"url": "https://catalog.redhat.com/search?gs\u0026searchType=containers\u0026q=rhdh"
},
{
"category": "external",
"summary": "https://developers.redhat.com/rhdh/overview",
"url": "https://developers.redhat.com/rhdh/overview"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_developer_hub",
"url": "https://docs.redhat.com/en/documentation/red_hat_developer_hub"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHDHBUGS-2288",
"url": "https://issues.redhat.com/browse/RHDHBUGS-2288"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHDHBUGS-2947",
"url": "https://issues.redhat.com/browse/RHDHBUGS-2947"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHDHBUGS-2972",
"url": "https://issues.redhat.com/browse/RHDHBUGS-2972"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-12327",
"url": "https://issues.redhat.com/browse/RHIDP-12327"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-12388",
"url": "https://issues.redhat.com/browse/RHIDP-12388"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-12419",
"url": "https://issues.redhat.com/browse/RHIDP-12419"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-12511",
"url": "https://issues.redhat.com/browse/RHIDP-12511"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-12568",
"url": "https://issues.redhat.com/browse/RHIDP-12568"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-12647",
"url": "https://issues.redhat.com/browse/RHIDP-12647"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-12650",
"url": "https://issues.redhat.com/browse/RHIDP-12650"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-12655",
"url": "https://issues.redhat.com/browse/RHIDP-12655"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-12666",
"url": "https://issues.redhat.com/browse/RHIDP-12666"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-12686",
"url": "https://issues.redhat.com/browse/RHIDP-12686"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-12784",
"url": "https://issues.redhat.com/browse/RHIDP-12784"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-12880",
"url": "https://issues.redhat.com/browse/RHIDP-12880"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-12887",
"url": "https://issues.redhat.com/browse/RHIDP-12887"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-12921",
"url": "https://issues.redhat.com/browse/RHIDP-12921"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-12930",
"url": "https://issues.redhat.com/browse/RHIDP-12930"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-12996",
"url": "https://issues.redhat.com/browse/RHIDP-12996"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-13105",
"url": "https://issues.redhat.com/browse/RHIDP-13105"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-13107",
"url": "https://issues.redhat.com/browse/RHIDP-13107"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-13130",
"url": "https://issues.redhat.com/browse/RHIDP-13130"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-13180",
"url": "https://issues.redhat.com/browse/RHIDP-13180"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-13182",
"url": "https://issues.redhat.com/browse/RHIDP-13182"
},
{
"category": "external",
"summary": "https://issues.redhat.com/browse/RHIDP-13185",
"url": "https://issues.redhat.com/browse/RHIDP-13185"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_9742.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Developer Hub 1.8.6 release.",
"tracking": {
"current_release_date": "2026-07-03T00:52:35+00:00",
"generator": {
"date": "2026-07-03T00:52:35+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:9742",
"initial_release_date": "2026-04-22T14:56:38+00:00",
"revision_history": [
{
"date": "2026-04-22T14:56:38+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-04-22T14:56:41+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-03T00:52:35+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Developer Hub 1.8",
"product": {
"name": "Red Hat Developer Hub 1.8",
"product_id": "Red Hat Developer Hub 1.8",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhdh:1.8::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Developer Hub"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"product": {
"name": "registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"product_id": "registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhdh-hub-rhel9@sha256%3Abb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9?arch=amd64\u0026repository_url=registry.redhat.io/rhdh\u0026tag=1776784286"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64",
"product": {
"name": "registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64",
"product_id": "registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhdh-rhel9-operator@sha256%3Af09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c?arch=amd64\u0026repository_url=registry.redhat.io/rhdh\u0026tag=1776783947"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"product": {
"name": "registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"product_id": "registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhdh-operator-bundle@sha256%3Ab40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331?arch=amd64\u0026repository_url=registry.redhat.io/rhdh\u0026tag=1776787729"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64 as a component of Red Hat Developer Hub 1.8",
"product_id": "Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
},
"product_reference": "registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"relates_to_product_reference": "Red Hat Developer Hub 1.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64 as a component of Red Hat Developer Hub 1.8",
"product_id": "Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64"
},
"product_reference": "registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"relates_to_product_reference": "Red Hat Developer Hub 1.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64 as a component of Red Hat Developer Hub 1.8",
"product_id": "Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
},
"product_reference": "registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64",
"relates_to_product_reference": "Red Hat Developer Hub 1.8"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-62718",
"cwe": {
"id": "CWE-1289",
"name": "Improper Validation of Unsafe Equivalence in Input"
},
"discovery_date": "2026-04-09T15:01:48.111177+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456913"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a promise-based HTTP client. This vulnerability occurs because Axios does not correctly handle hostname normalization when evaluating NO_PROXY rules. An attacker can exploit this by crafting requests to loopback addresses (e.g., localhost. or [::1]) which bypass the NO_PROXY configuration and are routed through the configured proxy. This can lead to Server-Side Request Forgery (SSRF) vulnerabilities, enabling attackers to access sensitive internal or loopback services that should otherwise be protected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Server-Side Request Forgery and proxy bypass due to improper hostname normalization",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw has limited impact due to combination of non-default conditions to exploit: the attacker must be able to control or influence URLs passed to axios in a server-side context, the application must have both `HTTP_PROXY` and `NO_PROXY` configured, and the proxy itself must be positioned to act on the misdirected traffic or have been compromised by the attacker to intercept the rerouted traffic.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-62718"
},
{
"category": "external",
"summary": "RHBZ#2456913",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456913"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-62718",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-62718"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-62718",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62718"
},
{
"category": "external",
"summary": "https://datatracker.ietf.org/doc/html/rfc1034#section-3.1",
"url": "https://datatracker.ietf.org/doc/html/rfc1034#section-3.1"
},
{
"category": "external",
"summary": "https://datatracker.ietf.org/doc/html/rfc3986#section-3.2.2",
"url": "https://datatracker.ietf.org/doc/html/rfc3986#section-3.2.2"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/commit/fb3befb6daac6cad26b2e54094d0f2d9e47f24df",
"url": "https://github.com/axios/axios/commit/fb3befb6daac6cad26b2e54094d0f2d9e47f24df"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/pull/10661",
"url": "https://github.com/axios/axios/pull/10661"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/releases/tag/v1.15.0",
"url": "https://github.com/axios/axios/releases/tag/v1.15.0"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-3p68-rc4w-qgx5",
"url": "https://github.com/axios/axios/security/advisories/GHSA-3p68-rc4w-qgx5"
}
],
"release_date": "2026-04-09T14:31:46.067000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: Server-Side Request Forgery and proxy bypass due to improper hostname normalization"
},
{
"cve": "CVE-2025-69534",
"cwe": {
"id": "CWE-617",
"name": "Reachable Assertion"
},
"discovery_date": "2026-03-05T16:01:10.432461+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2444839"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Python-Markdown. Parsing crafted markdown content containing malformed HTML-like sequences causes html.parser.HTMLParser to raise an unhandled AssertionError. This unhandled exception allows an attacker to cause an application crash and potentially disclose sensitive information via its stack trace.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "python-markdown: denial of service via malformed HTML-like sequences",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker must be able to supply a specially crafted payload to be processed by an application using Python-Markdown. Additionally, the security impact of this vulnerability is limited to an information disclosure via the unhandled exception stack trace and a denial of service. There is no memory corruption or arbitrary command execution. Due to these reasons, this issue has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-69534"
},
{
"category": "external",
"summary": "RHBZ#2444839",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2444839"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-69534",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69534"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-69534",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69534"
},
{
"category": "external",
"summary": "https://github.com/Python-Markdown/markdown",
"url": "https://github.com/Python-Markdown/markdown"
},
{
"category": "external",
"summary": "https://github.com/Python-Markdown/markdown/actions/runs/15736122892",
"url": "https://github.com/Python-Markdown/markdown/actions/runs/15736122892"
},
{
"category": "external",
"summary": "https://github.com/Python-Markdown/markdown/issues/1534",
"url": "https://github.com/Python-Markdown/markdown/issues/1534"
}
],
"release_date": "2026-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, wrap your markdown parsing function in a try/except block. This catches the unhandled exception, preventing both the application crash and the stack trace leak.",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "python-markdown: denial of service via malformed HTML-like sequences"
},
{
"cve": "CVE-2025-69873",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2026-02-11T19:01:32.953264+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2439070"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in ajv. When the $data option is enabled, the value of the pattern keyword is passed directly to the JavaScript RegExp() constructor without sufficient validation. An attacker able to supply a malicious regular expression pattern can trigger a ReDoS (Regular Expression Denial of Service), causing the application to become unresponsive and resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ajv: ReDoS via $data reference",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, the $data option must be enabled and the attacker needs to be able to send a payload with a specially crafted regular expression to the application processing the input. A 31-character payload causes approximately 44 seconds of execution, with each additional character doubling the execution time. Therefore, even a small payload can cause an application to become unresponsive and eventually result in a denial of service. Due to this reason, this flaw has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-69873"
},
{
"category": "external",
"summary": "RHBZ#2439070",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439070"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-69873",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-69873"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-69873",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-69873"
},
{
"category": "external",
"summary": "https://github.com/EthanKim88/ethan-cve-disclosures/blob/main/CVE-2025-69873-ajv-ReDoS.md",
"url": "https://github.com/EthanKim88/ethan-cve-disclosures/blob/main/CVE-2025-69873-ajv-ReDoS.md"
}
],
"release_date": "2026-02-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
},
{
"category": "workaround",
"details": "To mitigate this issue, disable the $data feature if your application does not require it. If $data must be used, implement strict validation of the input fields that are referenced by the pattern keyword to ensure they contain only expected and safe characters.",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "ajv: ReDoS via $data reference"
},
{
"cve": "CVE-2026-1525",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2026-03-12T21:01:33.639277+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447144"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in undici, a Node.js HTTP/1.1 client. A remote attacker could exploit this vulnerability by sending HTTP/1.1 requests that include duplicate Content-Length headers with different casing (e.g., \"Content-Length\" and \"content-length\"). This can lead to HTTP Request Smuggling, a technique where an attacker sends an ambiguous request that is interpreted differently by a proxy and a backend server. Successful exploitation could result in unauthorized access, cache poisoning, or credential hijacking. It may also cause a Denial of Service (DoS) if strict HTTP parsers reject the malformed requests.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: Undici: HTTP Request Smuggling and Denial of Service due to duplicate Content-Length headers",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Moderate impact. A flaw in the undici Node.js HTTP/1.1 client allows for HTTP Request Smuggling or Denial of Service. This can occur in Red Hat products that use undici and process HTTP requests where user-controlled header names are not case-normalized, or headers are passed as flat arrays.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-1525"
},
{
"category": "external",
"summary": "RHBZ#2447144",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447144"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-1525",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1525"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-1525",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1525"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://cwe.mitre.org/data/definitions/444.html",
"url": "https://cwe.mitre.org/data/definitions/444.html"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-2mjp-6q6p-2qxm",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-2mjp-6q6p-2qxm"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3556037",
"url": "https://hackerone.com/reports/3556037"
},
{
"category": "external",
"summary": "https://www.rfc-editor.org/rfc/rfc9110.html#section-8.6",
"url": "https://www.rfc-editor.org/rfc/rfc9110.html#section-8.6"
}
],
"release_date": "2026-03-12T19:56:55.092000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undici: Undici: HTTP Request Smuggling and Denial of Service due to duplicate Content-Length headers"
},
{
"cve": "CVE-2026-1526",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-03-12T21:01:25.538271+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447142"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in undici. A remote attacker can exploit this vulnerability by sending a specially crafted compressed frame, known as a \"decompression bomb,\" during permessage-deflate decompression. The undici WebSocket client does not properly limit the size of decompressed data, leading to unbounded memory consumption. This can cause the Node.js process to exhaust available memory, resulting in a denial of service (DoS) where the process crashes or becomes unresponsive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: undici: Denial of Service via unbounded memory consumption during WebSocket permessage-deflate decompression",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-1526"
},
{
"category": "external",
"summary": "RHBZ#2447142",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447142"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-1526",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1526"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-1526",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1526"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://datatracker.ietf.org/doc/html/rfc7692",
"url": "https://datatracker.ietf.org/doc/html/rfc7692"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-vrm6-8vpv-qv8q",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-vrm6-8vpv-qv8q"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3481206",
"url": "https://hackerone.com/reports/3481206"
}
],
"release_date": "2026-03-12T20:08:05.950000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undici: undici: Denial of Service via unbounded memory consumption during WebSocket permessage-deflate decompression"
},
{
"cve": "CVE-2026-1528",
"cwe": {
"id": "CWE-248",
"name": "Uncaught Exception"
},
"discovery_date": "2026-03-12T21:01:36.954017+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447145"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in undici. A remote attacker could exploit this vulnerability by sending a specially crafted WebSocket frame with an extremely large 64-bit length. This causes undici\u0027s ByteParser to overflow its internal calculations, leading to an invalid state and a fatal TypeError. The primary consequence is a Denial of Service (DoS), which terminates the process.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: undici: Denial of Service via crafted WebSocket frame with large length",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-1528"
},
{
"category": "external",
"summary": "RHBZ#2447145",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447145"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-1528",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1528"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-1528",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1528"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-f269-vfmq-vjvj",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-f269-vfmq-vjvj"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3537648",
"url": "https://hackerone.com/reports/3537648"
}
],
"release_date": "2026-03-12T20:21:57.775000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undici: undici: Denial of Service via crafted WebSocket frame with large length"
},
{
"cve": "CVE-2026-2229",
"cwe": {
"id": "CWE-248",
"name": "Uncaught Exception"
},
"discovery_date": "2026-03-12T21:01:29.187989+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447143"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the undici WebSocket client. A remote malicious server can exploit this vulnerability by sending a WebSocket frame with an invalid `server_max_window_bits` parameter within the permessage-deflate extension. This improper validation causes the client\u0027s Node.js process to terminate, leading to a denial-of-service (DoS) condition for the client.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undici: Undici: Denial of Service via invalid WebSocket permessage-deflate extension parameter",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-2229"
},
{
"category": "external",
"summary": "RHBZ#2447143",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447143"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-2229",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-2229"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-2229",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-2229"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://datatracker.ietf.org/doc/html/rfc7692",
"url": "https://datatracker.ietf.org/doc/html/rfc7692"
},
{
"category": "external",
"summary": "https://github.com/nodejs/undici/security/advisories/GHSA-v9p9-hfj2-hcw8",
"url": "https://github.com/nodejs/undici/security/advisories/GHSA-v9p9-hfj2-hcw8"
},
{
"category": "external",
"summary": "https://hackerone.com/reports/3487486",
"url": "https://hackerone.com/reports/3487486"
},
{
"category": "external",
"summary": "https://nodejs.org/api/zlib.html#class-zlibinflateraw",
"url": "https://nodejs.org/api/zlib.html#class-zlibinflateraw"
}
],
"release_date": "2026-03-12T20:27:05.600000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "undici: Undici: Denial of Service via invalid WebSocket permessage-deflate extension parameter"
},
{
"acknowledgments": [
{
"names": [
"Thibault Guittet"
]
}
],
"cve": "CVE-2026-3118",
"cwe": {
"id": "CWE-89",
"name": "Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)"
},
"discovery_date": "2026-02-24T12:08:42.955000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2442273"
}
],
"notes": [
{
"category": "description",
"text": "A security flaw was identified in the Orchestrator Plugin of Red Hat Developer Hub (Backstage). The issue occurs due to insufficient input validation in GraphQL query handling. An authenticated user can inject specially crafted input into API requests, which disrupts backend query processing. This results in the entire Backstage application crashing and restarting, leading to a platform-wide Denial of Service (DoS). As a result, legitimate users temporarily lose access to the platform.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rhdh: GraphQL Injection Leading to Platform-Wide Denial of Service (DoS) in RH Developer Hub Orchestrator Plugin",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This MODERATE impact vulnerability in the Orchestrator Plugin of Red Hat Developer Hub (Backstage) allows an authenticated attacker to cause a platform-wide Denial of Service. By injecting specially crafted input into GraphQL API requests, an attacker can disrupt backend query processing, leading to the application crashing and restarting. This issue temporarily prevents legitimate users from accessing the platform.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-3118"
},
{
"category": "external",
"summary": "RHBZ#2442273",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442273"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-3118",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-3118"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-3118",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-3118"
}
],
"release_date": "2026-02-24T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
},
{
"category": "workaround",
"details": "To mitigate this issue, restrict network access to the Red Hat Developer Hub instance to trusted users and networks only. This limits the exposure of the vulnerable Orchestrator Plugin to unauthorized access.",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "rhdh: GraphQL Injection Leading to Platform-Wide Denial of Service (DoS) in RH Developer Hub Orchestrator Plugin"
},
{
"cve": "CVE-2026-4800",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2026-03-31T20:01:21.918257+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2453496"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in lodash. The fix for CVE-2021-23337 added validation for the variable option in _.template but did not apply the same validation to options.imports key names. Both paths flow into the same Function() constructor sink. Additionally, _.template uses assignInWith to merge imports, which enumerates inherited properties via for..in. If Object.prototype has been polluted by any other vector, the polluted keys are copied into the imports object and passed to Function().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "lodash: lodash: Arbitrary code execution via untrusted input in template imports",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "In the context of Red Hat Enterprise Linux, the grafana and grafana-pcp packages execute the affected JavaScript entirely client-side within the user\u0027s browser. Consequently, the attack surface is strictly restricted to the local browser environment.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-4800"
},
{
"category": "external",
"summary": "RHBZ#2453496",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453496"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-4800",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-4800"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-4800",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4800"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-35jh-r3h4-6jhm",
"url": "https://github.com/advisories/GHSA-35jh-r3h4-6jhm"
},
{
"category": "external",
"summary": "https://github.com/lodash/lodash/commit/3469357cff396a26c363f8c1b5a91dde28ba4b1c",
"url": "https://github.com/lodash/lodash/commit/3469357cff396a26c363f8c1b5a91dde28ba4b1c"
}
],
"release_date": "2026-03-31T19:25:55.987000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "lodash: lodash: Arbitrary code execution via untrusted input in template imports"
},
{
"cve": "CVE-2026-4926",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2026-03-26T20:03:28.427630+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2451867"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in path-to-regexp. A remote attacker could exploit this vulnerability by providing specially crafted input that generates a regular expression with multiple sequential optional groups. This leads to an exponential growth in the generated regular expression, causing a Denial of Service (DoS) due to excessive resource consumption.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "path-to-regexp: path-to-regexp: Denial of Service via crafted regular expressions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important flaw in `path-to-regexp` that can lead to a Denial of Service. The vulnerability occurs when specially crafted input containing multiple sequential optional groups is used to generate regular expressions, causing exponential resource consumption.\n\nThe Red Hat Advanced Cluster Security is not affected by this issue since it\u0027s shipping a `path-to-regexp` version which doesn\u0027t contain the vulnerable code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-4926"
},
{
"category": "external",
"summary": "RHBZ#2451867",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451867"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-4926",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-4926"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-4926",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4926"
},
{
"category": "external",
"summary": "https://cna.openjsf.org/security-advisories.html",
"url": "https://cna.openjsf.org/security-advisories.html"
}
],
"release_date": "2026-03-26T18:59:38+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, limit the use of multiple sequential optional groups in route patterns within applications that use `path-to-regexp`. Additionally, avoid directly passing user-controlled input as route patterns to prevent the generation of maliciously crafted regular expressions.",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "path-to-regexp: path-to-regexp: Denial of Service via crafted regular expressions"
},
{
"cve": "CVE-2026-25679",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2026-03-06T22:02:11.567841+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445356"
}
],
"notes": [
{
"category": "description",
"text": "The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/url: Incorrect parsing of IPv6 host literals in net/url",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "RHBZ#2445356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445356"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25679",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://go.dev/cl/752180",
"url": "https://go.dev/cl/752180"
},
{
"category": "external",
"summary": "https://go.dev/issue/77578",
"url": "https://go.dev/issue/77578"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk",
"url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4601",
"url": "https://pkg.go.dev/vuln/GO-2026-4601"
}
],
"release_date": "2026-03-06T21:28:14.211000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/url: Incorrect parsing of IPv6 host literals in net/url"
},
{
"cve": "CVE-2026-26996",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2026-02-20T04:01:11.896063+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2441268"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in minimatch. A remote attacker could exploit this Regular Expression Denial of Service (ReDoS) vulnerability by providing a specially crafted glob pattern. This pattern, containing numerous consecutive wildcard characters, causes excessive processing and exponential backtracking in the regular expression engine. Successful exploitation leads to a Denial of Service (DoS), making the application unresponsive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "minimatch: minimatch: Denial of Service via specially crafted glob patterns",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Exploitation of this flaw requires that a user or service processes untrusted input.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-26996"
},
{
"category": "external",
"summary": "RHBZ#2441268",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2441268"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-26996",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-26996"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-26996",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26996"
},
{
"category": "external",
"summary": "https://github.com/isaacs/minimatch/commit/2e111f3a79abc00fa73110195de2c0f2351904f5",
"url": "https://github.com/isaacs/minimatch/commit/2e111f3a79abc00fa73110195de2c0f2351904f5"
},
{
"category": "external",
"summary": "https://github.com/isaacs/minimatch/security/advisories/GHSA-3ppc-4f35-3m26",
"url": "https://github.com/isaacs/minimatch/security/advisories/GHSA-3ppc-4f35-3m26"
}
],
"release_date": "2026-02-20T03:05:21.105000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "minimatch: minimatch: Denial of Service via specially crafted glob patterns"
},
{
"cve": "CVE-2026-27601",
"cwe": {
"id": "CWE-606",
"name": "Unchecked Input for Loop Condition"
},
"discovery_date": "2026-03-03T23:01:58.011378+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2444247"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Underscore.js, a JavaScript utility library. This vulnerability allows a remote attacker to trigger a Denial of Service (DoS) attack by providing specially crafted recursive data structures. When these structures are processed by the _.flatten or _.isEqual functions, which lack a depth limit for recursion, a stack overflow occurs. This can make the application unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Underscore.js: Underscore.js: Denial of Service via recursive data structures in flatten and isEqual functions",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27601"
},
{
"category": "external",
"summary": "RHBZ#2444247",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2444247"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27601",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27601"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27601",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27601"
},
{
"category": "external",
"summary": "https://github.com/jashkenas/underscore/commit/411e222eb0ca5d570cc4f6315c02c05b830ed2b4",
"url": "https://github.com/jashkenas/underscore/commit/411e222eb0ca5d570cc4f6315c02c05b830ed2b4"
},
{
"category": "external",
"summary": "https://github.com/jashkenas/underscore/commit/a6e23ae9647461ec33ad9f92a2ecfc220eea0a84",
"url": "https://github.com/jashkenas/underscore/commit/a6e23ae9647461ec33ad9f92a2ecfc220eea0a84"
},
{
"category": "external",
"summary": "https://github.com/jashkenas/underscore/security/advisories/GHSA-qpx9-hpmf-5gmw",
"url": "https://github.com/jashkenas/underscore/security/advisories/GHSA-qpx9-hpmf-5gmw"
}
],
"release_date": "2026-03-03T22:38:38.955000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
},
{
"category": "workaround",
"details": "To mitigate this issue, applications utilizing Underscore.js should ensure that any processing of untrusted, recursively structured data with `_.flatten` or `_.isEqual` explicitly enforces a finite depth limit. Review application code to identify and modify calls to these functions, adding appropriate depth parameters to prevent stack overflow conditions. Additionally, input validation should be implemented to sanitize untrusted data before it is processed by Underscore.js functions.",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "Underscore.js: Underscore.js: Denial of Service via recursive data structures in flatten and isEqual functions"
},
{
"cve": "CVE-2026-27904",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2026-02-26T02:01:23.004531+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2442922"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in minimatch. A remote attacker could exploit this vulnerability by providing a specially crafted glob expression with nested unbounded quantifiers. This could lead to catastrophic backtracking in the V8 JavaScript engine, causing the application to become unresponsive and resulting in a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Exploitation of this flaw requires that a user or service processes untrusted input.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27904"
},
{
"category": "external",
"summary": "RHBZ#2442922",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442922"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27904",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27904"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27904",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27904"
},
{
"category": "external",
"summary": "https://github.com/isaacs/minimatch/security/advisories/GHSA-23c5-xmqv-rm74",
"url": "https://github.com/isaacs/minimatch/security/advisories/GHSA-23c5-xmqv-rm74"
}
],
"release_date": "2026-02-26T01:07:42.693000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions"
},
{
"cve": "CVE-2026-29063",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2026-03-06T19:00:57.982727+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445291"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Immutable.js, a library for persistent immutable data structures. This vulnerability, known as Prototype Pollution, allows an attacker with low privileges to inject unwanted properties into core JavaScript object prototypes without user interaction. By manipulating specific APIs such as mergeDeep(), mergeDeepWith(), merge(), Map.toJS(), and Map.toObject(), a remote attacker could potentially execute arbitrary code or cause a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "immutable-js: Immutable.js: Arbitrary code execution via Prototype Pollution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Exploitation of this vulnerability requires that an attacker is able to provide arbitrary data to clients of this library in a way that calls the affected functions with data the attacker controls. In most deployments, the ability to provide data in this fashion requires that an attacker has some degree of privileges to access the affected applications.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-29063"
},
{
"category": "external",
"summary": "RHBZ#2445291",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445291"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-29063",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-29063"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-29063",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-29063"
},
{
"category": "external",
"summary": "https://github.com/immutable-js/immutable-js/releases/tag/v3.8.3",
"url": "https://github.com/immutable-js/immutable-js/releases/tag/v3.8.3"
},
{
"category": "external",
"summary": "https://github.com/immutable-js/immutable-js/releases/tag/v4.3.8",
"url": "https://github.com/immutable-js/immutable-js/releases/tag/v4.3.8"
},
{
"category": "external",
"summary": "https://github.com/immutable-js/immutable-js/releases/tag/v5.1.5",
"url": "https://github.com/immutable-js/immutable-js/releases/tag/v5.1.5"
},
{
"category": "external",
"summary": "https://github.com/immutable-js/immutable-js/security/advisories/GHSA-wf6x-7x77-mvgw",
"url": "https://github.com/immutable-js/immutable-js/security/advisories/GHSA-wf6x-7x77-mvgw"
}
],
"release_date": "2026-03-06T18:25:22.438000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "immutable-js: Immutable.js: Arbitrary code execution via Prototype Pollution"
},
{
"cve": "CVE-2026-29074",
"cwe": {
"id": "CWE-776",
"name": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)"
},
"discovery_date": "2026-03-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445132"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in SVGO, an SVG (Scalable Vector Graphics) Optimizer. This vulnerability allows a remote attacker to cause a Denial of Service (DoS) by submitting a specially crafted XML file. The application\u0027s failure to properly guard against XML entity expansion or recursion can lead to the Node.js process consuming excessive memory and crashing.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "svgo: SVGO: Denial of Service via XML entity expansion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-29074"
},
{
"category": "external",
"summary": "RHBZ#2445132",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445132"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-29074",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-29074"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-29074",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-29074"
},
{
"category": "external",
"summary": "https://github.com/svg/svgo/security/advisories/GHSA-xpqw-6gx7-v673",
"url": "https://github.com/svg/svgo/security/advisories/GHSA-xpqw-6gx7-v673"
}
],
"release_date": "2026-03-06T07:23:05.716000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "svgo: SVGO: Denial of Service via XML entity expansion"
},
{
"cve": "CVE-2026-29186",
"cwe": {
"id": "CWE-791",
"name": "Incomplete Filtering of Special Elements"
},
"discovery_date": "2026-03-07T16:01:40.949207+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445480"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Backstage. The backstage/plugin-techdocs-node package uses an allowlist to filter dangerous MkDocs configuration keys during the documentation build process. A gap in this allowlist allows attackers to craft an mkdocs.yml file that causes arbitrary Python code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "backstage/plugin-techdocs-node: TechDocs Mkdocs configuration key enables arbitrary code execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, an attacker needs commit access to a repository that Backstage is configured to track and build in order to introduce a malicious mkdocs.yml file into the TechDocs build pipeline. Additionally, an attacker can execute arbitrary Python code but the payload is confined by the permissions granted to the TechDocs build process which is typically a restricted service account, limiting the impact of this vulnerability. Due to these reasons, this vulnerability has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-29186"
},
{
"category": "external",
"summary": "RHBZ#2445480",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445480"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-29186",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-29186"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-29186",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-29186"
},
{
"category": "external",
"summary": "https://github.com/backstage/backstage/security/advisories/GHSA-928r-fm4v-mvrw",
"url": "https://github.com/backstage/backstage/security/advisories/GHSA-928r-fm4v-mvrw"
}
],
"release_date": "2026-03-07T15:03:51.422000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
},
{
"category": "workaround",
"details": "To mitigate this issue, enable docker isolation by updating the Backstage configuration to use \u0027runIn: docker\u0027 instead of \u0027runIn: local\u0027, confining the arbitrary Python code execution to a containerized environment. Additionally, limit commit access to repositories tracked by Backstage to trusted contributors only, and enforce mandatory pull request (PR) reviews for any modifications made to the mkdocs.yml file.",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "backstage/plugin-techdocs-node: TechDocs Mkdocs configuration key enables arbitrary code execution"
},
{
"cve": "CVE-2026-32141",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-03-12T19:01:30.987208+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2447083"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service flaw has been discovered in the flatted npm library. flatted\u0027s parse() function uses a recursive revive() phase to resolve circular references in deserialized JSON. When given a crafted payload with deeply nested or self-referential $ indices, the recursion depth is unbounded, causing a stack overflow that crashes the Node.js process.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flatted: flatted: Unbounded recursion DoS in parse() revive phase",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32141"
},
{
"category": "external",
"summary": "RHBZ#2447083",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447083"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32141",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32141"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32141",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32141"
},
{
"category": "external",
"summary": "https://github.com/WebReflection/flatted/commit/7eb65d857e1a40de11c47461cdbc8541449f0606",
"url": "https://github.com/WebReflection/flatted/commit/7eb65d857e1a40de11c47461cdbc8541449f0606"
},
{
"category": "external",
"summary": "https://github.com/WebReflection/flatted/pull/88",
"url": "https://github.com/WebReflection/flatted/pull/88"
},
{
"category": "external",
"summary": "https://github.com/WebReflection/flatted/security/advisories/GHSA-25h7-pfq9-p65f",
"url": "https://github.com/WebReflection/flatted/security/advisories/GHSA-25h7-pfq9-p65f"
}
],
"release_date": "2026-03-12T18:08:09.634000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "flatted: flatted: Unbounded recursion DoS in parse() revive phase"
},
{
"cve": "CVE-2026-33036",
"cwe": {
"id": "CWE-776",
"name": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)"
},
"discovery_date": "2026-03-20T06:02:18.306021+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2449458"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in fast-xml-parser. A remote attacker can exploit this vulnerability by supplying specially crafted XML input containing numeric character references or standard XML entities. This input can bypass configured entity expansion limits, leading to excessive memory allocation and high CPU usage. The primary consequence is a Denial of Service (DoS), which can crash the affected process.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "fast-xml-parser: fast-xml-parser: Denial of Service via XML entity expansion bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33036"
},
{
"category": "external",
"summary": "RHBZ#2449458",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449458"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33036",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33036"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33036",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33036"
},
{
"category": "external",
"summary": "https://github.com/NaturalIntelligence/fast-xml-parser/commit/bd26122c838e6a55e7d7ac49b4ccc01a49999a01",
"url": "https://github.com/NaturalIntelligence/fast-xml-parser/commit/bd26122c838e6a55e7d7ac49b4ccc01a49999a01"
},
{
"category": "external",
"summary": "https://github.com/NaturalIntelligence/fast-xml-parser/releases/tag/v5.5.6",
"url": "https://github.com/NaturalIntelligence/fast-xml-parser/releases/tag/v5.5.6"
},
{
"category": "external",
"summary": "https://github.com/NaturalIntelligence/fast-xml-parser/security/advisories/GHSA-8gc5-j5rx-235r",
"url": "https://github.com/NaturalIntelligence/fast-xml-parser/security/advisories/GHSA-8gc5-j5rx-235r"
}
],
"release_date": "2026-03-20T05:17:03.290000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "fast-xml-parser: fast-xml-parser: Denial of Service via XML entity expansion bypass"
},
{
"cve": "CVE-2026-33228",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2026-03-21T00:01:43.424803+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2449872"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in flatted, a JavaScript Object Notation (JSON) parser designed for handling circular data structures. A remote attacker can exploit this vulnerability by providing specially crafted JSON input. The parse() function in flatted fails to properly validate string values used as array index keys, allowing an attacker to manipulate internal JavaScript object prototypes. This prototype pollution can enable an attacker to execute arbitrary code or cause a denial of service, impacting the availability and integrity of affected systems.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "flatted: Flatted: Prototype pollution vulnerability allows arbitrary code execution via crafted JSON.",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "A Critical vulnerability was discovered in \u0027flatted\u0027, a JavaScript JSON parser. It could enable a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service. Exploitation involves prototype pollution by providing a specially crafted JSON input. Red Hat products that process un-trusted JSON data and utilize the \u0027flatted\u0027 library are at risk if they do not properly sanitize input.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33228"
},
{
"category": "external",
"summary": "RHBZ#2449872",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449872"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33228",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33228"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33228",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33228"
},
{
"category": "external",
"summary": "https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802",
"url": "https://github.com/WebReflection/flatted/commit/885ddcc33cf9657caf38c57c7be45ae1c5272802"
},
{
"category": "external",
"summary": "https://github.com/WebReflection/flatted/releases/tag/v3.4.2",
"url": "https://github.com/WebReflection/flatted/releases/tag/v3.4.2"
},
{
"category": "external",
"summary": "https://github.com/WebReflection/flatted/security/advisories/GHSA-rf6f-7fwh-wjgh",
"url": "https://github.com/WebReflection/flatted/security/advisories/GHSA-rf6f-7fwh-wjgh"
}
],
"release_date": "2026-03-20T23:06:48.485000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "flatted: Flatted: Prototype pollution vulnerability allows arbitrary code execution via crafted JSON."
},
{
"cve": "CVE-2026-33891",
"cwe": {
"id": "CWE-606",
"name": "Unchecked Input for Loop Condition"
},
"discovery_date": "2026-03-27T21:01:34.410210+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2452450"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the node-forge library, a JavaScript implementation of Transport Layer Security. This vulnerability, inherited from the bundled jsbn library, allows a remote attacker to cause a Denial of Service (DoS). When the BigInteger.modInverse() function is called with a zero value, it enters an infinite loop, causing the process to hang indefinitely and consume 100% of the CPU resources.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: node-forge: Denial of Service via infinite loop in BigInteger.modInverse()",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33891"
},
{
"category": "external",
"summary": "RHBZ#2452450",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452450"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33891",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33891"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33891",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33891"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/commit/9bb8d67b99d17e4ebb5fd7596cd699e11f25d023",
"url": "https://github.com/digitalbazaar/forge/commit/9bb8d67b99d17e4ebb5fd7596cd699e11f25d023"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5m6q-g25r-mvwx",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5m6q-g25r-mvwx"
}
],
"release_date": "2026-03-27T20:43:37.725000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "node-forge: node-forge: Denial of Service via infinite loop in BigInteger.modInverse()"
},
{
"cve": "CVE-2026-33894",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"discovery_date": "2026-03-27T21:02:52.462999+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2452464"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Forge (also called `node-forge`), a JavaScript implementation of Transport Layer Security. A remote attacker could exploit weaknesses in the RSASSA PKCS#1 v1.5 signature verification process. By crafting malicious signatures that include extra data within the ASN structure and do not meet padding requirements, an attacker can bypass signature validation. This allows for the creation of forged signatures that appear legitimate, potentially compromising the integrity and authenticity of communications.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: Forge: Signature Forgery via Weak RSASSA PKCS#1 v1.5 Verification",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33894"
},
{
"category": "external",
"summary": "RHBZ#2452464",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452464"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33894",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33894"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33894",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33894"
},
{
"category": "external",
"summary": "https://datatracker.ietf.org/doc/html/rfc2313#section-8",
"url": "https://datatracker.ietf.org/doc/html/rfc2313#section-8"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-ppp5-5v6c-4jwp",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-ppp5-5v6c-4jwp"
},
{
"category": "external",
"summary": "https://mailarchive.ietf.org/arch/msg/openpgp/5rnE9ZRN1AokBVj3VqblGlP63QE",
"url": "https://mailarchive.ietf.org/arch/msg/openpgp/5rnE9ZRN1AokBVj3VqblGlP63QE"
},
{
"category": "external",
"summary": "https://www.rfc-editor.org/rfc/rfc8017.html",
"url": "https://www.rfc-editor.org/rfc/rfc8017.html"
}
],
"release_date": "2026-03-27T20:45:49.583000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "node-forge: Forge: Signature Forgery via Weak RSASSA PKCS#1 v1.5 Verification"
},
{
"cve": "CVE-2026-33895",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"discovery_date": "2026-03-27T21:02:18.484291+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2452457"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Forge (also called `node-forge`), a JavaScript library used for Transport Layer Security (TLS). The library\u0027s Ed25519 signature verification process does not correctly validate cryptographic signatures, allowing forged non-canonical signatures to be accepted. A remote attacker could exploit this signature malleability to bypass authentication and authorization logic. This vulnerability can also circumvent security checks in applications that rely on the uniqueness of cryptographic signatures for functions such as deduplication or preventing replay attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: Forge: Authentication bypass via forged Ed25519 cryptographic signatures",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33895"
},
{
"category": "external",
"summary": "RHBZ#2452457",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452457"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33895",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33895"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33895",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33895"
},
{
"category": "external",
"summary": "https://datatracker.ietf.org/doc/html/rfc8032#section-8.4",
"url": "https://datatracker.ietf.org/doc/html/rfc8032#section-8.4"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/commit/bdecf11571c9f1a487cc0fe72fe78ff6dfa96b85",
"url": "https://github.com/digitalbazaar/forge/commit/bdecf11571c9f1a487cc0fe72fe78ff6dfa96b85"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-q67f-28xg-22rw",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-q67f-28xg-22rw"
}
],
"release_date": "2026-03-27T20:47:54.492000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "node-forge: Forge: Authentication bypass via forged Ed25519 cryptographic signatures"
},
{
"cve": "CVE-2026-33896",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2026-03-27T21:02:22.762233+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2452458"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Forge (also known as node-forge), a JavaScript implementation of Transport Layer Security (TLS). The `pki.verifyCertificateChain()` function does not properly enforce certificate validation rules. This oversight allows an intermediate certificate that lacks specific security extensions to enable any leaf certificate to function as a Certificate Authority (CA) and sign other certificates. Consequently, node-forge could accept these unauthorized certificates as valid, potentially leading to spoofing or the issuance of illegitimate certificates.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: Forge (node-forge): Certificate validation bypass allows unauthorized certificate issuance",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33896"
},
{
"category": "external",
"summary": "RHBZ#2452458",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452458"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33896",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33896"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33896",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33896"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/commit/2e492832fb25227e6b647cbe1ac981c123171e90",
"url": "https://github.com/digitalbazaar/forge/commit/2e492832fb25227e6b647cbe1ac981c123171e90"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-2328-f5f3-gj25",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-2328-f5f3-gj25"
}
],
"release_date": "2026-03-27T20:50:03.418000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "node-forge: Forge (node-forge): Certificate validation bypass allows unauthorized certificate issuance"
},
{
"cve": "CVE-2026-39983",
"cwe": {
"id": "CWE-93",
"name": "Improper Neutralization of CRLF Sequences (\u0027CRLF Injection\u0027)"
},
"discovery_date": "2026-04-09T18:02:16.209487+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456971"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in basic-ftp, an FTP client for Node.js. A remote attacker can exploit this vulnerability by injecting Carriage Return Line Feed (CRLF) sequences into file path parameters used by high-level APIs. This allows the attacker to split a single intended FTP command into multiple commands. Such command injection can lead to the execution of arbitrary commands, potentially compromising the integrity and availability of data or the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "basic-ftp: basic-ftp: Command injection via CRLF sequences in file path parameters",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-39983"
},
{
"category": "external",
"summary": "RHBZ#2456971",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456971"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-39983",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-39983"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-39983",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39983"
},
{
"category": "external",
"summary": "https://github.com/patrickjuchli/basic-ftp/commit/2ecc8e2c500c5234115f06fd1dbde1aa03d70f4b",
"url": "https://github.com/patrickjuchli/basic-ftp/commit/2ecc8e2c500c5234115f06fd1dbde1aa03d70f4b"
},
{
"category": "external",
"summary": "https://github.com/patrickjuchli/basic-ftp/releases/tag/v5.2.1",
"url": "https://github.com/patrickjuchli/basic-ftp/releases/tag/v5.2.1"
},
{
"category": "external",
"summary": "https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-chqc-8p9q-pq6q",
"url": "https://github.com/patrickjuchli/basic-ftp/security/advisories/GHSA-chqc-8p9q-pq6q"
}
],
"release_date": "2026-04-09T17:05:46.228000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "basic-ftp: basic-ftp: Command injection via CRLF sequences in file path parameters"
},
{
"cve": "CVE-2026-40175",
"cwe": {
"id": "CWE-915",
"name": "Improperly Controlled Modification of Dynamically-Determined Object Attributes"
},
"discovery_date": "2026-04-10T20:02:10.296601+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2457432"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Axios, a promise-based HTTP client. This vulnerability, known as Prototype Pollution, can be exploited through a specific \"Gadget\" attack chain. This allows an attacker to escalate a Prototype Pollution vulnerability in a third-party dependency, potentially leading to remote code execution or a full cloud compromise, such as bypassing AWS IMDSv2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: Axios: Remote Code Execution via Prototype Pollution escalation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Axios library, a promise-based HTTP client, is susceptible to an Important prototype pollution vulnerability. This flaw, when combined with specific \"Gadget\" attack chains in third-party dependencies, can lead to remote code execution or full cloud compromise, including bypassing AWS IMDSv2.\n \nWith pollution check patch available in Axios gives an advantage, it remains vulnerable due to HTTP Header Sanitation and Server-Side Request Forgery threat.\n\nRed Hat products that incorporate the vulnerable Axios library are affected.\n\nThe openshift4/ose-monitoring-plugin-rhel9 container image is not vulnerable to this flaw. The affected component is used as a build-time dependency but it\u0027s not shipped in the final product, meaning the flaw is not present thus cannot be exploited in the container deployments.\n\nRegarding openshift4/ose-console for Product stream 4.12 and 4.13, the vulnerable component is present (indirect dependency), but the vulnerability is not exploitable in our case due to the browser runtime, where the required Node.js-specific attack vectors are not available. With this, the impact becomes low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"known_not_affected": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-40175"
},
{
"category": "external",
"summary": "RHBZ#2457432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2457432"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-40175",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-40175"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-40175",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-40175"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/commit/363185461b90b1b78845dc8a99a1f103d9b122a1",
"url": "https://github.com/axios/axios/commit/363185461b90b1b78845dc8a99a1f103d9b122a1"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/pull/10660",
"url": "https://github.com/axios/axios/pull/10660"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/releases/tag/v1.15.0",
"url": "https://github.com/axios/axios/releases/tag/v1.15.0"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/security/advisories/GHSA-fvcv-3m26-pcqx",
"url": "https://github.com/axios/axios/security/advisories/GHSA-fvcv-3m26-pcqx"
}
],
"release_date": "2026-04-10T19:23:52.285000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T14:56:38+00:00",
"details": "For more about Red Hat Developer Hub, see References links",
"product_ids": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9742"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-hub-rhel9@sha256:bb763e2b7a9d101f73b03b9e1c5688e7034fd9d31413e890817bd4098a7d42f9_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-operator-bundle@sha256:b40f228ed49b81e675763d0bb1e38e7a45c45eef8003237abfbddbfb952bb331_amd64",
"Red Hat Developer Hub 1.8:registry.redhat.io/rhdh/rhdh-rhel9-operator@sha256:f09d63af77eec6b131067a08b1bd3a8c7673f9e68325bfde1ae081f85d73598c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: Axios: Remote Code Execution via Prototype Pollution escalation"
}
]
}
RHSA-2026:9872
Vulnerability from csaf_redhat - Published: 2026-04-22 21:03 - Updated: 2026-07-03 06:29The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:7033e308ba08300838ce7b507434d3e2bed97e0b8919409079b5c9705cbf06e8_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:78b5652108b78dc1b8b3e5bd10026ec02954c41a73c59857ef8a75b2a59d3eca_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:9b0eea627cc3a2531a517df168818f40c92ebbf0a22ab56a22396600a2e59d04_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:a55f5c74e35c5fe7dbab7b6e1cd6ea824606ed8d198e903dad264baab40008e2_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:991f3f31d41dc78e4aede374e9d6eaf82016da4528c3481af9936b4ab5ed30ca_amd64 | — |
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:0131e2bce3611a145b67ead5e4e0c0bb4206a996211510daffe7f0eeef42992b_ppc64le | — |
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:798b5bfebc9c5423a116c80732fa5e1dd01dc0b99795387bc81b95c98ffc42a6_amd64 | — |
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:992b3afbd4630383951536fad36590328f5f4dd1ac438b24860e307bb21f6962_s390x | — |
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:9fe2f1443f73cc296a9f50aba782c5b6aabae4a2adbba754f4346a395bd8bc09_arm64 | — |
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:03e66dbde56c09f627bc5eb60ebfd5127a43d313dff99e75e37039de8ab9430d_ppc64le | — |
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:053d1f1ba2f47f45379e4630d3cdcb734915e538f2500477108e2fb9f28b0596_arm64 | — |
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:105988d31561736be604af59fa46b7b73003609546cf9b8bf5af97112c4dc750_amd64 | — |
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:e14baa9938a2ce79f2f977e70c6a706620e7eb652191269b628f6164f4120f34_s390x | — |
Workaround
|
A certificate validation flaw has been discovered in the golang crypto/x509 module. When verifying a certificate chain which contains a certificate containing multiple email address constraints which share common local portions but different domain portions, these constraints will not be properly applied, and only the last constraint will be considered.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:7033e308ba08300838ce7b507434d3e2bed97e0b8919409079b5c9705cbf06e8_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:78b5652108b78dc1b8b3e5bd10026ec02954c41a73c59857ef8a75b2a59d3eca_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:9b0eea627cc3a2531a517df168818f40c92ebbf0a22ab56a22396600a2e59d04_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:a55f5c74e35c5fe7dbab7b6e1cd6ea824606ed8d198e903dad264baab40008e2_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:991f3f31d41dc78e4aede374e9d6eaf82016da4528c3481af9936b4ab5ed30ca_amd64 | — |
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:0131e2bce3611a145b67ead5e4e0c0bb4206a996211510daffe7f0eeef42992b_ppc64le | — |
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:798b5bfebc9c5423a116c80732fa5e1dd01dc0b99795387bc81b95c98ffc42a6_amd64 | — |
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:992b3afbd4630383951536fad36590328f5f4dd1ac438b24860e307bb21f6962_s390x | — |
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:9fe2f1443f73cc296a9f50aba782c5b6aabae4a2adbba754f4346a395bd8bc09_arm64 | — |
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:03e66dbde56c09f627bc5eb60ebfd5127a43d313dff99e75e37039de8ab9430d_ppc64le | — |
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:053d1f1ba2f47f45379e4630d3cdcb734915e538f2500477108e2fb9f28b0596_arm64 | — |
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:105988d31561736be604af59fa46b7b73003609546cf9b8bf5af97112c4dc750_amd64 | — |
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:e14baa9938a2ce79f2f977e70c6a706620e7eb652191269b628f6164f4120f34_s390x | — |
Workaround
|
A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 `:path` pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed `:path` that omits the mandatory leading slash. This allows the attacker to bypass defined security policies, potentially leading to unauthorized access to services or information disclosure.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:03e66dbde56c09f627bc5eb60ebfd5127a43d313dff99e75e37039de8ab9430d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:053d1f1ba2f47f45379e4630d3cdcb734915e538f2500477108e2fb9f28b0596_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:105988d31561736be604af59fa46b7b73003609546cf9b8bf5af97112c4dc750_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:e14baa9938a2ce79f2f977e70c6a706620e7eb652191269b628f6164f4120f34_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:7033e308ba08300838ce7b507434d3e2bed97e0b8919409079b5c9705cbf06e8_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:78b5652108b78dc1b8b3e5bd10026ec02954c41a73c59857ef8a75b2a59d3eca_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:9b0eea627cc3a2531a517df168818f40c92ebbf0a22ab56a22396600a2e59d04_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:a55f5c74e35c5fe7dbab7b6e1cd6ea824606ed8d198e903dad264baab40008e2_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:991f3f31d41dc78e4aede374e9d6eaf82016da4528c3481af9936b4ab5ed30ca_amd64 | — |
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:0131e2bce3611a145b67ead5e4e0c0bb4206a996211510daffe7f0eeef42992b_ppc64le | — |
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:798b5bfebc9c5423a116c80732fa5e1dd01dc0b99795387bc81b95c98ffc42a6_amd64 | — |
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:992b3afbd4630383951536fad36590328f5f4dd1ac438b24860e307bb21f6962_s390x | — |
Workaround
|
|
| Unresolved product id: DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:9fe2f1443f73cc296a9f50aba782c5b6aabae4a2adbba754f4346a395bd8bc09_arm64 | — |
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "DevWorkspace Operator 0.40.1 has been released.",
"title": "Topic"
},
{
"category": "general",
"text": "The DevWorkspace Operator extends OpenShift to provide DevWorkspace support.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:9872",
"url": "https://access.redhat.com/errata/RHSA-2026:9872"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-25679",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-27137",
"url": "https://access.redhat.com/security/cve/CVE-2026-27137"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33186",
"url": "https://access.redhat.com/security/cve/CVE-2026-33186"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://redhat.atlassian.net/browse/CRW-10592",
"url": "https://redhat.atlassian.net/browse/CRW-10592"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_9872.json"
}
],
"title": "Red Hat Security Advisory: DevWorkspace Operator 0.40.1 release.",
"tracking": {
"current_release_date": "2026-07-03T06:29:47+00:00",
"generator": {
"date": "2026-07-03T06:29:47+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:9872",
"initial_release_date": "2026-04-22T21:03:38+00:00",
"revision_history": [
{
"date": "2026-04-22T21:03:38+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-04-22T21:03:45+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-03T06:29:47+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "DevWorkspace Operator 0.4",
"product": {
"name": "DevWorkspace Operator 0.4",
"product_id": "DevWorkspace Operator 0.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:devworkspace:0.40::el9"
}
}
}
],
"category": "product_family",
"name": "DevWorkspace Operator"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:9b0eea627cc3a2531a517df168818f40c92ebbf0a22ab56a22396600a2e59d04_amd64",
"product": {
"name": "registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:9b0eea627cc3a2531a517df168818f40c92ebbf0a22ab56a22396600a2e59d04_amd64",
"product_id": "registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:9b0eea627cc3a2531a517df168818f40c92ebbf0a22ab56a22396600a2e59d04_amd64",
"product_identification_helper": {
"purl": "pkg:oci/devworkspace-rhel9-operator@sha256%3A9b0eea627cc3a2531a517df168818f40c92ebbf0a22ab56a22396600a2e59d04?arch=amd64\u0026repository_url=registry.redhat.io/devworkspace\u0026tag=1776457293"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:991f3f31d41dc78e4aede374e9d6eaf82016da4528c3481af9936b4ab5ed30ca_amd64",
"product": {
"name": "registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:991f3f31d41dc78e4aede374e9d6eaf82016da4528c3481af9936b4ab5ed30ca_amd64",
"product_id": "registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:991f3f31d41dc78e4aede374e9d6eaf82016da4528c3481af9936b4ab5ed30ca_amd64",
"product_identification_helper": {
"purl": "pkg:oci/devworkspace-operator-bundle@sha256%3A991f3f31d41dc78e4aede374e9d6eaf82016da4528c3481af9936b4ab5ed30ca?arch=amd64\u0026repository_url=registry.redhat.io/devworkspace\u0026tag=1776559999"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:798b5bfebc9c5423a116c80732fa5e1dd01dc0b99795387bc81b95c98ffc42a6_amd64",
"product": {
"name": "registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:798b5bfebc9c5423a116c80732fa5e1dd01dc0b99795387bc81b95c98ffc42a6_amd64",
"product_id": "registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:798b5bfebc9c5423a116c80732fa5e1dd01dc0b99795387bc81b95c98ffc42a6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/devworkspace-project-backup-rhel9@sha256%3A798b5bfebc9c5423a116c80732fa5e1dd01dc0b99795387bc81b95c98ffc42a6?arch=amd64\u0026repository_url=registry.redhat.io/devworkspace\u0026tag=1776462971"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:105988d31561736be604af59fa46b7b73003609546cf9b8bf5af97112c4dc750_amd64",
"product": {
"name": "registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:105988d31561736be604af59fa46b7b73003609546cf9b8bf5af97112c4dc750_amd64",
"product_id": "registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:105988d31561736be604af59fa46b7b73003609546cf9b8bf5af97112c4dc750_amd64",
"product_identification_helper": {
"purl": "pkg:oci/devworkspace-project-clone-rhel9@sha256%3A105988d31561736be604af59fa46b7b73003609546cf9b8bf5af97112c4dc750?arch=amd64\u0026repository_url=registry.redhat.io/devworkspace\u0026tag=1776457327"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:78b5652108b78dc1b8b3e5bd10026ec02954c41a73c59857ef8a75b2a59d3eca_s390x",
"product": {
"name": "registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:78b5652108b78dc1b8b3e5bd10026ec02954c41a73c59857ef8a75b2a59d3eca_s390x",
"product_id": "registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:78b5652108b78dc1b8b3e5bd10026ec02954c41a73c59857ef8a75b2a59d3eca_s390x",
"product_identification_helper": {
"purl": "pkg:oci/devworkspace-rhel9-operator@sha256%3A78b5652108b78dc1b8b3e5bd10026ec02954c41a73c59857ef8a75b2a59d3eca?arch=s390x\u0026repository_url=registry.redhat.io/devworkspace\u0026tag=1776457293"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:992b3afbd4630383951536fad36590328f5f4dd1ac438b24860e307bb21f6962_s390x",
"product": {
"name": "registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:992b3afbd4630383951536fad36590328f5f4dd1ac438b24860e307bb21f6962_s390x",
"product_id": "registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:992b3afbd4630383951536fad36590328f5f4dd1ac438b24860e307bb21f6962_s390x",
"product_identification_helper": {
"purl": "pkg:oci/devworkspace-project-backup-rhel9@sha256%3A992b3afbd4630383951536fad36590328f5f4dd1ac438b24860e307bb21f6962?arch=s390x\u0026repository_url=registry.redhat.io/devworkspace\u0026tag=1776462971"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:e14baa9938a2ce79f2f977e70c6a706620e7eb652191269b628f6164f4120f34_s390x",
"product": {
"name": "registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:e14baa9938a2ce79f2f977e70c6a706620e7eb652191269b628f6164f4120f34_s390x",
"product_id": "registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:e14baa9938a2ce79f2f977e70c6a706620e7eb652191269b628f6164f4120f34_s390x",
"product_identification_helper": {
"purl": "pkg:oci/devworkspace-project-clone-rhel9@sha256%3Ae14baa9938a2ce79f2f977e70c6a706620e7eb652191269b628f6164f4120f34?arch=s390x\u0026repository_url=registry.redhat.io/devworkspace\u0026tag=1776457327"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:7033e308ba08300838ce7b507434d3e2bed97e0b8919409079b5c9705cbf06e8_ppc64le",
"product": {
"name": "registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:7033e308ba08300838ce7b507434d3e2bed97e0b8919409079b5c9705cbf06e8_ppc64le",
"product_id": "registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:7033e308ba08300838ce7b507434d3e2bed97e0b8919409079b5c9705cbf06e8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/devworkspace-rhel9-operator@sha256%3A7033e308ba08300838ce7b507434d3e2bed97e0b8919409079b5c9705cbf06e8?arch=ppc64le\u0026repository_url=registry.redhat.io/devworkspace\u0026tag=1776457293"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:0131e2bce3611a145b67ead5e4e0c0bb4206a996211510daffe7f0eeef42992b_ppc64le",
"product": {
"name": "registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:0131e2bce3611a145b67ead5e4e0c0bb4206a996211510daffe7f0eeef42992b_ppc64le",
"product_id": "registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:0131e2bce3611a145b67ead5e4e0c0bb4206a996211510daffe7f0eeef42992b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/devworkspace-project-backup-rhel9@sha256%3A0131e2bce3611a145b67ead5e4e0c0bb4206a996211510daffe7f0eeef42992b?arch=ppc64le\u0026repository_url=registry.redhat.io/devworkspace\u0026tag=1776462971"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:03e66dbde56c09f627bc5eb60ebfd5127a43d313dff99e75e37039de8ab9430d_ppc64le",
"product": {
"name": "registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:03e66dbde56c09f627bc5eb60ebfd5127a43d313dff99e75e37039de8ab9430d_ppc64le",
"product_id": "registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:03e66dbde56c09f627bc5eb60ebfd5127a43d313dff99e75e37039de8ab9430d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/devworkspace-project-clone-rhel9@sha256%3A03e66dbde56c09f627bc5eb60ebfd5127a43d313dff99e75e37039de8ab9430d?arch=ppc64le\u0026repository_url=registry.redhat.io/devworkspace\u0026tag=1776457327"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:a55f5c74e35c5fe7dbab7b6e1cd6ea824606ed8d198e903dad264baab40008e2_arm64",
"product": {
"name": "registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:a55f5c74e35c5fe7dbab7b6e1cd6ea824606ed8d198e903dad264baab40008e2_arm64",
"product_id": "registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:a55f5c74e35c5fe7dbab7b6e1cd6ea824606ed8d198e903dad264baab40008e2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/devworkspace-rhel9-operator@sha256%3Aa55f5c74e35c5fe7dbab7b6e1cd6ea824606ed8d198e903dad264baab40008e2?arch=arm64\u0026repository_url=registry.redhat.io/devworkspace\u0026tag=1776457293"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:9fe2f1443f73cc296a9f50aba782c5b6aabae4a2adbba754f4346a395bd8bc09_arm64",
"product": {
"name": "registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:9fe2f1443f73cc296a9f50aba782c5b6aabae4a2adbba754f4346a395bd8bc09_arm64",
"product_id": "registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:9fe2f1443f73cc296a9f50aba782c5b6aabae4a2adbba754f4346a395bd8bc09_arm64",
"product_identification_helper": {
"purl": "pkg:oci/devworkspace-project-backup-rhel9@sha256%3A9fe2f1443f73cc296a9f50aba782c5b6aabae4a2adbba754f4346a395bd8bc09?arch=arm64\u0026repository_url=registry.redhat.io/devworkspace\u0026tag=1776462971"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:053d1f1ba2f47f45379e4630d3cdcb734915e538f2500477108e2fb9f28b0596_arm64",
"product": {
"name": "registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:053d1f1ba2f47f45379e4630d3cdcb734915e538f2500477108e2fb9f28b0596_arm64",
"product_id": "registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:053d1f1ba2f47f45379e4630d3cdcb734915e538f2500477108e2fb9f28b0596_arm64",
"product_identification_helper": {
"purl": "pkg:oci/devworkspace-project-clone-rhel9@sha256%3A053d1f1ba2f47f45379e4630d3cdcb734915e538f2500477108e2fb9f28b0596?arch=arm64\u0026repository_url=registry.redhat.io/devworkspace\u0026tag=1776457327"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:991f3f31d41dc78e4aede374e9d6eaf82016da4528c3481af9936b4ab5ed30ca_amd64 as a component of DevWorkspace Operator 0.4",
"product_id": "DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:991f3f31d41dc78e4aede374e9d6eaf82016da4528c3481af9936b4ab5ed30ca_amd64"
},
"product_reference": "registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:991f3f31d41dc78e4aede374e9d6eaf82016da4528c3481af9936b4ab5ed30ca_amd64",
"relates_to_product_reference": "DevWorkspace Operator 0.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:0131e2bce3611a145b67ead5e4e0c0bb4206a996211510daffe7f0eeef42992b_ppc64le as a component of DevWorkspace Operator 0.4",
"product_id": "DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:0131e2bce3611a145b67ead5e4e0c0bb4206a996211510daffe7f0eeef42992b_ppc64le"
},
"product_reference": "registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:0131e2bce3611a145b67ead5e4e0c0bb4206a996211510daffe7f0eeef42992b_ppc64le",
"relates_to_product_reference": "DevWorkspace Operator 0.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:798b5bfebc9c5423a116c80732fa5e1dd01dc0b99795387bc81b95c98ffc42a6_amd64 as a component of DevWorkspace Operator 0.4",
"product_id": "DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:798b5bfebc9c5423a116c80732fa5e1dd01dc0b99795387bc81b95c98ffc42a6_amd64"
},
"product_reference": "registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:798b5bfebc9c5423a116c80732fa5e1dd01dc0b99795387bc81b95c98ffc42a6_amd64",
"relates_to_product_reference": "DevWorkspace Operator 0.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:992b3afbd4630383951536fad36590328f5f4dd1ac438b24860e307bb21f6962_s390x as a component of DevWorkspace Operator 0.4",
"product_id": "DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:992b3afbd4630383951536fad36590328f5f4dd1ac438b24860e307bb21f6962_s390x"
},
"product_reference": "registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:992b3afbd4630383951536fad36590328f5f4dd1ac438b24860e307bb21f6962_s390x",
"relates_to_product_reference": "DevWorkspace Operator 0.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:9fe2f1443f73cc296a9f50aba782c5b6aabae4a2adbba754f4346a395bd8bc09_arm64 as a component of DevWorkspace Operator 0.4",
"product_id": "DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:9fe2f1443f73cc296a9f50aba782c5b6aabae4a2adbba754f4346a395bd8bc09_arm64"
},
"product_reference": "registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:9fe2f1443f73cc296a9f50aba782c5b6aabae4a2adbba754f4346a395bd8bc09_arm64",
"relates_to_product_reference": "DevWorkspace Operator 0.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:03e66dbde56c09f627bc5eb60ebfd5127a43d313dff99e75e37039de8ab9430d_ppc64le as a component of DevWorkspace Operator 0.4",
"product_id": "DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:03e66dbde56c09f627bc5eb60ebfd5127a43d313dff99e75e37039de8ab9430d_ppc64le"
},
"product_reference": "registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:03e66dbde56c09f627bc5eb60ebfd5127a43d313dff99e75e37039de8ab9430d_ppc64le",
"relates_to_product_reference": "DevWorkspace Operator 0.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:053d1f1ba2f47f45379e4630d3cdcb734915e538f2500477108e2fb9f28b0596_arm64 as a component of DevWorkspace Operator 0.4",
"product_id": "DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:053d1f1ba2f47f45379e4630d3cdcb734915e538f2500477108e2fb9f28b0596_arm64"
},
"product_reference": "registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:053d1f1ba2f47f45379e4630d3cdcb734915e538f2500477108e2fb9f28b0596_arm64",
"relates_to_product_reference": "DevWorkspace Operator 0.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:105988d31561736be604af59fa46b7b73003609546cf9b8bf5af97112c4dc750_amd64 as a component of DevWorkspace Operator 0.4",
"product_id": "DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:105988d31561736be604af59fa46b7b73003609546cf9b8bf5af97112c4dc750_amd64"
},
"product_reference": "registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:105988d31561736be604af59fa46b7b73003609546cf9b8bf5af97112c4dc750_amd64",
"relates_to_product_reference": "DevWorkspace Operator 0.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:e14baa9938a2ce79f2f977e70c6a706620e7eb652191269b628f6164f4120f34_s390x as a component of DevWorkspace Operator 0.4",
"product_id": "DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:e14baa9938a2ce79f2f977e70c6a706620e7eb652191269b628f6164f4120f34_s390x"
},
"product_reference": "registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:e14baa9938a2ce79f2f977e70c6a706620e7eb652191269b628f6164f4120f34_s390x",
"relates_to_product_reference": "DevWorkspace Operator 0.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:7033e308ba08300838ce7b507434d3e2bed97e0b8919409079b5c9705cbf06e8_ppc64le as a component of DevWorkspace Operator 0.4",
"product_id": "DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:7033e308ba08300838ce7b507434d3e2bed97e0b8919409079b5c9705cbf06e8_ppc64le"
},
"product_reference": "registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:7033e308ba08300838ce7b507434d3e2bed97e0b8919409079b5c9705cbf06e8_ppc64le",
"relates_to_product_reference": "DevWorkspace Operator 0.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:78b5652108b78dc1b8b3e5bd10026ec02954c41a73c59857ef8a75b2a59d3eca_s390x as a component of DevWorkspace Operator 0.4",
"product_id": "DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:78b5652108b78dc1b8b3e5bd10026ec02954c41a73c59857ef8a75b2a59d3eca_s390x"
},
"product_reference": "registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:78b5652108b78dc1b8b3e5bd10026ec02954c41a73c59857ef8a75b2a59d3eca_s390x",
"relates_to_product_reference": "DevWorkspace Operator 0.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:9b0eea627cc3a2531a517df168818f40c92ebbf0a22ab56a22396600a2e59d04_amd64 as a component of DevWorkspace Operator 0.4",
"product_id": "DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:9b0eea627cc3a2531a517df168818f40c92ebbf0a22ab56a22396600a2e59d04_amd64"
},
"product_reference": "registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:9b0eea627cc3a2531a517df168818f40c92ebbf0a22ab56a22396600a2e59d04_amd64",
"relates_to_product_reference": "DevWorkspace Operator 0.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:a55f5c74e35c5fe7dbab7b6e1cd6ea824606ed8d198e903dad264baab40008e2_arm64 as a component of DevWorkspace Operator 0.4",
"product_id": "DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:a55f5c74e35c5fe7dbab7b6e1cd6ea824606ed8d198e903dad264baab40008e2_arm64"
},
"product_reference": "registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:a55f5c74e35c5fe7dbab7b6e1cd6ea824606ed8d198e903dad264baab40008e2_arm64",
"relates_to_product_reference": "DevWorkspace Operator 0.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-25679",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2026-03-06T22:02:11.567841+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:991f3f31d41dc78e4aede374e9d6eaf82016da4528c3481af9936b4ab5ed30ca_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:0131e2bce3611a145b67ead5e4e0c0bb4206a996211510daffe7f0eeef42992b_ppc64le",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:798b5bfebc9c5423a116c80732fa5e1dd01dc0b99795387bc81b95c98ffc42a6_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:992b3afbd4630383951536fad36590328f5f4dd1ac438b24860e307bb21f6962_s390x",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:9fe2f1443f73cc296a9f50aba782c5b6aabae4a2adbba754f4346a395bd8bc09_arm64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:03e66dbde56c09f627bc5eb60ebfd5127a43d313dff99e75e37039de8ab9430d_ppc64le",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:053d1f1ba2f47f45379e4630d3cdcb734915e538f2500477108e2fb9f28b0596_arm64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:105988d31561736be604af59fa46b7b73003609546cf9b8bf5af97112c4dc750_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:e14baa9938a2ce79f2f977e70c6a706620e7eb652191269b628f6164f4120f34_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445356"
}
],
"notes": [
{
"category": "description",
"text": "The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/url: Incorrect parsing of IPv6 host literals in net/url",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:7033e308ba08300838ce7b507434d3e2bed97e0b8919409079b5c9705cbf06e8_ppc64le",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:78b5652108b78dc1b8b3e5bd10026ec02954c41a73c59857ef8a75b2a59d3eca_s390x",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:9b0eea627cc3a2531a517df168818f40c92ebbf0a22ab56a22396600a2e59d04_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:a55f5c74e35c5fe7dbab7b6e1cd6ea824606ed8d198e903dad264baab40008e2_arm64"
],
"known_not_affected": [
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:991f3f31d41dc78e4aede374e9d6eaf82016da4528c3481af9936b4ab5ed30ca_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:0131e2bce3611a145b67ead5e4e0c0bb4206a996211510daffe7f0eeef42992b_ppc64le",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:798b5bfebc9c5423a116c80732fa5e1dd01dc0b99795387bc81b95c98ffc42a6_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:992b3afbd4630383951536fad36590328f5f4dd1ac438b24860e307bb21f6962_s390x",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:9fe2f1443f73cc296a9f50aba782c5b6aabae4a2adbba754f4346a395bd8bc09_arm64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:03e66dbde56c09f627bc5eb60ebfd5127a43d313dff99e75e37039de8ab9430d_ppc64le",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:053d1f1ba2f47f45379e4630d3cdcb734915e538f2500477108e2fb9f28b0596_arm64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:105988d31561736be604af59fa46b7b73003609546cf9b8bf5af97112c4dc750_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:e14baa9938a2ce79f2f977e70c6a706620e7eb652191269b628f6164f4120f34_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "RHBZ#2445356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445356"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25679",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://go.dev/cl/752180",
"url": "https://go.dev/cl/752180"
},
{
"category": "external",
"summary": "https://go.dev/issue/77578",
"url": "https://go.dev/issue/77578"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk",
"url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4601",
"url": "https://pkg.go.dev/vuln/GO-2026-4601"
}
],
"release_date": "2026-03-06T21:28:14.211000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T21:03:38+00:00",
"details": "To start using the DevWorkspace Operator, install the DevWorkspace Operator from OpenShift OperatorHub on OpenShift Container Platform 4.16 or higher.",
"product_ids": [
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:7033e308ba08300838ce7b507434d3e2bed97e0b8919409079b5c9705cbf06e8_ppc64le",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:78b5652108b78dc1b8b3e5bd10026ec02954c41a73c59857ef8a75b2a59d3eca_s390x",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:9b0eea627cc3a2531a517df168818f40c92ebbf0a22ab56a22396600a2e59d04_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:a55f5c74e35c5fe7dbab7b6e1cd6ea824606ed8d198e903dad264baab40008e2_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9872"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:991f3f31d41dc78e4aede374e9d6eaf82016da4528c3481af9936b4ab5ed30ca_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:0131e2bce3611a145b67ead5e4e0c0bb4206a996211510daffe7f0eeef42992b_ppc64le",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:798b5bfebc9c5423a116c80732fa5e1dd01dc0b99795387bc81b95c98ffc42a6_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:992b3afbd4630383951536fad36590328f5f4dd1ac438b24860e307bb21f6962_s390x",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:9fe2f1443f73cc296a9f50aba782c5b6aabae4a2adbba754f4346a395bd8bc09_arm64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:03e66dbde56c09f627bc5eb60ebfd5127a43d313dff99e75e37039de8ab9430d_ppc64le",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:053d1f1ba2f47f45379e4630d3cdcb734915e538f2500477108e2fb9f28b0596_arm64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:105988d31561736be604af59fa46b7b73003609546cf9b8bf5af97112c4dc750_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:e14baa9938a2ce79f2f977e70c6a706620e7eb652191269b628f6164f4120f34_s390x",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:7033e308ba08300838ce7b507434d3e2bed97e0b8919409079b5c9705cbf06e8_ppc64le",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:78b5652108b78dc1b8b3e5bd10026ec02954c41a73c59857ef8a75b2a59d3eca_s390x",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:9b0eea627cc3a2531a517df168818f40c92ebbf0a22ab56a22396600a2e59d04_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:a55f5c74e35c5fe7dbab7b6e1cd6ea824606ed8d198e903dad264baab40008e2_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:991f3f31d41dc78e4aede374e9d6eaf82016da4528c3481af9936b4ab5ed30ca_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:0131e2bce3611a145b67ead5e4e0c0bb4206a996211510daffe7f0eeef42992b_ppc64le",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:798b5bfebc9c5423a116c80732fa5e1dd01dc0b99795387bc81b95c98ffc42a6_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:992b3afbd4630383951536fad36590328f5f4dd1ac438b24860e307bb21f6962_s390x",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:9fe2f1443f73cc296a9f50aba782c5b6aabae4a2adbba754f4346a395bd8bc09_arm64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:03e66dbde56c09f627bc5eb60ebfd5127a43d313dff99e75e37039de8ab9430d_ppc64le",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:053d1f1ba2f47f45379e4630d3cdcb734915e538f2500477108e2fb9f28b0596_arm64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:105988d31561736be604af59fa46b7b73003609546cf9b8bf5af97112c4dc750_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:e14baa9938a2ce79f2f977e70c6a706620e7eb652191269b628f6164f4120f34_s390x",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:7033e308ba08300838ce7b507434d3e2bed97e0b8919409079b5c9705cbf06e8_ppc64le",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:78b5652108b78dc1b8b3e5bd10026ec02954c41a73c59857ef8a75b2a59d3eca_s390x",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:9b0eea627cc3a2531a517df168818f40c92ebbf0a22ab56a22396600a2e59d04_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:a55f5c74e35c5fe7dbab7b6e1cd6ea824606ed8d198e903dad264baab40008e2_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/url: Incorrect parsing of IPv6 host literals in net/url"
},
{
"cve": "CVE-2026-27137",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2026-03-06T22:01:38.859733+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:991f3f31d41dc78e4aede374e9d6eaf82016da4528c3481af9936b4ab5ed30ca_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:0131e2bce3611a145b67ead5e4e0c0bb4206a996211510daffe7f0eeef42992b_ppc64le",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:798b5bfebc9c5423a116c80732fa5e1dd01dc0b99795387bc81b95c98ffc42a6_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:992b3afbd4630383951536fad36590328f5f4dd1ac438b24860e307bb21f6962_s390x",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:9fe2f1443f73cc296a9f50aba782c5b6aabae4a2adbba754f4346a395bd8bc09_arm64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:03e66dbde56c09f627bc5eb60ebfd5127a43d313dff99e75e37039de8ab9430d_ppc64le",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:053d1f1ba2f47f45379e4630d3cdcb734915e538f2500477108e2fb9f28b0596_arm64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:105988d31561736be604af59fa46b7b73003609546cf9b8bf5af97112c4dc750_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:e14baa9938a2ce79f2f977e70c6a706620e7eb652191269b628f6164f4120f34_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445345"
}
],
"notes": [
{
"category": "description",
"text": "A certificate validation flaw has been discovered in the golang crypto/x509 module. When verifying a certificate chain which contains a certificate containing multiple email address constraints which share common local portions but different domain portions, these constraints will not be properly applied, and only the last constraint will be considered.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: Incorrect enforcement of email constraints in crypto/x509",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:7033e308ba08300838ce7b507434d3e2bed97e0b8919409079b5c9705cbf06e8_ppc64le",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:78b5652108b78dc1b8b3e5bd10026ec02954c41a73c59857ef8a75b2a59d3eca_s390x",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:9b0eea627cc3a2531a517df168818f40c92ebbf0a22ab56a22396600a2e59d04_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:a55f5c74e35c5fe7dbab7b6e1cd6ea824606ed8d198e903dad264baab40008e2_arm64"
],
"known_not_affected": [
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:991f3f31d41dc78e4aede374e9d6eaf82016da4528c3481af9936b4ab5ed30ca_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:0131e2bce3611a145b67ead5e4e0c0bb4206a996211510daffe7f0eeef42992b_ppc64le",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:798b5bfebc9c5423a116c80732fa5e1dd01dc0b99795387bc81b95c98ffc42a6_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:992b3afbd4630383951536fad36590328f5f4dd1ac438b24860e307bb21f6962_s390x",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:9fe2f1443f73cc296a9f50aba782c5b6aabae4a2adbba754f4346a395bd8bc09_arm64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:03e66dbde56c09f627bc5eb60ebfd5127a43d313dff99e75e37039de8ab9430d_ppc64le",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:053d1f1ba2f47f45379e4630d3cdcb734915e538f2500477108e2fb9f28b0596_arm64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:105988d31561736be604af59fa46b7b73003609546cf9b8bf5af97112c4dc750_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:e14baa9938a2ce79f2f977e70c6a706620e7eb652191269b628f6164f4120f34_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27137"
},
{
"category": "external",
"summary": "RHBZ#2445345",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445345"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27137",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27137"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27137",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27137"
},
{
"category": "external",
"summary": "https://go.dev/cl/752182",
"url": "https://go.dev/cl/752182"
},
{
"category": "external",
"summary": "https://go.dev/issue/77952",
"url": "https://go.dev/issue/77952"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk",
"url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4599",
"url": "https://pkg.go.dev/vuln/GO-2026-4599"
}
],
"release_date": "2026-03-06T21:28:13.748000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T21:03:38+00:00",
"details": "To start using the DevWorkspace Operator, install the DevWorkspace Operator from OpenShift OperatorHub on OpenShift Container Platform 4.16 or higher.",
"product_ids": [
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:7033e308ba08300838ce7b507434d3e2bed97e0b8919409079b5c9705cbf06e8_ppc64le",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:78b5652108b78dc1b8b3e5bd10026ec02954c41a73c59857ef8a75b2a59d3eca_s390x",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:9b0eea627cc3a2531a517df168818f40c92ebbf0a22ab56a22396600a2e59d04_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:a55f5c74e35c5fe7dbab7b6e1cd6ea824606ed8d198e903dad264baab40008e2_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9872"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:991f3f31d41dc78e4aede374e9d6eaf82016da4528c3481af9936b4ab5ed30ca_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:0131e2bce3611a145b67ead5e4e0c0bb4206a996211510daffe7f0eeef42992b_ppc64le",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:798b5bfebc9c5423a116c80732fa5e1dd01dc0b99795387bc81b95c98ffc42a6_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:992b3afbd4630383951536fad36590328f5f4dd1ac438b24860e307bb21f6962_s390x",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:9fe2f1443f73cc296a9f50aba782c5b6aabae4a2adbba754f4346a395bd8bc09_arm64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:03e66dbde56c09f627bc5eb60ebfd5127a43d313dff99e75e37039de8ab9430d_ppc64le",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:053d1f1ba2f47f45379e4630d3cdcb734915e538f2500477108e2fb9f28b0596_arm64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:105988d31561736be604af59fa46b7b73003609546cf9b8bf5af97112c4dc750_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:e14baa9938a2ce79f2f977e70c6a706620e7eb652191269b628f6164f4120f34_s390x",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:7033e308ba08300838ce7b507434d3e2bed97e0b8919409079b5c9705cbf06e8_ppc64le",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:78b5652108b78dc1b8b3e5bd10026ec02954c41a73c59857ef8a75b2a59d3eca_s390x",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:9b0eea627cc3a2531a517df168818f40c92ebbf0a22ab56a22396600a2e59d04_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:a55f5c74e35c5fe7dbab7b6e1cd6ea824606ed8d198e903dad264baab40008e2_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:991f3f31d41dc78e4aede374e9d6eaf82016da4528c3481af9936b4ab5ed30ca_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:0131e2bce3611a145b67ead5e4e0c0bb4206a996211510daffe7f0eeef42992b_ppc64le",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:798b5bfebc9c5423a116c80732fa5e1dd01dc0b99795387bc81b95c98ffc42a6_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:992b3afbd4630383951536fad36590328f5f4dd1ac438b24860e307bb21f6962_s390x",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:9fe2f1443f73cc296a9f50aba782c5b6aabae4a2adbba754f4346a395bd8bc09_arm64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:03e66dbde56c09f627bc5eb60ebfd5127a43d313dff99e75e37039de8ab9430d_ppc64le",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:053d1f1ba2f47f45379e4630d3cdcb734915e538f2500477108e2fb9f28b0596_arm64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:105988d31561736be604af59fa46b7b73003609546cf9b8bf5af97112c4dc750_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:e14baa9938a2ce79f2f977e70c6a706620e7eb652191269b628f6164f4120f34_s390x",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:7033e308ba08300838ce7b507434d3e2bed97e0b8919409079b5c9705cbf06e8_ppc64le",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:78b5652108b78dc1b8b3e5bd10026ec02954c41a73c59857ef8a75b2a59d3eca_s390x",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:9b0eea627cc3a2531a517df168818f40c92ebbf0a22ab56a22396600a2e59d04_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:a55f5c74e35c5fe7dbab7b6e1cd6ea824606ed8d198e903dad264baab40008e2_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: Incorrect enforcement of email constraints in crypto/x509"
},
{
"cve": "CVE-2026-33186",
"cwe": {
"id": "CWE-551",
"name": "Incorrect Behavior Order: Authorization Before Parsing and Canonicalization"
},
"discovery_date": "2026-03-20T23:02:27.802640+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:991f3f31d41dc78e4aede374e9d6eaf82016da4528c3481af9936b4ab5ed30ca_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:0131e2bce3611a145b67ead5e4e0c0bb4206a996211510daffe7f0eeef42992b_ppc64le",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:798b5bfebc9c5423a116c80732fa5e1dd01dc0b99795387bc81b95c98ffc42a6_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:992b3afbd4630383951536fad36590328f5f4dd1ac438b24860e307bb21f6962_s390x",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:9fe2f1443f73cc296a9f50aba782c5b6aabae4a2adbba754f4346a395bd8bc09_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2449833"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 `:path` pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed `:path` that omits the mandatory leading slash. This allows the attacker to bypass defined security policies, potentially leading to unauthorized access to services or information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:03e66dbde56c09f627bc5eb60ebfd5127a43d313dff99e75e37039de8ab9430d_ppc64le",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:053d1f1ba2f47f45379e4630d3cdcb734915e538f2500477108e2fb9f28b0596_arm64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:105988d31561736be604af59fa46b7b73003609546cf9b8bf5af97112c4dc750_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:e14baa9938a2ce79f2f977e70c6a706620e7eb652191269b628f6164f4120f34_s390x",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:7033e308ba08300838ce7b507434d3e2bed97e0b8919409079b5c9705cbf06e8_ppc64le",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:78b5652108b78dc1b8b3e5bd10026ec02954c41a73c59857ef8a75b2a59d3eca_s390x",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:9b0eea627cc3a2531a517df168818f40c92ebbf0a22ab56a22396600a2e59d04_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:a55f5c74e35c5fe7dbab7b6e1cd6ea824606ed8d198e903dad264baab40008e2_arm64"
],
"known_not_affected": [
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:991f3f31d41dc78e4aede374e9d6eaf82016da4528c3481af9936b4ab5ed30ca_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:0131e2bce3611a145b67ead5e4e0c0bb4206a996211510daffe7f0eeef42992b_ppc64le",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:798b5bfebc9c5423a116c80732fa5e1dd01dc0b99795387bc81b95c98ffc42a6_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:992b3afbd4630383951536fad36590328f5f4dd1ac438b24860e307bb21f6962_s390x",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:9fe2f1443f73cc296a9f50aba782c5b6aabae4a2adbba754f4346a395bd8bc09_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33186"
},
{
"category": "external",
"summary": "RHBZ#2449833",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449833"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33186",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33186"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
},
{
"category": "external",
"summary": "https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3",
"url": "https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3"
}
],
"release_date": "2026-03-20T22:23:32.147000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-04-22T21:03:38+00:00",
"details": "To start using the DevWorkspace Operator, install the DevWorkspace Operator from OpenShift OperatorHub on OpenShift Container Platform 4.16 or higher.",
"product_ids": [
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:03e66dbde56c09f627bc5eb60ebfd5127a43d313dff99e75e37039de8ab9430d_ppc64le",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:053d1f1ba2f47f45379e4630d3cdcb734915e538f2500477108e2fb9f28b0596_arm64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:105988d31561736be604af59fa46b7b73003609546cf9b8bf5af97112c4dc750_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:e14baa9938a2ce79f2f977e70c6a706620e7eb652191269b628f6164f4120f34_s390x",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:7033e308ba08300838ce7b507434d3e2bed97e0b8919409079b5c9705cbf06e8_ppc64le",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:78b5652108b78dc1b8b3e5bd10026ec02954c41a73c59857ef8a75b2a59d3eca_s390x",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:9b0eea627cc3a2531a517df168818f40c92ebbf0a22ab56a22396600a2e59d04_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:a55f5c74e35c5fe7dbab7b6e1cd6ea824606ed8d198e903dad264baab40008e2_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:9872"
},
{
"category": "workaround",
"details": "To mitigate this issue, implement infrastructure-level normalization to ensure all incoming HTTP/2 `:path` headers are properly formatted with a leading slash before reaching the gRPC-Go server. This can be achieved by configuring a reverse proxy or API gateway to validate and normalize the `:path` header. Ensure that any such intermediary is properly configured and restarted to apply the changes, which may temporarily impact service availability.",
"product_ids": [
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:991f3f31d41dc78e4aede374e9d6eaf82016da4528c3481af9936b4ab5ed30ca_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:0131e2bce3611a145b67ead5e4e0c0bb4206a996211510daffe7f0eeef42992b_ppc64le",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:798b5bfebc9c5423a116c80732fa5e1dd01dc0b99795387bc81b95c98ffc42a6_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:992b3afbd4630383951536fad36590328f5f4dd1ac438b24860e307bb21f6962_s390x",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:9fe2f1443f73cc296a9f50aba782c5b6aabae4a2adbba754f4346a395bd8bc09_arm64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:03e66dbde56c09f627bc5eb60ebfd5127a43d313dff99e75e37039de8ab9430d_ppc64le",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:053d1f1ba2f47f45379e4630d3cdcb734915e538f2500477108e2fb9f28b0596_arm64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:105988d31561736be604af59fa46b7b73003609546cf9b8bf5af97112c4dc750_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:e14baa9938a2ce79f2f977e70c6a706620e7eb652191269b628f6164f4120f34_s390x",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:7033e308ba08300838ce7b507434d3e2bed97e0b8919409079b5c9705cbf06e8_ppc64le",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:78b5652108b78dc1b8b3e5bd10026ec02954c41a73c59857ef8a75b2a59d3eca_s390x",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:9b0eea627cc3a2531a517df168818f40c92ebbf0a22ab56a22396600a2e59d04_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:a55f5c74e35c5fe7dbab7b6e1cd6ea824606ed8d198e903dad264baab40008e2_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-operator-bundle@sha256:991f3f31d41dc78e4aede374e9d6eaf82016da4528c3481af9936b4ab5ed30ca_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:0131e2bce3611a145b67ead5e4e0c0bb4206a996211510daffe7f0eeef42992b_ppc64le",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:798b5bfebc9c5423a116c80732fa5e1dd01dc0b99795387bc81b95c98ffc42a6_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:992b3afbd4630383951536fad36590328f5f4dd1ac438b24860e307bb21f6962_s390x",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-backup-rhel9@sha256:9fe2f1443f73cc296a9f50aba782c5b6aabae4a2adbba754f4346a395bd8bc09_arm64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:03e66dbde56c09f627bc5eb60ebfd5127a43d313dff99e75e37039de8ab9430d_ppc64le",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:053d1f1ba2f47f45379e4630d3cdcb734915e538f2500477108e2fb9f28b0596_arm64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:105988d31561736be604af59fa46b7b73003609546cf9b8bf5af97112c4dc750_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9@sha256:e14baa9938a2ce79f2f977e70c6a706620e7eb652191269b628f6164f4120f34_s390x",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:7033e308ba08300838ce7b507434d3e2bed97e0b8919409079b5c9705cbf06e8_ppc64le",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:78b5652108b78dc1b8b3e5bd10026ec02954c41a73c59857ef8a75b2a59d3eca_s390x",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:9b0eea627cc3a2531a517df168818f40c92ebbf0a22ab56a22396600a2e59d04_amd64",
"DevWorkspace Operator 0.4:registry.redhat.io/devworkspace/devworkspace-rhel9-operator@sha256:a55f5c74e35c5fe7dbab7b6e1cd6ea824606ed8d198e903dad264baab40008e2_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation"
}
]
}
SUSE-SU-2026:0875-1
Vulnerability from csaf_suse - Published: 2026-03-11 18:34 - Updated: 2026-03-11 18:34| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.8-150000.1.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.8-150000.1.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.8-150000.1.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.8-150000.1.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.8-150000.1.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.8-150000.1.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.8-150000.1.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.8-150000.1.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.8-150000.1.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.8-150000.1.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.8-150000.1.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.8-150000.1.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.8-150000.1.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.8-150000.1.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.8-150000.1.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.8-150000.1.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.8-150000.1.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.8-150000.1.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.8-150000.1.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.8-150000.1.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.8-150000.1.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.25-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.25-1.25.8-150000.1.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.25-1.25.8-150000.1.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.25-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.25-doc-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.25-doc-1.25.8-150000.1.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.25-doc-1.25.8-150000.1.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.25-doc-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.25-race-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.25-race-1.25.8-150000.1.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.25-race-1.25.8-150000.1.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.25-race-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.8-150000.1.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.8-150000.1.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.8-150000.1.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.8-150000.1.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.8-150000.1.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.8-150000.1.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.8-150000.1.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.8-150000.1.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.8-150000.1.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.8-150000.1.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.8-150000.1.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.8-150000.1.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.8-150000.1.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.8-150000.1.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.8-150000.1.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.8-150000.1.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.8-150000.1.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.8-150000.1.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.8-150000.1.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.8-150000.1.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.8-150000.1.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.25-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.25-1.25.8-150000.1.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.25-1.25.8-150000.1.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.25-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.25-doc-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.25-doc-1.25.8-150000.1.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.25-doc-1.25.8-150000.1.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.25-doc-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.25-race-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.25-race-1.25.8-150000.1.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.25-race-1.25.8-150000.1.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.25-race-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.8-150000.1.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.8-150000.1.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.8-150000.1.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.8-150000.1.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.8-150000.1.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.8-150000.1.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.8-150000.1.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.8-150000.1.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.8-150000.1.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.8-150000.1.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.8-150000.1.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.8-150000.1.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.8-150000.1.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.8-150000.1.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.8-150000.1.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.8-150000.1.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.8-150000.1.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.8-150000.1.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.8-150000.1.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.8-150000.1.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.8-150000.1.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.25-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.25-1.25.8-150000.1.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.25-1.25.8-150000.1.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.25-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.25-doc-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.25-doc-1.25.8-150000.1.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.25-doc-1.25.8-150000.1.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.25-doc-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.25-race-1.25.8-150000.1.32.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.25-race-1.25.8-150000.1.32.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.25-race-1.25.8-150000.1.32.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.25-race-1.25.8-150000.1.32.1.x86_64 | — |
Vendor Fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for go1.25",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for go1.25 fixes the following issues:\n\nUpdate to go1.25.8 (bsc#1244485):\n\n- CVE-2026-25679: net/url: reject IPv6 literal not at start of host (bsc#1259264).\n- CVE-2026-27139: os: FileInfo can escape from a Root (bsc#1259268).\n- CVE-2026-27142: html/template: URLs in meta content attribute actions are not escaped (bsc#1259265).\n\nChangelog:\n \n* go#77253 cmd/compile: miscompile of global array initialization\n* go#77406 os: Go 1.25.x regression on RemoveAll for windows\n* go#77413 runtime: netpollinit() incorrectly prints the error from linux.Eventfd\n* go#77438 cmd/go: CGO compilation fails after upgrading from Go 1.25.5 to 1.25.6 due to --define-variable flag in \n pkg-config\n* go#77531 net/smtp: expiry date of localhostCert for testing is too short\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2026-875,SUSE-SLE-Module-Development-Tools-15-SP7-2026-875,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-875,SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-875,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-875,SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-875,SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-875,SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-875,SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-875,SUSE-SLE-Product-SLES_SAP-15-SP4-2026-875,SUSE-SLE-Product-SLES_SAP-15-SP5-2026-875,SUSE-SLE-Product-SLES_SAP-15-SP6-2026-875,openSUSE-SLE-15.6-2026-875",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_0875-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:0875-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20260875-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:0875-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024674.html"
},
{
"category": "self",
"summary": "SUSE Bug 1244485",
"url": "https://bugzilla.suse.com/1244485"
},
{
"category": "self",
"summary": "SUSE Bug 1259264",
"url": "https://bugzilla.suse.com/1259264"
},
{
"category": "self",
"summary": "SUSE Bug 1259265",
"url": "https://bugzilla.suse.com/1259265"
},
{
"category": "self",
"summary": "SUSE Bug 1259268",
"url": "https://bugzilla.suse.com/1259268"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-25679 page",
"url": "https://www.suse.com/security/cve/CVE-2026-25679/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-27139 page",
"url": "https://www.suse.com/security/cve/CVE-2026-27139/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-27142 page",
"url": "https://www.suse.com/security/cve/CVE-2026-27142/"
}
],
"title": "Security update for go1.25",
"tracking": {
"current_release_date": "2026-03-11T18:34:13Z",
"generator": {
"date": "2026-03-11T18:34:13Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:0875-1",
"initial_release_date": "2026-03-11T18:34:13Z",
"revision_history": [
{
"date": "2026-03-11T18:34:13Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "go1.25-1.25.8-150000.1.32.1.aarch64",
"product": {
"name": "go1.25-1.25.8-150000.1.32.1.aarch64",
"product_id": "go1.25-1.25.8-150000.1.32.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"product": {
"name": "go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"product_id": "go1.25-doc-1.25.8-150000.1.32.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.25-race-1.25.8-150000.1.32.1.aarch64",
"product": {
"name": "go1.25-race-1.25.8-150000.1.32.1.aarch64",
"product_id": "go1.25-race-1.25.8-150000.1.32.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.25-1.25.8-150000.1.32.1.i586",
"product": {
"name": "go1.25-1.25.8-150000.1.32.1.i586",
"product_id": "go1.25-1.25.8-150000.1.32.1.i586"
}
},
{
"category": "product_version",
"name": "go1.25-doc-1.25.8-150000.1.32.1.i586",
"product": {
"name": "go1.25-doc-1.25.8-150000.1.32.1.i586",
"product_id": "go1.25-doc-1.25.8-150000.1.32.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.25-1.25.8-150000.1.32.1.ppc64le",
"product": {
"name": "go1.25-1.25.8-150000.1.32.1.ppc64le",
"product_id": "go1.25-1.25.8-150000.1.32.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"product": {
"name": "go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"product_id": "go1.25-doc-1.25.8-150000.1.32.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"product": {
"name": "go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"product_id": "go1.25-race-1.25.8-150000.1.32.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.25-1.25.8-150000.1.32.1.s390x",
"product": {
"name": "go1.25-1.25.8-150000.1.32.1.s390x",
"product_id": "go1.25-1.25.8-150000.1.32.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.25-doc-1.25.8-150000.1.32.1.s390x",
"product": {
"name": "go1.25-doc-1.25.8-150000.1.32.1.s390x",
"product_id": "go1.25-doc-1.25.8-150000.1.32.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.25-race-1.25.8-150000.1.32.1.s390x",
"product": {
"name": "go1.25-race-1.25.8-150000.1.32.1.s390x",
"product_id": "go1.25-race-1.25.8-150000.1.32.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.25-1.25.8-150000.1.32.1.x86_64",
"product": {
"name": "go1.25-1.25.8-150000.1.32.1.x86_64",
"product_id": "go1.25-1.25.8-150000.1.32.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"product": {
"name": "go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"product_id": "go1.25-doc-1.25.8-150000.1.32.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.25-race-1.25.8-150000.1.32.1.x86_64",
"product": {
"name": "go1.25-race-1.25.8-150000.1.32.1.x86_64",
"product_id": "go1.25-race-1.25.8-150000.1.32.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-development-tools:15:sp7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP6-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp6"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.8-150000.1.32.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.8-150000.1.32.1.aarch64"
},
"product_reference": "go1.25-1.25.8-150000.1.32.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.8-150000.1.32.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.8-150000.1.32.1.ppc64le"
},
"product_reference": "go1.25-1.25.8-150000.1.32.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.8-150000.1.32.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.8-150000.1.32.1.s390x"
},
"product_reference": "go1.25-1.25.8-150000.1.32.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.8-150000.1.32.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.8-150000.1.32.1.x86_64"
},
"product_reference": "go1.25-1.25.8-150000.1.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.8-150000.1.32.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.8-150000.1.32.1.aarch64"
},
"product_reference": "go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.8-150000.1.32.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.8-150000.1.32.1.ppc64le"
},
"product_reference": "go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.8-150000.1.32.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.8-150000.1.32.1.s390x"
},
"product_reference": "go1.25-doc-1.25.8-150000.1.32.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.8-150000.1.32.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.8-150000.1.32.1.x86_64"
},
"product_reference": "go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.8-150000.1.32.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.8-150000.1.32.1.aarch64"
},
"product_reference": "go1.25-race-1.25.8-150000.1.32.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.8-150000.1.32.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.8-150000.1.32.1.ppc64le"
},
"product_reference": "go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.8-150000.1.32.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.8-150000.1.32.1.s390x"
},
"product_reference": "go1.25-race-1.25.8-150000.1.32.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.8-150000.1.32.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.8-150000.1.32.1.x86_64"
},
"product_reference": "go1.25-race-1.25.8-150000.1.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.8-150000.1.32.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.8-150000.1.32.1.aarch64"
},
"product_reference": "go1.25-1.25.8-150000.1.32.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.8-150000.1.32.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.8-150000.1.32.1.x86_64"
},
"product_reference": "go1.25-1.25.8-150000.1.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.8-150000.1.32.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.8-150000.1.32.1.aarch64"
},
"product_reference": "go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.8-150000.1.32.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.8-150000.1.32.1.x86_64"
},
"product_reference": "go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.8-150000.1.32.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.8-150000.1.32.1.aarch64"
},
"product_reference": "go1.25-race-1.25.8-150000.1.32.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.8-150000.1.32.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.8-150000.1.32.1.x86_64"
},
"product_reference": "go1.25-race-1.25.8-150000.1.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.8-150000.1.32.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.aarch64"
},
"product_reference": "go1.25-1.25.8-150000.1.32.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.8-150000.1.32.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.x86_64"
},
"product_reference": "go1.25-1.25.8-150000.1.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.8-150000.1.32.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.aarch64"
},
"product_reference": "go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.8-150000.1.32.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.x86_64"
},
"product_reference": "go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.8-150000.1.32.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.aarch64"
},
"product_reference": "go1.25-race-1.25.8-150000.1.32.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.8-150000.1.32.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.x86_64"
},
"product_reference": "go1.25-race-1.25.8-150000.1.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.8-150000.1.32.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.8-150000.1.32.1.aarch64"
},
"product_reference": "go1.25-1.25.8-150000.1.32.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.8-150000.1.32.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.8-150000.1.32.1.x86_64"
},
"product_reference": "go1.25-1.25.8-150000.1.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.8-150000.1.32.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.8-150000.1.32.1.aarch64"
},
"product_reference": "go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.8-150000.1.32.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.8-150000.1.32.1.x86_64"
},
"product_reference": "go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.8-150000.1.32.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.8-150000.1.32.1.aarch64"
},
"product_reference": "go1.25-race-1.25.8-150000.1.32.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.8-150000.1.32.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.8-150000.1.32.1.x86_64"
},
"product_reference": "go1.25-race-1.25.8-150000.1.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.8-150000.1.32.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.aarch64"
},
"product_reference": "go1.25-1.25.8-150000.1.32.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.8-150000.1.32.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.x86_64"
},
"product_reference": "go1.25-1.25.8-150000.1.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.8-150000.1.32.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.aarch64"
},
"product_reference": "go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.8-150000.1.32.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.x86_64"
},
"product_reference": "go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.8-150000.1.32.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.aarch64"
},
"product_reference": "go1.25-race-1.25.8-150000.1.32.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.8-150000.1.32.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.x86_64"
},
"product_reference": "go1.25-race-1.25.8-150000.1.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.8-150000.1.32.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.aarch64"
},
"product_reference": "go1.25-1.25.8-150000.1.32.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.8-150000.1.32.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.ppc64le"
},
"product_reference": "go1.25-1.25.8-150000.1.32.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.8-150000.1.32.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.s390x"
},
"product_reference": "go1.25-1.25.8-150000.1.32.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.8-150000.1.32.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.x86_64"
},
"product_reference": "go1.25-1.25.8-150000.1.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.8-150000.1.32.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.aarch64"
},
"product_reference": "go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.8-150000.1.32.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.ppc64le"
},
"product_reference": "go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.8-150000.1.32.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.s390x"
},
"product_reference": "go1.25-doc-1.25.8-150000.1.32.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.8-150000.1.32.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.x86_64"
},
"product_reference": "go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.8-150000.1.32.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.aarch64"
},
"product_reference": "go1.25-race-1.25.8-150000.1.32.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.8-150000.1.32.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.ppc64le"
},
"product_reference": "go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.8-150000.1.32.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.s390x"
},
"product_reference": "go1.25-race-1.25.8-150000.1.32.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.8-150000.1.32.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.x86_64"
},
"product_reference": "go1.25-race-1.25.8-150000.1.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.8-150000.1.32.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.aarch64"
},
"product_reference": "go1.25-1.25.8-150000.1.32.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.8-150000.1.32.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.ppc64le"
},
"product_reference": "go1.25-1.25.8-150000.1.32.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.8-150000.1.32.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.s390x"
},
"product_reference": "go1.25-1.25.8-150000.1.32.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.8-150000.1.32.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.x86_64"
},
"product_reference": "go1.25-1.25.8-150000.1.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.8-150000.1.32.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.aarch64"
},
"product_reference": "go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.8-150000.1.32.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.ppc64le"
},
"product_reference": "go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.8-150000.1.32.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.s390x"
},
"product_reference": "go1.25-doc-1.25.8-150000.1.32.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.8-150000.1.32.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.x86_64"
},
"product_reference": "go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.8-150000.1.32.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.aarch64"
},
"product_reference": "go1.25-race-1.25.8-150000.1.32.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.8-150000.1.32.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.ppc64le"
},
"product_reference": "go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.8-150000.1.32.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.s390x"
},
"product_reference": "go1.25-race-1.25.8-150000.1.32.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.8-150000.1.32.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.x86_64"
},
"product_reference": "go1.25-race-1.25.8-150000.1.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.8-150000.1.32.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.8-150000.1.32.1.aarch64"
},
"product_reference": "go1.25-1.25.8-150000.1.32.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.8-150000.1.32.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.8-150000.1.32.1.ppc64le"
},
"product_reference": "go1.25-1.25.8-150000.1.32.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.8-150000.1.32.1.s390x as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.8-150000.1.32.1.s390x"
},
"product_reference": "go1.25-1.25.8-150000.1.32.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.8-150000.1.32.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.8-150000.1.32.1.x86_64"
},
"product_reference": "go1.25-1.25.8-150000.1.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.8-150000.1.32.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.8-150000.1.32.1.aarch64"
},
"product_reference": "go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.8-150000.1.32.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.8-150000.1.32.1.ppc64le"
},
"product_reference": "go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.8-150000.1.32.1.s390x as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.8-150000.1.32.1.s390x"
},
"product_reference": "go1.25-doc-1.25.8-150000.1.32.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.8-150000.1.32.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.8-150000.1.32.1.x86_64"
},
"product_reference": "go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.8-150000.1.32.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.8-150000.1.32.1.aarch64"
},
"product_reference": "go1.25-race-1.25.8-150000.1.32.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.8-150000.1.32.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.8-150000.1.32.1.ppc64le"
},
"product_reference": "go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.8-150000.1.32.1.s390x as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.8-150000.1.32.1.s390x"
},
"product_reference": "go1.25-race-1.25.8-150000.1.32.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.8-150000.1.32.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.8-150000.1.32.1.x86_64"
},
"product_reference": "go1.25-race-1.25.8-150000.1.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.8-150000.1.32.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.8-150000.1.32.1.ppc64le"
},
"product_reference": "go1.25-1.25.8-150000.1.32.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.8-150000.1.32.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.8-150000.1.32.1.x86_64"
},
"product_reference": "go1.25-1.25.8-150000.1.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.8-150000.1.32.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.8-150000.1.32.1.ppc64le"
},
"product_reference": "go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.8-150000.1.32.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.8-150000.1.32.1.x86_64"
},
"product_reference": "go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.8-150000.1.32.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.8-150000.1.32.1.ppc64le"
},
"product_reference": "go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.8-150000.1.32.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.8-150000.1.32.1.x86_64"
},
"product_reference": "go1.25-race-1.25.8-150000.1.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.8-150000.1.32.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.8-150000.1.32.1.ppc64le"
},
"product_reference": "go1.25-1.25.8-150000.1.32.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.8-150000.1.32.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.8-150000.1.32.1.x86_64"
},
"product_reference": "go1.25-1.25.8-150000.1.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.8-150000.1.32.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.8-150000.1.32.1.ppc64le"
},
"product_reference": "go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.8-150000.1.32.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.8-150000.1.32.1.x86_64"
},
"product_reference": "go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.8-150000.1.32.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.8-150000.1.32.1.ppc64le"
},
"product_reference": "go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.8-150000.1.32.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.8-150000.1.32.1.x86_64"
},
"product_reference": "go1.25-race-1.25.8-150000.1.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.8-150000.1.32.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.8-150000.1.32.1.ppc64le"
},
"product_reference": "go1.25-1.25.8-150000.1.32.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.8-150000.1.32.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.8-150000.1.32.1.x86_64"
},
"product_reference": "go1.25-1.25.8-150000.1.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.8-150000.1.32.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.8-150000.1.32.1.ppc64le"
},
"product_reference": "go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.8-150000.1.32.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.8-150000.1.32.1.x86_64"
},
"product_reference": "go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.8-150000.1.32.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.8-150000.1.32.1.ppc64le"
},
"product_reference": "go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.8-150000.1.32.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.8-150000.1.32.1.x86_64"
},
"product_reference": "go1.25-race-1.25.8-150000.1.32.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.8-150000.1.32.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.25-1.25.8-150000.1.32.1.aarch64"
},
"product_reference": "go1.25-1.25.8-150000.1.32.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.8-150000.1.32.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.25-1.25.8-150000.1.32.1.ppc64le"
},
"product_reference": "go1.25-1.25.8-150000.1.32.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.8-150000.1.32.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.25-1.25.8-150000.1.32.1.s390x"
},
"product_reference": "go1.25-1.25.8-150000.1.32.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-1.25.8-150000.1.32.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.25-1.25.8-150000.1.32.1.x86_64"
},
"product_reference": "go1.25-1.25.8-150000.1.32.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.8-150000.1.32.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.25-doc-1.25.8-150000.1.32.1.aarch64"
},
"product_reference": "go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.8-150000.1.32.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.25-doc-1.25.8-150000.1.32.1.ppc64le"
},
"product_reference": "go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.8-150000.1.32.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.25-doc-1.25.8-150000.1.32.1.s390x"
},
"product_reference": "go1.25-doc-1.25.8-150000.1.32.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-doc-1.25.8-150000.1.32.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.25-doc-1.25.8-150000.1.32.1.x86_64"
},
"product_reference": "go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.8-150000.1.32.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.25-race-1.25.8-150000.1.32.1.aarch64"
},
"product_reference": "go1.25-race-1.25.8-150000.1.32.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.8-150000.1.32.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.25-race-1.25.8-150000.1.32.1.ppc64le"
},
"product_reference": "go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.8-150000.1.32.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.25-race-1.25.8-150000.1.32.1.s390x"
},
"product_reference": "go1.25-race-1.25.8-150000.1.32.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.25-race-1.25.8-150000.1.32.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.25-race-1.25.8-150000.1.32.1.x86_64"
},
"product_reference": "go1.25-race-1.25.8-150000.1.32.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-25679",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-25679"
}
],
"notes": [
{
"category": "general",
"text": "url.Parse insufficiently validated the host/authority component and accepted some invalid URLs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"openSUSE Leap 15.6:go1.25-1.25.8-150000.1.32.1.aarch64",
"openSUSE Leap 15.6:go1.25-1.25.8-150000.1.32.1.ppc64le",
"openSUSE Leap 15.6:go1.25-1.25.8-150000.1.32.1.s390x",
"openSUSE Leap 15.6:go1.25-1.25.8-150000.1.32.1.x86_64",
"openSUSE Leap 15.6:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"openSUSE Leap 15.6:go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"openSUSE Leap 15.6:go1.25-doc-1.25.8-150000.1.32.1.s390x",
"openSUSE Leap 15.6:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"openSUSE Leap 15.6:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"openSUSE Leap 15.6:go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"openSUSE Leap 15.6:go1.25-race-1.25.8-150000.1.32.1.s390x",
"openSUSE Leap 15.6:go1.25-race-1.25.8-150000.1.32.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-25679",
"url": "https://www.suse.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "SUSE Bug 1259264 for CVE-2026-25679",
"url": "https://bugzilla.suse.com/1259264"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"openSUSE Leap 15.6:go1.25-1.25.8-150000.1.32.1.aarch64",
"openSUSE Leap 15.6:go1.25-1.25.8-150000.1.32.1.ppc64le",
"openSUSE Leap 15.6:go1.25-1.25.8-150000.1.32.1.s390x",
"openSUSE Leap 15.6:go1.25-1.25.8-150000.1.32.1.x86_64",
"openSUSE Leap 15.6:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"openSUSE Leap 15.6:go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"openSUSE Leap 15.6:go1.25-doc-1.25.8-150000.1.32.1.s390x",
"openSUSE Leap 15.6:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"openSUSE Leap 15.6:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"openSUSE Leap 15.6:go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"openSUSE Leap 15.6:go1.25-race-1.25.8-150000.1.32.1.s390x",
"openSUSE Leap 15.6:go1.25-race-1.25.8-150000.1.32.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"openSUSE Leap 15.6:go1.25-1.25.8-150000.1.32.1.aarch64",
"openSUSE Leap 15.6:go1.25-1.25.8-150000.1.32.1.ppc64le",
"openSUSE Leap 15.6:go1.25-1.25.8-150000.1.32.1.s390x",
"openSUSE Leap 15.6:go1.25-1.25.8-150000.1.32.1.x86_64",
"openSUSE Leap 15.6:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"openSUSE Leap 15.6:go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"openSUSE Leap 15.6:go1.25-doc-1.25.8-150000.1.32.1.s390x",
"openSUSE Leap 15.6:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"openSUSE Leap 15.6:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"openSUSE Leap 15.6:go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"openSUSE Leap 15.6:go1.25-race-1.25.8-150000.1.32.1.s390x",
"openSUSE Leap 15.6:go1.25-race-1.25.8-150000.1.32.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-11T18:34:13Z",
"details": "moderate"
}
],
"title": "CVE-2026-25679"
},
{
"cve": "CVE-2026-27139",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-27139"
}
],
"notes": [
{
"category": "general",
"text": "On Unix platforms, when listing the contents of a directory using File.ReadDir or File.Readdir the returned FileInfo could reference a file outside of the Root in which the File was opened. The impact of this escape is limited to reading metadata provided by lstat from arbitrary locations on the filesystem without permitting reading or writing files outside the root.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"openSUSE Leap 15.6:go1.25-1.25.8-150000.1.32.1.aarch64",
"openSUSE Leap 15.6:go1.25-1.25.8-150000.1.32.1.ppc64le",
"openSUSE Leap 15.6:go1.25-1.25.8-150000.1.32.1.s390x",
"openSUSE Leap 15.6:go1.25-1.25.8-150000.1.32.1.x86_64",
"openSUSE Leap 15.6:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"openSUSE Leap 15.6:go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"openSUSE Leap 15.6:go1.25-doc-1.25.8-150000.1.32.1.s390x",
"openSUSE Leap 15.6:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"openSUSE Leap 15.6:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"openSUSE Leap 15.6:go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"openSUSE Leap 15.6:go1.25-race-1.25.8-150000.1.32.1.s390x",
"openSUSE Leap 15.6:go1.25-race-1.25.8-150000.1.32.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-27139",
"url": "https://www.suse.com/security/cve/CVE-2026-27139"
},
{
"category": "external",
"summary": "SUSE Bug 1259268 for CVE-2026-27139",
"url": "https://bugzilla.suse.com/1259268"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"openSUSE Leap 15.6:go1.25-1.25.8-150000.1.32.1.aarch64",
"openSUSE Leap 15.6:go1.25-1.25.8-150000.1.32.1.ppc64le",
"openSUSE Leap 15.6:go1.25-1.25.8-150000.1.32.1.s390x",
"openSUSE Leap 15.6:go1.25-1.25.8-150000.1.32.1.x86_64",
"openSUSE Leap 15.6:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"openSUSE Leap 15.6:go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"openSUSE Leap 15.6:go1.25-doc-1.25.8-150000.1.32.1.s390x",
"openSUSE Leap 15.6:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"openSUSE Leap 15.6:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"openSUSE Leap 15.6:go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"openSUSE Leap 15.6:go1.25-race-1.25.8-150000.1.32.1.s390x",
"openSUSE Leap 15.6:go1.25-race-1.25.8-150000.1.32.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"openSUSE Leap 15.6:go1.25-1.25.8-150000.1.32.1.aarch64",
"openSUSE Leap 15.6:go1.25-1.25.8-150000.1.32.1.ppc64le",
"openSUSE Leap 15.6:go1.25-1.25.8-150000.1.32.1.s390x",
"openSUSE Leap 15.6:go1.25-1.25.8-150000.1.32.1.x86_64",
"openSUSE Leap 15.6:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"openSUSE Leap 15.6:go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"openSUSE Leap 15.6:go1.25-doc-1.25.8-150000.1.32.1.s390x",
"openSUSE Leap 15.6:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"openSUSE Leap 15.6:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"openSUSE Leap 15.6:go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"openSUSE Leap 15.6:go1.25-race-1.25.8-150000.1.32.1.s390x",
"openSUSE Leap 15.6:go1.25-race-1.25.8-150000.1.32.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-11T18:34:13Z",
"details": "moderate"
}
],
"title": "CVE-2026-27139"
},
{
"cve": "CVE-2026-27142",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-27142"
}
],
"notes": [
{
"category": "general",
"text": "Actions which insert URLs into the content attribute of HTML meta tags are not escaped. This can allow XSS if the meta tag also has an http-equiv attribute with the value \"refresh\". A new GODEBUG setting has been added, htmlmetacontenturlescape, which can be used to disable escaping URLs in actions in the meta content attribute which follow \"url=\" by setting htmlmetacontenturlescape=0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"openSUSE Leap 15.6:go1.25-1.25.8-150000.1.32.1.aarch64",
"openSUSE Leap 15.6:go1.25-1.25.8-150000.1.32.1.ppc64le",
"openSUSE Leap 15.6:go1.25-1.25.8-150000.1.32.1.s390x",
"openSUSE Leap 15.6:go1.25-1.25.8-150000.1.32.1.x86_64",
"openSUSE Leap 15.6:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"openSUSE Leap 15.6:go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"openSUSE Leap 15.6:go1.25-doc-1.25.8-150000.1.32.1.s390x",
"openSUSE Leap 15.6:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"openSUSE Leap 15.6:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"openSUSE Leap 15.6:go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"openSUSE Leap 15.6:go1.25-race-1.25.8-150000.1.32.1.s390x",
"openSUSE Leap 15.6:go1.25-race-1.25.8-150000.1.32.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-27142",
"url": "https://www.suse.com/security/cve/CVE-2026-27142"
},
{
"category": "external",
"summary": "SUSE Bug 1259265 for CVE-2026-27142",
"url": "https://bugzilla.suse.com/1259265"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"openSUSE Leap 15.6:go1.25-1.25.8-150000.1.32.1.aarch64",
"openSUSE Leap 15.6:go1.25-1.25.8-150000.1.32.1.ppc64le",
"openSUSE Leap 15.6:go1.25-1.25.8-150000.1.32.1.s390x",
"openSUSE Leap 15.6:go1.25-1.25.8-150000.1.32.1.x86_64",
"openSUSE Leap 15.6:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"openSUSE Leap 15.6:go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"openSUSE Leap 15.6:go1.25-doc-1.25.8-150000.1.32.1.s390x",
"openSUSE Leap 15.6:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"openSUSE Leap 15.6:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"openSUSE Leap 15.6:go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"openSUSE Leap 15.6:go1.25-race-1.25.8-150000.1.32.1.s390x",
"openSUSE Leap 15.6:go1.25-race-1.25.8-150000.1.32.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.8-150000.1.32.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.25-race-1.25.8-150000.1.32.1.x86_64",
"openSUSE Leap 15.6:go1.25-1.25.8-150000.1.32.1.aarch64",
"openSUSE Leap 15.6:go1.25-1.25.8-150000.1.32.1.ppc64le",
"openSUSE Leap 15.6:go1.25-1.25.8-150000.1.32.1.s390x",
"openSUSE Leap 15.6:go1.25-1.25.8-150000.1.32.1.x86_64",
"openSUSE Leap 15.6:go1.25-doc-1.25.8-150000.1.32.1.aarch64",
"openSUSE Leap 15.6:go1.25-doc-1.25.8-150000.1.32.1.ppc64le",
"openSUSE Leap 15.6:go1.25-doc-1.25.8-150000.1.32.1.s390x",
"openSUSE Leap 15.6:go1.25-doc-1.25.8-150000.1.32.1.x86_64",
"openSUSE Leap 15.6:go1.25-race-1.25.8-150000.1.32.1.aarch64",
"openSUSE Leap 15.6:go1.25-race-1.25.8-150000.1.32.1.ppc64le",
"openSUSE Leap 15.6:go1.25-race-1.25.8-150000.1.32.1.s390x",
"openSUSE Leap 15.6:go1.25-race-1.25.8-150000.1.32.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-11T18:34:13Z",
"details": "moderate"
}
],
"title": "CVE-2026-27142"
}
]
}
SUSE-SU-2026:0876-1
Vulnerability from csaf_suse - Published: 2026-03-11 18:35 - Updated: 2026-03-11 18:35| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.x86_64 | — |
Vendor Fix
|
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for go1.26",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for go1.26 fixes the following issues:\n\nUpdate to go1.26.1 (bsc#1255111):\n\n- CVE-2026-25679: net/url: reject IPv6 literal not at start of host (bsc#1259264).\n- CVE-2026-27137: crypto/x509: incorrect enforcement of email constraints (bsc#1259266).\n- CVE-2026-27138: crypto/x509: panic in name constraint checking for malformed certificates (bsc#1259267).\n- CVE-2026-27139: os: FileInfo can escape from a Root (bsc#1259268).\n- CVE-2026-27142: html/template: URLs in meta content attribute actions are not escaped (bsc#1259265).\n\nChangelog:\n\n* go#77252 cmd/compile: miscompile of global array initialization\n* go#77407 os: Go 1.25.x regression on RemoveAll for windows\n* go#77474 cmd/go: CGO compilation fails after upgrading from Go 1.25.5 to 1.25.6 due to --define-variable flag in \n pkg-config\n* go#77529 cmd/fix, x/tools/go/analysis/passes/modernize: stringscut: OOB panic in indexArgValid analyzing\n \u0027buf.Bytes()\u0027 call\n* go#77532 net/smtp: expiry date of localhostCert for testing is too short\n* go#77536 cmd/compile: internal compiler error: \u0027main.func1\u0027: not lowered: v15, Load STRUCT PTR SSA\n* go#77618 strings: HasSuffix doesn\u0027t work correctly for multibyte runes in go 1.26\n* go#77623 cmd/compile: internal compiler error on : \u0027tried to free an already free register\u0027 with generic function\n and type \u003e= 192 bytes\n* go#77624 cmd/fix, x/tools/go/analysis/passes/modernize: stringsbuilder breaks code when combining two \n strings.Builders\n* go#77680 cmd/link: TestFlagW/-w_-linkmode=external fails on illumos\n* go#77766 cmd/fix,x/tools/go/analysis/passes/modernize: rangeint uses target platform\u0027s type in the range expression,\n breaking other platforms\n* go#77780 reflect: breaking change for reflect.Value.Interface behaviour\n* go#77786 cmd/compile: rewriteFixedLoad does not properly sign extend AuxInt\n* go#77803 cmd/fix,x/tools/go/analysis/passes/modernize: reflect.TypeOf(nil) transformed into \n reflect.TypeFor[untyped nil]()\n* go#77804 cmd/fix,x/tools/go/analysis/passes/modernize: minmax breaks select statements\n* go#77805 cmd/fix, x/tools/go/analysis/passes/modernize: waitgroup leads to a compilation error\n* go#77807 cmd/fix,x/tools/go/analysis/passes/modernize: stringsbuilder ignores variables if they are used multiple\n times\n* go#77849 cmd/fix,x/tools/go/analysis/passes/modernize: stringscut rewrite changes behavior\n* go#77860 cmd/go: change go mod init default go directive back to 1.N\n* go#77899 cmd/fix, x/tools/go/analysis/passes/modernize: bad rangeint rewriting\n* go#77904 x/tools/go/analysis/passes/modernize: stringsbuilder breaks code when GenDecl is a block declaration\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2026-876,SUSE-SLE-Module-Development-Tools-15-SP7-2026-876,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-876,SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-876,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-876,SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-876,SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-876,SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-876,SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-876,SUSE-SLE-Product-SLES_SAP-15-SP4-2026-876,SUSE-SLE-Product-SLES_SAP-15-SP5-2026-876,SUSE-SLE-Product-SLES_SAP-15-SP6-2026-876,openSUSE-SLE-15.6-2026-876",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_0876-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:0876-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20260876-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:0876-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-March/024673.html"
},
{
"category": "self",
"summary": "SUSE Bug 1255111",
"url": "https://bugzilla.suse.com/1255111"
},
{
"category": "self",
"summary": "SUSE Bug 1259264",
"url": "https://bugzilla.suse.com/1259264"
},
{
"category": "self",
"summary": "SUSE Bug 1259265",
"url": "https://bugzilla.suse.com/1259265"
},
{
"category": "self",
"summary": "SUSE Bug 1259266",
"url": "https://bugzilla.suse.com/1259266"
},
{
"category": "self",
"summary": "SUSE Bug 1259267",
"url": "https://bugzilla.suse.com/1259267"
},
{
"category": "self",
"summary": "SUSE Bug 1259268",
"url": "https://bugzilla.suse.com/1259268"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-25679 page",
"url": "https://www.suse.com/security/cve/CVE-2026-25679/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-27137 page",
"url": "https://www.suse.com/security/cve/CVE-2026-27137/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-27138 page",
"url": "https://www.suse.com/security/cve/CVE-2026-27138/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-27139 page",
"url": "https://www.suse.com/security/cve/CVE-2026-27139/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-27142 page",
"url": "https://www.suse.com/security/cve/CVE-2026-27142/"
}
],
"title": "Security update for go1.26",
"tracking": {
"current_release_date": "2026-03-11T18:35:26Z",
"generator": {
"date": "2026-03-11T18:35:26Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:0876-1",
"initial_release_date": "2026-03-11T18:35:26Z",
"revision_history": [
{
"date": "2026-03-11T18:35:26Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "go1.26-1.26.1-150000.1.6.1.aarch64",
"product": {
"name": "go1.26-1.26.1-150000.1.6.1.aarch64",
"product_id": "go1.26-1.26.1-150000.1.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"product": {
"name": "go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"product_id": "go1.26-doc-1.26.1-150000.1.6.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.26-race-1.26.1-150000.1.6.1.aarch64",
"product": {
"name": "go1.26-race-1.26.1-150000.1.6.1.aarch64",
"product_id": "go1.26-race-1.26.1-150000.1.6.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.26-1.26.1-150000.1.6.1.i586",
"product": {
"name": "go1.26-1.26.1-150000.1.6.1.i586",
"product_id": "go1.26-1.26.1-150000.1.6.1.i586"
}
},
{
"category": "product_version",
"name": "go1.26-doc-1.26.1-150000.1.6.1.i586",
"product": {
"name": "go1.26-doc-1.26.1-150000.1.6.1.i586",
"product_id": "go1.26-doc-1.26.1-150000.1.6.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.26-1.26.1-150000.1.6.1.ppc64le",
"product": {
"name": "go1.26-1.26.1-150000.1.6.1.ppc64le",
"product_id": "go1.26-1.26.1-150000.1.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"product": {
"name": "go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"product_id": "go1.26-doc-1.26.1-150000.1.6.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"product": {
"name": "go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"product_id": "go1.26-race-1.26.1-150000.1.6.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.26-1.26.1-150000.1.6.1.s390x",
"product": {
"name": "go1.26-1.26.1-150000.1.6.1.s390x",
"product_id": "go1.26-1.26.1-150000.1.6.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.26-doc-1.26.1-150000.1.6.1.s390x",
"product": {
"name": "go1.26-doc-1.26.1-150000.1.6.1.s390x",
"product_id": "go1.26-doc-1.26.1-150000.1.6.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.26-race-1.26.1-150000.1.6.1.s390x",
"product": {
"name": "go1.26-race-1.26.1-150000.1.6.1.s390x",
"product_id": "go1.26-race-1.26.1-150000.1.6.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.26-1.26.1-150000.1.6.1.x86_64",
"product": {
"name": "go1.26-1.26.1-150000.1.6.1.x86_64",
"product_id": "go1.26-1.26.1-150000.1.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"product": {
"name": "go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"product_id": "go1.26-doc-1.26.1-150000.1.6.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.26-race-1.26.1-150000.1.6.1.x86_64",
"product": {
"name": "go1.26-race-1.26.1-150000.1.6.1.x86_64",
"product_id": "go1.26-race-1.26.1-150000.1.6.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-development-tools:15:sp7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP6-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp6"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.1-150000.1.6.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.aarch64"
},
"product_reference": "go1.26-1.26.1-150000.1.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.1-150000.1.6.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.ppc64le"
},
"product_reference": "go1.26-1.26.1-150000.1.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.1-150000.1.6.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.s390x"
},
"product_reference": "go1.26-1.26.1-150000.1.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.1-150000.1.6.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.x86_64"
},
"product_reference": "go1.26-1.26.1-150000.1.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.1-150000.1.6.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.aarch64"
},
"product_reference": "go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.1-150000.1.6.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.ppc64le"
},
"product_reference": "go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.1-150000.1.6.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.s390x"
},
"product_reference": "go1.26-doc-1.26.1-150000.1.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.1-150000.1.6.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.x86_64"
},
"product_reference": "go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.1-150000.1.6.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.aarch64"
},
"product_reference": "go1.26-race-1.26.1-150000.1.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.1-150000.1.6.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.ppc64le"
},
"product_reference": "go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.1-150000.1.6.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.s390x"
},
"product_reference": "go1.26-race-1.26.1-150000.1.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.1-150000.1.6.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.x86_64"
},
"product_reference": "go1.26-race-1.26.1-150000.1.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.1-150000.1.6.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.1-150000.1.6.1.aarch64"
},
"product_reference": "go1.26-1.26.1-150000.1.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.1-150000.1.6.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.1-150000.1.6.1.x86_64"
},
"product_reference": "go1.26-1.26.1-150000.1.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.1-150000.1.6.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.aarch64"
},
"product_reference": "go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.1-150000.1.6.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.x86_64"
},
"product_reference": "go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.1-150000.1.6.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.1-150000.1.6.1.aarch64"
},
"product_reference": "go1.26-race-1.26.1-150000.1.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.1-150000.1.6.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.1-150000.1.6.1.x86_64"
},
"product_reference": "go1.26-race-1.26.1-150000.1.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.1-150000.1.6.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64"
},
"product_reference": "go1.26-1.26.1-150000.1.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.1-150000.1.6.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64"
},
"product_reference": "go1.26-1.26.1-150000.1.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.1-150000.1.6.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64"
},
"product_reference": "go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.1-150000.1.6.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64"
},
"product_reference": "go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.1-150000.1.6.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64"
},
"product_reference": "go1.26-race-1.26.1-150000.1.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.1-150000.1.6.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64"
},
"product_reference": "go1.26-race-1.26.1-150000.1.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.1-150000.1.6.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.1-150000.1.6.1.aarch64"
},
"product_reference": "go1.26-1.26.1-150000.1.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.1-150000.1.6.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.1-150000.1.6.1.x86_64"
},
"product_reference": "go1.26-1.26.1-150000.1.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.1-150000.1.6.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.aarch64"
},
"product_reference": "go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.1-150000.1.6.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.x86_64"
},
"product_reference": "go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.1-150000.1.6.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.1-150000.1.6.1.aarch64"
},
"product_reference": "go1.26-race-1.26.1-150000.1.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.1-150000.1.6.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.1-150000.1.6.1.x86_64"
},
"product_reference": "go1.26-race-1.26.1-150000.1.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.1-150000.1.6.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64"
},
"product_reference": "go1.26-1.26.1-150000.1.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.1-150000.1.6.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64"
},
"product_reference": "go1.26-1.26.1-150000.1.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.1-150000.1.6.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64"
},
"product_reference": "go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.1-150000.1.6.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64"
},
"product_reference": "go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.1-150000.1.6.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64"
},
"product_reference": "go1.26-race-1.26.1-150000.1.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.1-150000.1.6.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64"
},
"product_reference": "go1.26-race-1.26.1-150000.1.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.1-150000.1.6.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64"
},
"product_reference": "go1.26-1.26.1-150000.1.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.1-150000.1.6.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.ppc64le"
},
"product_reference": "go1.26-1.26.1-150000.1.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.1-150000.1.6.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.s390x"
},
"product_reference": "go1.26-1.26.1-150000.1.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.1-150000.1.6.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64"
},
"product_reference": "go1.26-1.26.1-150000.1.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.1-150000.1.6.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64"
},
"product_reference": "go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.1-150000.1.6.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.ppc64le"
},
"product_reference": "go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.1-150000.1.6.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.s390x"
},
"product_reference": "go1.26-doc-1.26.1-150000.1.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.1-150000.1.6.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64"
},
"product_reference": "go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.1-150000.1.6.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64"
},
"product_reference": "go1.26-race-1.26.1-150000.1.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.1-150000.1.6.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.ppc64le"
},
"product_reference": "go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.1-150000.1.6.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.s390x"
},
"product_reference": "go1.26-race-1.26.1-150000.1.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.1-150000.1.6.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64"
},
"product_reference": "go1.26-race-1.26.1-150000.1.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.1-150000.1.6.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64"
},
"product_reference": "go1.26-1.26.1-150000.1.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.1-150000.1.6.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.ppc64le"
},
"product_reference": "go1.26-1.26.1-150000.1.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.1-150000.1.6.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.s390x"
},
"product_reference": "go1.26-1.26.1-150000.1.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.1-150000.1.6.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64"
},
"product_reference": "go1.26-1.26.1-150000.1.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.1-150000.1.6.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64"
},
"product_reference": "go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.1-150000.1.6.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.ppc64le"
},
"product_reference": "go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.1-150000.1.6.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.s390x"
},
"product_reference": "go1.26-doc-1.26.1-150000.1.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.1-150000.1.6.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64"
},
"product_reference": "go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.1-150000.1.6.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64"
},
"product_reference": "go1.26-race-1.26.1-150000.1.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.1-150000.1.6.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.ppc64le"
},
"product_reference": "go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.1-150000.1.6.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.s390x"
},
"product_reference": "go1.26-race-1.26.1-150000.1.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.1-150000.1.6.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64"
},
"product_reference": "go1.26-race-1.26.1-150000.1.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.1-150000.1.6.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64"
},
"product_reference": "go1.26-1.26.1-150000.1.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.1-150000.1.6.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.ppc64le"
},
"product_reference": "go1.26-1.26.1-150000.1.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.1-150000.1.6.1.s390x as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.s390x"
},
"product_reference": "go1.26-1.26.1-150000.1.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.1-150000.1.6.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64"
},
"product_reference": "go1.26-1.26.1-150000.1.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.1-150000.1.6.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64"
},
"product_reference": "go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.1-150000.1.6.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.ppc64le"
},
"product_reference": "go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.1-150000.1.6.1.s390x as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.s390x"
},
"product_reference": "go1.26-doc-1.26.1-150000.1.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.1-150000.1.6.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64"
},
"product_reference": "go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.1-150000.1.6.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64"
},
"product_reference": "go1.26-race-1.26.1-150000.1.6.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.1-150000.1.6.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.ppc64le"
},
"product_reference": "go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.1-150000.1.6.1.s390x as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.s390x"
},
"product_reference": "go1.26-race-1.26.1-150000.1.6.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.1-150000.1.6.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64"
},
"product_reference": "go1.26-race-1.26.1-150000.1.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.1-150000.1.6.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.1-150000.1.6.1.ppc64le"
},
"product_reference": "go1.26-1.26.1-150000.1.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.1-150000.1.6.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.1-150000.1.6.1.x86_64"
},
"product_reference": "go1.26-1.26.1-150000.1.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.1-150000.1.6.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.1-150000.1.6.1.ppc64le"
},
"product_reference": "go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.1-150000.1.6.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.1-150000.1.6.1.x86_64"
},
"product_reference": "go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.1-150000.1.6.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.1-150000.1.6.1.ppc64le"
},
"product_reference": "go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.1-150000.1.6.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.1-150000.1.6.1.x86_64"
},
"product_reference": "go1.26-race-1.26.1-150000.1.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.1-150000.1.6.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.1-150000.1.6.1.ppc64le"
},
"product_reference": "go1.26-1.26.1-150000.1.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.1-150000.1.6.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.1-150000.1.6.1.x86_64"
},
"product_reference": "go1.26-1.26.1-150000.1.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.1-150000.1.6.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.1-150000.1.6.1.ppc64le"
},
"product_reference": "go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.1-150000.1.6.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.1-150000.1.6.1.x86_64"
},
"product_reference": "go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.1-150000.1.6.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.1-150000.1.6.1.ppc64le"
},
"product_reference": "go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.1-150000.1.6.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.1-150000.1.6.1.x86_64"
},
"product_reference": "go1.26-race-1.26.1-150000.1.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.1-150000.1.6.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.1-150000.1.6.1.ppc64le"
},
"product_reference": "go1.26-1.26.1-150000.1.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.1-150000.1.6.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.1-150000.1.6.1.x86_64"
},
"product_reference": "go1.26-1.26.1-150000.1.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.1-150000.1.6.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.1-150000.1.6.1.ppc64le"
},
"product_reference": "go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.1-150000.1.6.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.1-150000.1.6.1.x86_64"
},
"product_reference": "go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.1-150000.1.6.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.1-150000.1.6.1.ppc64le"
},
"product_reference": "go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.1-150000.1.6.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.1-150000.1.6.1.x86_64"
},
"product_reference": "go1.26-race-1.26.1-150000.1.6.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.1-150000.1.6.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.aarch64"
},
"product_reference": "go1.26-1.26.1-150000.1.6.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.1-150000.1.6.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.ppc64le"
},
"product_reference": "go1.26-1.26.1-150000.1.6.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.1-150000.1.6.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.s390x"
},
"product_reference": "go1.26-1.26.1-150000.1.6.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-1.26.1-150000.1.6.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.x86_64"
},
"product_reference": "go1.26-1.26.1-150000.1.6.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.1-150000.1.6.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.aarch64"
},
"product_reference": "go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.1-150000.1.6.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.ppc64le"
},
"product_reference": "go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.1-150000.1.6.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.s390x"
},
"product_reference": "go1.26-doc-1.26.1-150000.1.6.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-doc-1.26.1-150000.1.6.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.x86_64"
},
"product_reference": "go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.1-150000.1.6.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.aarch64"
},
"product_reference": "go1.26-race-1.26.1-150000.1.6.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.1-150000.1.6.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.ppc64le"
},
"product_reference": "go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.1-150000.1.6.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.s390x"
},
"product_reference": "go1.26-race-1.26.1-150000.1.6.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.26-race-1.26.1-150000.1.6.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.x86_64"
},
"product_reference": "go1.26-race-1.26.1-150000.1.6.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-25679",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-25679"
}
],
"notes": [
{
"category": "general",
"text": "url.Parse insufficiently validated the host/authority component and accepted some invalid URLs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.aarch64",
"openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.ppc64le",
"openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.s390x",
"openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.x86_64",
"openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.s390x",
"openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.s390x",
"openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-25679",
"url": "https://www.suse.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "SUSE Bug 1259264 for CVE-2026-25679",
"url": "https://bugzilla.suse.com/1259264"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.aarch64",
"openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.ppc64le",
"openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.s390x",
"openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.x86_64",
"openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.s390x",
"openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.s390x",
"openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.aarch64",
"openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.ppc64le",
"openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.s390x",
"openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.x86_64",
"openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.s390x",
"openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.s390x",
"openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-11T18:35:26Z",
"details": "moderate"
}
],
"title": "CVE-2026-25679"
},
{
"cve": "CVE-2026-27137",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-27137"
}
],
"notes": [
{
"category": "general",
"text": "When verifying a certificate chain which contains a certificate containing multiple email address constraints which share common local portions but different domain portions, these constraints will not be properly applied, and only the last constraint will be considered.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.aarch64",
"openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.ppc64le",
"openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.s390x",
"openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.x86_64",
"openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.s390x",
"openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.s390x",
"openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-27137",
"url": "https://www.suse.com/security/cve/CVE-2026-27137"
},
{
"category": "external",
"summary": "SUSE Bug 1259266 for CVE-2026-27137",
"url": "https://bugzilla.suse.com/1259266"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.aarch64",
"openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.ppc64le",
"openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.s390x",
"openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.x86_64",
"openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.s390x",
"openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.s390x",
"openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.aarch64",
"openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.ppc64le",
"openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.s390x",
"openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.x86_64",
"openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.s390x",
"openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.s390x",
"openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-11T18:35:26Z",
"details": "moderate"
}
],
"title": "CVE-2026-27137"
},
{
"cve": "CVE-2026-27138",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-27138"
}
],
"notes": [
{
"category": "general",
"text": "Certificate verification can panic when a certificate in the chain has an empty DNS name and another certificate in the chain has excluded name constraints. This can crash programs that are either directly verifying X.509 certificate chains, or those that use TLS.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.aarch64",
"openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.ppc64le",
"openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.s390x",
"openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.x86_64",
"openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.s390x",
"openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.s390x",
"openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-27138",
"url": "https://www.suse.com/security/cve/CVE-2026-27138"
},
{
"category": "external",
"summary": "SUSE Bug 1259267 for CVE-2026-27138",
"url": "https://bugzilla.suse.com/1259267"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.aarch64",
"openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.ppc64le",
"openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.s390x",
"openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.x86_64",
"openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.s390x",
"openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.s390x",
"openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.aarch64",
"openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.ppc64le",
"openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.s390x",
"openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.x86_64",
"openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.s390x",
"openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.s390x",
"openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-11T18:35:26Z",
"details": "important"
}
],
"title": "CVE-2026-27138"
},
{
"cve": "CVE-2026-27139",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-27139"
}
],
"notes": [
{
"category": "general",
"text": "On Unix platforms, when listing the contents of a directory using File.ReadDir or File.Readdir the returned FileInfo could reference a file outside of the Root in which the File was opened. The impact of this escape is limited to reading metadata provided by lstat from arbitrary locations on the filesystem without permitting reading or writing files outside the root.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.aarch64",
"openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.ppc64le",
"openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.s390x",
"openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.x86_64",
"openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.s390x",
"openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.s390x",
"openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-27139",
"url": "https://www.suse.com/security/cve/CVE-2026-27139"
},
{
"category": "external",
"summary": "SUSE Bug 1259268 for CVE-2026-27139",
"url": "https://bugzilla.suse.com/1259268"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.aarch64",
"openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.ppc64le",
"openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.s390x",
"openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.x86_64",
"openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.s390x",
"openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.s390x",
"openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.aarch64",
"openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.ppc64le",
"openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.s390x",
"openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.x86_64",
"openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.s390x",
"openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.s390x",
"openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-11T18:35:26Z",
"details": "moderate"
}
],
"title": "CVE-2026-27139"
},
{
"cve": "CVE-2026-27142",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-27142"
}
],
"notes": [
{
"category": "general",
"text": "Actions which insert URLs into the content attribute of HTML meta tags are not escaped. This can allow XSS if the meta tag also has an http-equiv attribute with the value \"refresh\". A new GODEBUG setting has been added, htmlmetacontenturlescape, which can be used to disable escaping URLs in actions in the meta content attribute which follow \"url=\" by setting htmlmetacontenturlescape=0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.aarch64",
"openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.ppc64le",
"openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.s390x",
"openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.x86_64",
"openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.s390x",
"openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.s390x",
"openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-27142",
"url": "https://www.suse.com/security/cve/CVE-2026-27142"
},
{
"category": "external",
"summary": "SUSE Bug 1259265 for CVE-2026-27142",
"url": "https://bugzilla.suse.com/1259265"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.aarch64",
"openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.ppc64le",
"openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.s390x",
"openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.x86_64",
"openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.s390x",
"openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.s390x",
"openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:go1.26-race-1.26.1-150000.1.6.1.x86_64",
"openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.aarch64",
"openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.ppc64le",
"openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.s390x",
"openSUSE Leap 15.6:go1.26-1.26.1-150000.1.6.1.x86_64",
"openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.aarch64",
"openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.ppc64le",
"openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.s390x",
"openSUSE Leap 15.6:go1.26-doc-1.26.1-150000.1.6.1.x86_64",
"openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.aarch64",
"openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.ppc64le",
"openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.s390x",
"openSUSE Leap 15.6:go1.26-race-1.26.1-150000.1.6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-03-11T18:35:26Z",
"details": "moderate"
}
],
"title": "CVE-2026-27142"
}
]
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.